Should Your IT Provider Assume Responsibility for Mitigating a Ransomware Attack?

It’s not a virus, but ransomware is an epidemic anyway, taking company after company to their knees for days at a time and costing hundreds or thousands – especially for those paying the hackers. According to a report from McAfee, researchers saw more than 4 million samples of ransomware in the second quarter of 2015, including 1.2 million that were new, and expects those instances to grow in 2016.

Many companies assume that it’s just a matter of time until they join the list. But it doesn’t have to be that way. You can protect your company from a ransomware attack by working with the right IT services provider.

If your IT or managed services provider assumes complete responsibility for a ransomware attack, you can bet they are leveraging the very best combination of multi-layered security designs, advanced technology and stringent processes to make sure ransomware doesn’t happen to you. Because if it happens to you, it happens to them too -- they’re the ones that have to expend resources to clean it up and make you whole.

Here are the most important things to look for in a IT provider that really has your back when it comes to ransomware:

  1. They have a strong incentive to own the risk. When you choose an all-in, end-to-end managed services provider to support your network for a flat monthly fee, they assume responsibility for keeping the network running and your data / applications accessible. Their viability and profitability come from living up to that promise.
  2. They use a multi-layer security strategy and actively manage it. These layers are constantly changing because security is a moving target. Staying on top of security is a full-time job.Too many ransomware attacks start because an end user opens a malicious email or visits a compromised website.
  3. They insist on a strong backup process. In case security measures do fail, a strong backup is performed very frequently and takes a snapshot of the data, updating only those files that have changed. Backups are well managed and regularly audited to ensure they cover everything. This approach means data can be restored in minutes, not hours.
  4. They are audited and penetration-tested regularly by a third-party. Highly competent IT providers invest in their own third-party auditing and penetration testing so they can learn from the findings and increase their security that much more.
  5. They act fast at the first sign of an attempted breach, because they can. When an IT service provider takes on a large number of clients, especially if some pay by the hour and not on contract, they tend to get stretched thin. If your system is attacked, they may have trouble assigning sufficient resources to act fast. A provider with a boutique business model hand-picks clients. Thus they are incentivized to be proactive and prevent issues before they occur.

The Ponemon Institute, a security authority, anonymously surveyed hackers themselves. They found 69% of attackers admitting they quit when the targeted company has a strong defense. Organizations with strong defenses take attackers more than double the time to plan and execute attacks, with the majority moving on if unsuccessful after 40 hours.

By partnering with an MSP or IT service provider fully invested in attack prevention, you become one of those protected companies.