It’s no secret that ransomware has turned into a billion-dollar industry. As we found out in Datto's Global Ransomware Report, ransomware costs small businesses around $8,500 an hour, totaling over 75 billion per year. With ransomware turning into a full-fledged cybersecurity epidemic, a lack of employee training can be a disastrous combination. To help MSPs educate businesses about ransomware, we created a checklist to ensure critical business data is protected.

  • Conduct a security risk assessment. Understand potential security threats (e.g., downtime from ransomware) and the impact they may have on your business (lost revenue). Use this information to shape a security strategy that meets your specific needs.

  • Train your employees. Because cybersecurity threats are constantly evolving, an ongoing semi-annual training plan should be implemented for all employees. This should include examples of threats, as well as instruction on security best practices (e.g., lock laptops when away from your desk). Hold employees accountable.

  • Protect your network and devices. Implement a password policy that requires strong passwords that expire every 90 days. Deploy firewall, VPN and antivirus technologies to ensure your network and endpoints are not vulnerable to attacks. Consider implementing multi-factor authentication. Ongoing network monitoring should also be considered essential. Encrypt hard drives.

  • Keep software up-to-date. It is essential to use up-to-date software products and be vigilant about patch management. Cyber criminals exploit software vulnerabilities using a variety of tactics to gain access to computers and data.

  • Create straightforward cybersecurity policies. Write and distribute a clear set of rules and instructions on cybersecurity practices for employees. This will vary from business to business but may include policies on social media use, bring your own device, authentication requirements, etc.

  • Back up your data. Daily backups are a requirement to recover from data corruption or loss resulting from security breaches. Consider using a modern data protection tool that takes incremental backups of data periodically throughout the day to prevent data loss.

With this handy checklist, your clients will be well on their way to protecting their data and avoiding any cybersecurity threats that may come their way. For even more tips on all things cybersecurity, check out The Essential Cybersecurity Toolkit for SMBs.