A hand inputs a PIN into an IronKey VP80ES on a desk next to a laptop & notebook with manila folder.

How to Protect Your SMB from Ransomware

Did you know that over three in four organizations were targeted by ransomware in 2022? Data disasters are not an everyday issue, which is why they so often take people by surprise. Every small and medium-sized business should have a plan for dealing with ransomware, since more than any organization, they can’t afford to lose their data. Kingston IronKey offers hardware-based encryption options to securely back up your company’s critical data. The line offers data protection against numerous varieties of cyber-attacks and can provide a means of circumventing ransomware demands.

What does ransomware do?

The FBI calls ransomware a type of malware that prevents computer users from accessing their files, systems, or networks until a ransom is paid. It finds its way onto computers via email attachments, by clicking on ads, following links, or just visiting a site infested with malware. It is rarely apparent right away. The first sign of ransomware on your computer is usually when you can no longer access your data and a message demanding a ransom payment flash. Often, your data files are encrypted with no way to overcome the encryption.

The FBI recommends that ransomware victims do not pay their attackers to recover their data. As well as encouraging further ransomware attacks (80% of ransomware victims suffer repeat attacks), there is no guarantee that access to your data will be returned. Payments are often demanded in Bitcoin, which is untraceable and cannot be recovered if your data is left inaccessible.

Why do cybercriminals attack SMBs?

A computer monitor with out-of-focus blue code on black background. A visible pop-up: ACCESS DENIED

The common belief among cybercriminals appears to be that small and mid-sized businesses are less capable of protecting themselves from ransomware than large corporations or government agencies. While the payout might be smaller, they are easier prey, with only 14% of targeted SMBs equipped to handle cyberattacks. This is why SMBs make up nearly 43% of cybercriminal targets. Three in four SMBs would grind to a halt if hit with ransomware, making them extremely likely to pay out rather than risk permanent closure.

How Kingston IronKey can help

Kingston IronKey offers an alternative to flinging small fortunes in Bitcoin at cybercriminals in the vague hope of reciprocity. Using an external encrypted SSD like the Kingston IronKey Vault Privacy 80 External SSD as a backup ensures that there are terabytes of firmly gated, air-gapped data that cybercriminals cannot access. Air-gapped backups ensure that your data is not connected to the internet.

You can use the backup drive to revert your primary system back to a point before the ransomware was installed. As the VP80ES is XTS-AES 256-bit hardware-encrypted, it is near-impossible for a hacker to break the encryption on the drive. This means it makes a better backup than Cloud solutions, as it is more secure. Cloud backups can be affected by breaches as well, and a Cloud breach sometimes results in the Cloud service being inaccessible as the Cloud server security issues are addressed, resulting in potential delays in accessing critical backup data when needed.

Of course, when it comes to data security, redundancy is important. The best practice is to use the 3-2-1 strategy, recommended by the Cybersecurity and Infrastructure Security Agency.

The 3-2-1 strategy is as follows:

  • Keep 3 copies of the data – the original as well as two copies
  • Use different drives and do not store multiple backups on just one drive
  • Keep 1 copy offsite so you have options in the event of a disaster (such as flooding, hurricanes, or blizzards) that destroy one or both of your active backup drives or renders them inaccessible.

An addition to the 3-2-1 strategy for Flash-based storage is to ensure that all backups are refreshed no less than once per year, so backup drives do not develop issues that are not detected until too late, resulting in data loss.

Backing up your data

A futuristic, dimly-lit server room with a glass ceiling and electric blue lighting. A sysadmin stands at the end of the room, checking a laptop.

While hardware is replaceable, data isn’t. Regular backups are the most responsible thing you can do with your SMB’s data. Here are a few ways to leverage Windows or macOS systems to back up your data onto an external encrypted SSD:

Backing up on Windows

Windows 11
  1. Go to "Control Panel" then "System and Security" and then "Backup and Restore"
  2. Click "Set up backup" under "Backup"
  3. Click "Backup Drive" then click "Next"
  4. Click "Let Windows Choose" → click "Next"
  5. Click "Save settings and run backup"
Windows 10

Use File History to back up to an external drive or network location.

Select: Start-> Settings (Gear Icon) -> Update & Security -> Backup-> Add a drive, and then choose the encrypted external SSD to be your backup destination.

Backing up on macOS

  1. Connect the encrypted external SSD drive to Mac via USB-C cable.
  2. Use hub adapter if necessary for older Macs.
  3. Click on Apple menu and access System Settings.
  4. Navigate to ‘General’ in the sidebar, then click on ‘Time Machine’.
  5. Link the drive to Time Machine by selecting Add Backup Disk… Follow on-screen instructions for setup.
  6. The Initial backup will take a long time as it duplicates the entire sysem's hard drive. Future backups will take less time.
  7. Connect VP80ES drive to Mac via USB-C cable.

Tip: If you have a backup drive twice the size of your Mac’s capacity, you can do rolling backups, which makes the process more efficient.

How to Implement the 3-2-1 Strategy

With the 3-2-1 strategy, backup your system onto 3 VP80ES units the first time. Then, store one VP80ES offsite. Then, periodically (daily/weekly), alternate between the two drives to back up your system.

Then, weekly, or as needed, swap one of the two active backup drives with the offsite one and backup your computer on the offsite drive, which is now part of your regular backup set.

This swapping of one of the regular backup drives with the offsite backup drive continues a regular basis, so that if the two regular backup drives are lost or unusable, the offsite backup drive is available and will reduce your data loss impact without materially affecting your business.

With your SMB’s vital data protected by an encrypted drive (or preferably multiple encrypted drives in different locations), you will restore your systems back to a pre-ransomware state in the event of a disaster. As well as minimizing your company’s downtime, you will also signal to bad actors that your SMB is inoculated against cybercrime, making it less likely that you will be targeted again. Only 17% of small businesses encrypt their data, but by doing so, you are making yourself much less of a target. The average amount a business saves through robust encryption and well-enforced cybersecurity measures is $1.4 million–not total, but per attack.

#KingstonIsWithYou #KingstonIronKey

Related Videos

Related Articles