Protect Your Office 365 Data from Ransomware


If you’re storing data in Microsoft Office 365 Exchange Email, OneDrive for Business, or SharePoint, it’s important to ensure your data is protected from Ransomware attacks, just like data stored on local Servers.  If you are the target of a Ransomware attack, and your email and/or files are encrypted, email and files synchronized to Office 365 will also be encrypted.

As for your email, the only options for recovery would be to pay the ransom or have a third party cloud-to-cloud backup solution in place from which to restore your data.

OneDrive for Business and SharePoint have the ability to restore previous versions of files, but that won’t eliminate the downtime experienced while you recover those files. Microsoft has announced they will be releasing File Restore to OneDrive for Business and that this should be available by mid-February, 2018. This will allow restore of all file types, and even an entire OneDrive, to a previous time within the last 30 days.

Reducing the likelihood of a Ransomware attack in the first place should be the primary goal. Here are 5 suggestions to help protect yourself:

1. Email Protection: While Microsoft’s Exchange Online includes virus and spam filtering, adding Advanced Threat Protection (ATP) will provide:
* protection for your mailboxes against new, sophisticated attacks in real-time
* protection against unsafe attachments
* expanded protection against malicious links – clicked links are examined in real time and if unsafe, the user is warned not to visit the site or that the site has been blocked.
* reporting on blocked messages and individual malicious links in messages that have been clicked

2. Web Protection: Using a secure and up-to-date web browser is important. Setting up a master password for your browser (see Options – Privacy & Security – Forms & Passwords) is a great idea, especially if you have memorized usernames and passwords for sites you visit. That way, no one who gains access to your computer and launches your web browser, can see your memorized details, without your master password. It is also advisable to use a business-class firewall with web content filtering capabilities, to block bad web sites that may be the source of Ransomware or other types of attacks.

3. Software Patches & Updates: Ensure you have a system in place where Microsoft and other software application security patches and updates are regularly applied to all computers on your network. BSC provides this service to all our clients.

4. Virus/Malware Protection: Ensure you have a reputable anti-virus/anti-malware software running on all computers and that it is kept up-to-date.

5. Computer Operating Systems: Microsoft’s Windows 10 Professional operating system has a number of new and improved security features, so moving to this operating system as soon as possible is advisable. With support for Windows 7 set to expire in January 2020, replacing or upgrading your Windows 7 computers sooner rather than later is a good idea in any case.

If you do get attacked, the best recourse is to have a secure and reliable cloud backup and restore solution.  BSC Solutions Group offers an affordable solution which backs up your email, calendar, contacts, OneDrive for Business files & folders plus SharePoint, to a third party cloud.  And… there’s no limit on retention times. Contact us today for more information.