Ransomware is a serious threat that costs a lot of unbudgeted dollars to fix. Effective protection is available! Here’s what I recommend for how to protect against ransomware.
Understanding the Threat
Ransomware is not like most malware threats that slip into systems under the radar. Ransomware is a malware that must be invited in.
How to Protect Against Ransomware
3 Steps That Will Raise Your Protected Status to “Very High”
- Because ransomware must be invited in by a user of your system, it is essential to train your staff on how to recognize malicious links and avoid them. A better way to think of that may be to train your team to recognize good email and website links, so they know to avoid those that are different.
The best tool we’ve found for that is a solution called KnowBe4. Here’s what I wrote about them in my most recent book, Church IT:
- We have many team members who feel they are too busy or can’t be bothered with learning secure email practices.
- Many feel they know what they’re doing already.
- Many of those same people are the very ones who click on links in email that infect their computer or, worse, the data drive. Some get their identity stolen or, again even worse from an organizational perspective, transfer tens of thousands of dollars because someone duped them into believing the pastor or ministry leader wanted— or needed— them to.
Welcome to the rescue, KnowBe4! This service lets you set up an account and campaign that sends your team emails that look real, but are actually safe SPAM. Anyone who responds inappropriately (such as clicking a link or completing an embedded form) gets put into a kind of limbo, which he or she can only escape by watching a short, well-done online video explaining what he or she did wrong.
KnowBe4 is “best of breed,” and we recommend subscribing to their Platinum Tier. (Note: My firm was able to negotiate a great discount with them for churches and ministries. Any church or ministry that contacts KnowBe4 at 855.566.9234 or via email@example.com and says MBS, Inc. referred it will receive a 55% discount. MBS does not profit from this or any other transaction for a solution we recommend.)
- Malware threats are everywhere. Websites, emails, text messages… and wisdom suggests it’s best to protect with the best tools possible. We recently moved our anti-malware spec to SentinelOne. Instead of relying solely on malware signatures (database of known threats), it uses Artificial Intelligence (AI) to protect from malware agents— even those that are too new to be in malware signature databases.
Through an arrangement with our preferred solution distributor, pax8, and because my firm (MBS) isn’t allowed in its by-laws to make money on hardware and software it recommends, Christian churches and ministries are able to get SentinelOne Control for about $3/computer/month! There are a couple of caveats:
- To get SentinelOne Control for that low price, you need to setup a pax8 account via the form at mbsinc.com. Doing so is not restricted to MBS clients! Any Christian church or ministry can do this!
- SentinelOne Control is not a simple installation. You may have an IT department who can do it, or an IT vendor who can. If not, MBS is available to help at its normal hourly rate. To get help from MBS, simply email firstname.lastname@example.org.
- If ransomware somehow gets through your defensive lines of training and protection, your best last-line-of-defense is having a good backup strategy. Whether onsite or online, being able to restore your data and systems to a moment in time before the ransomware hit and began encrypting files is the shortest and least expensive path to restored ministry.
Ransomware is scary, but it can be well-fought and even overcome with these three strategies in place.
Nick Nicholaou is author of Church IT: Using Information Technology for the Mission of The Church and is president of MBS, an IT consulting firm specializing in church and ministry computer networks, VoIP, and private cloud hosted services. You can reach Nick at email@example.com.