Which Creates More Issues for SMBs?
Asking questions like this is simply asking, which is the lesser of these two evils? Neither is wanted or preferred. And both cause substantial damage. So forgive my bluntness, but which sucks less?
Reports have suggested downtime is more damaging, financially than paying the ransom demand. This is contingent upon several varying factors, including:
- amount of ransom demand
- if backup files are easily retrieved
- how quickly the IT department can get systems working at full capacity
- if a disaster recovery plan is in place
- if a new security solution is implemented to prevent future attacks
Paying the ransom demand is never encouraged. It actually puts a target on your back for future attacks, and there is no guarantee the hackers will release the data after receiving their payment.
Now, think of the damage this would create for SMBs. The dangers are a bit higher for an SMB, after all, this is their livelihood. Some may say this is no different than any business, but I would care to challenge them. Larger businesses bounce back far faster than an SMB. Think about Target’s reputational damage following their breach years ago. Had that happened to an SMB, they would never be able to recover. Yet, Target remains successful.
SMBs need a good reputation, the must be able to work, and do so at full capacity. If their business is down for days or weeks at a time, they suffer reputational damage, as well as significant loss of productivity and profitability. Depending on the length of downtime, their clients may go elsewhere. Not because they lack loyalty, but they have their own needs that must be met too. In the long run, this can crush an SMB. A Colorado printing company just shut their doors after five years of business because they couldn’t bounce back after a ransomware attack.
These threats are real, and it’s time business owners started being proactive and protect their devices, and the data on them, from modern cyber threats. To do so, business owners are encouraged to do the following:
- Employ a security solution that uses an automated whitelist technology
- Keep the operating system and third-party applications updated
- Complete an audit of admin rights, and disable all who do not need access
- Disable Macros
- Disable unused RDP ports
1,924 total views, 2 views today