Ransomware defense is not something that CPA firms can afford to neglect. Ransomware is a broad name given to a class of rogue software that is maliciously used to encrypt unsuspecting CPA firms’ files. Once the virus is in place on a workstation or a server, the owner of the malicious software can then demand that a ransom be paid by the firm before they will restore access to the infected files. A successful ransomware attack has the potential to greatly harm a firm. Some firms choose to pay the ransom and hope that the cyber criminals will return their data. Others might refuse to pay the ransom and make an attempt to recover their data. The global total cost of ransomware attacks in 2016 was close to a billion dollars. Even in positive scenarios, where firms are able to get their data back, the cost in terms of lost time and money spent on recovery can be significant. As technology progresses, and cyber criminals become more sophisticated in their attacks, the danger to accounting firms only increases.
While the negative potential of a ransomware infection exists, CPA firms are not powerless when it comes to mounting a successful defense. Working in a properly configured and secured environment, like the Xcentric Cloud, can protect firms from many of the dangers of a ransomware infection. Multiple levels of defense are built into the Xcentric Cloud to prevent ransomware from affecting firms.
Mimecast Email Protection
Most ransomware threats are introduced to a network when they are included as an attachment in an email message. Mimecast spam filtering prevents dangerous emails from even being delivered to end users’ mailboxes.
Targeted Threat Protection: Attachment Protect
This optional feature from Mimecast protects against malicious attachments by providing firms with the ability to sandbox and pre-scan attachments before delivery.
Bitdefender and Trend Micro Antivirus
Up-to-date and high-performing antivirus software, like Bitdefender and Trend Micro, continuously scan both the cloud environment and local users’ desktops to ensure that any malware that might make it past the perimeter defenses is prevented from spreading through the network.
In the rare event that a malicious piece of software makes it onto a users’ workstation, Xcentric consultants quickly take action. The Xcentric Cloud is designed so that no data is stored on an individual users’ workstation. This means that the affected user can immediately login and get back to work on a spare workstation, while Xcentric Consultants clean the infected workstation. Consultants will then scan the servers to prevent the spread of the virus. If any server data is affected or encrypted by malware, Xcentric backups of the data can quickly be restored. This eliminates the need for firms to pay any ransoms and greatly reduces the risk of losing client data. Recovery from malware attacks in the Xcentric Cloud is a service that is considered part of the standard support that Xcentric provides to all of their clients and does not require additional charges or fees.
A major piece in preventing a successful attack is effective user education and training. While multiple defenses are in place in the Xcentric Cloud, it’s important for users to understand the threat that malware poses and to understand what an incoming attack may look like. In addition to the aggressive defenses put in place, Xcentric also seeks to educate and equip CPA users on how to work securely. Webinars with industry experts, timely updates on trending security issues, and general support conversations with savvy and personable consultants are all part of the proactive information strategy that Xcentric uses to keep firms safe.
A malware attack of any kind is detrimental to the productivity of any firm. For many firms, the result of a successful attack is lost time, lost data, and lost money. Firms working in the Xcentric Cloud are rarely affected by malware. If a user does happen to open a virus on their workstation, the treatment plan that Xcentric has in place quickly eliminates the threat, restores any affected data, and gets users quickly back to work.