written by Simon
Small and medium businesses (SMBs) cannot be exempt from ransomware attacks. However, they cannot afford to follow the general recommendations to prevent ransomware attack due to lack of budget and human resources. While big enterprises have their own dedicated IT security teams, SMBs are mostly defenseless to ransomware attacks. However, we suggest the following four actions to easily prevent ransomware using a file server in SMB.
First, corporate data should be isolated from employees’ PCs and consolidated into a file server. The file server should be utilized as a corporate secure work space in which all files are created, edited, shared and deleted. Ideally, there should be no corporate files in employees’ PCs. It will be much easier for an administrator to focus on managing one file server than hundreds of PCs. Then business continuity can be maintained even if a PC is affected by ransomware.
Second, the file server should be carefully managed under the recommendations for file sever security such as physical separation, encryption, vaccination and log monitoring. In addition, it would be safer if there is file versioning and rights management for copy to prevent insiders from inadvertently or maliciously deleting and copying.
Third, the file server should be a high availability system or backed up to maintain business continuity. It is apparently more effective than backing up individual PCs in terms of cost, traffic and management.
Fourth, available applications in the file server should be whitelisted because sometimes a file server can be consequently infected after ransomware is installed in a shared folder.