water and flames

Ransomware containment: protecting against ransomware attack

Summary

Like sprinkler systems that stop fires, RansomCare stops active ransomware outbreaks.

Time: 4 minute read

Ransomware and an office fire are a lot alike. And protecting against a ransomware attack is a lot like fire-proofing your office.

To prevent a fire, you have fire doors and fire-proof floors in production areas. To keep arsonists out, access is only granted via keycard. You might even have cameras watching entrances. Fire extinguishers are everywhere.

You also have smoke detectors everywhere. But with all the fire-proofing measures, why do you need smoke detectors? Because we know that all of the above measures don’t work 100% of the time. 

So, you put smoke detectors in your building to notify everyone when a fire is starting.

But a smoke detector can’t stop a fire. So, your building has a sprinkler system to account for this potential need. You hope it will never activate, but it is there to cope with the worst-case scenario.

 

How ransomware prevention security is like fire prevention measures 

Endpoint and server security measures work much like fire prevention.

Anti-spam email monitoring and endpoint protection for workstations and servers act like fire doors, keycards, and smoke detectors. Their purpose is to prevent a security event from happening. Should malware get in, most of these solutions will alert you (like a smoke detector) of the situation. In most cases, these measures prevent a security event. 

But what happens if an attack unfolds and encryption begins?

 

The missing element in ransomware prevention

Ransomware protection measures have typically lacked the “sprinkler system” to put out the fire. What would this sprinkler look like? It would stop the ongoing encryption from escaping the PC or device and locking up files across the business.

Today that has changed. The “sprinkler system” now exists. 

It’s called RansomCare.

illustration of a padlock in data

A last line of defense designed to put out ransomware fires

RansomCare steps in to stop encryption when standard prevention measures fail. And considering the average Q3 2020 payment averaged $233,817, it is clear that those measures do fail.1

Most security solutions aim to identify malware and prevent it from entering and executing. Yet, despite using advanced endpoint protection technologies, organizations continue to fall victim to ransomware.

That’s not to say these solutions don’t do an excellent job. They do. They easily stop the vast majority of attacks. But just like our fire prevention, they don’t stop 100% of attacks 100% of the time.

And once encryption begins, they have no way to stop it.

RansomCare, however, does.

Rather than looking for malware or ransomware or trying to recognize malicious behavior, it focuses on the worst-case scenario – an outbreak.

Here’s how it works… 

  • RansomCare monitors your file shares on-premises and in the cloud. As soon as a user requests a file (Word, Excel, PPT, etc.), the monitoring watches for the start of illegitimate encryption. 
  • If encryption has begun, it immediately isolates the workstation(s) or device(s) and sends alerts to your security team. 
  • And with the system’s reporting, you know which user and which devices are infected for restoration.

The missing piece of ransomware protection – without the overhead

Most business leaders, IT professionals, and security experts would probably agree that another application or a little extra work is worth it to contain and stop ransomware.

At the same time, additional security applications running on endpoints slow workstation speed. Programs can take longer to load. It’s a quiet, slow erosion of productivity.  

The time required to maintain and update all of the endpoints and servers places a burden on IT teams. After all, missing one endpoint or file share is a vulnerability. 

And that is what makes RansomCare different. 

RansomCare is an agentless “sprinkler system” defense against a ransomware outbreak. There are no agents to install on endpoints, servers, or file shares.

In fact, as a cloud application, you don’t even need to load an application on your network. The only setup is configuration and integration with your other security solutions (as desired).

 

Is RansomCare the answer for you?

RansomCare does not replace your current security solutions, policies, and protections. It complements them, providing an additional critical layer of protection missing today.

Its purpose is to act like that “sprinkler” to put out the worst-case scenario of a ransomware outbreak. Ransomware can encrypt 10,000 files per minute per device. If five endpoints were compromised, you could lose 50,000 files each minute.

Isolation limits the impact to one device or file share. And that’s why the containment offered by RansomCare addresses the question that keeps many business leaders, IT professionals, and security executives awake at night:

What can we do if a ransomware outbreak occurs?

With RansomCare, you know the answer. The infected device will be isolated, and the impact on your business dramatically reduced.

To see more details of how it works, check out our RansomCare services page.

For a detailed summary of the software, you can visit our RansomCare software page.

Or, if this final layer of ransomware protection is what you’ve been waiting for, you can speak with one of our representatives for more details.

 

Recommended for you

Reliable cloud IT services and support CrossWinds Counseling and Wellness transformed their organization and saved over $100,000 with Cloud and IT services from Ricoh
Rogue IT downloads harm business Rogue IT downloads impact your business, but a "one-size-fits-all" IT policy won't work for business units across the organization.
Advanced malware attacks: 3 ways to protect your business To defend against malware infection, you need a three-pronged approach: user education, anti-malware software and up-to-date applications / IT awareness.
1Q3 - Ransomware Marketplace Report, Coveware. https://www.coveware.com/blog/q3-2020-ransomware-marketplace-report
 
Cookie Policy

Ricoh uses data collection tools such as cookies to provide you with a better experience when using this site.
You can learn how to change these settings and get more information about cookies here.