It's a Saturday afternoon and my cell phone rings from one of my "providers" (I am going to protect the innocent). They proceed to let me know they were hacked everything was locked up and they have lost all our records. They paid the ransom and it didn't work. They were not able to recover their data. I didn't have the heart to ask if the person was confident in knowing how to decrypt the data. This provider is NOT my client, in which I have talked to them several times about it; but this is not the time to put salt in the wound. So it has prompted me to write this post based on the words from the other side of the phone, "There seemed to be a misunderstanding on who does what and we are not very happy".
Do you know what your technology provider does for you?
Here are my top 2 services that are considered permission to play as a technology service provider.
that run daily (multiple times a day where necessary) and stores a copy of the data at a remote location. This needs to be "sent" and not mirrored. These backups need to be tested regularly... how often you ask? You know the dentist saying; only floss the teeth you want to keep? well, my backup answer is as often as you are ok to rolling back to. Today's technology, backups can script tests and send the notification that PROVES the backup worked. There is no reason not to do it daily! With alert boards, a GREAT service provider can confidently say, yes, my clients are covered. Someone MUST watch your backups on a daily basis.
Advanced Security Protection
technology is now available from several of the big-name players to watch the behavioral of the system and PREVENT file-less hacks (like ransomware). So in lots of cases, the advanced security software rolls back the ransomware. The cost of this subscription is only about $5/user/month. However, this is not just a "McAfee" install; there is configuration and watching that must happens with this. So you want to get this subscription from a Managed Security and Services Provider.
If your technology provider is not doing these; You Are At Risk:
If your technology provider is not communicating; if you are not sure what is happening with your technology; let's talk! It is so discerning to see businesses struggle with sub-standard services. They may be cheaper, but you get what you pay for and when you get ransomware you live with that issue for months if not years.