ChannelLife New Zealand - Industry insider news for technology resellers
Story image
CompTIA urges reseller action over ransomware
Thu, 16th Jun 2016
FYI, this story is more than a year old

CompTIA is urging resellers to be proactive about helping customers protect themselves against ransomware, as the malicious software continues to wreck havoc on businesses across Australia and New Zealand.

Ransomware is a growing threat for Australian and New Zealand businesses, with one security distributor telling ChannelLife this week it was ‘rampant' in the region.

Many affected organisations have opted to simply pay the ransom demanded by the attackers to unencrypt company data.

“However, when that fee is added to the cost of recovering the files and securing the network, the overall price of a ransomware attack is significant,” CompTIA says.

Moheb Moses, CompTIA ANZ channel community director, says at a minimum organisations should have adequate backup and disaster recovery plans in place.

“This negates the need to pay the ransom; the business can simply restore its files from the most recent backup,” Moses says.

“This proves how important it is to have a recovery plan in place and to make sure it works.

The industry body says it has identified three less conventional but high value measures that every MSP should consider offering their clients: a comprehensive security assessment, disaster recovery and backup plan development and end user training.

“By covering these three areas, MSPs can help ensure their customers are protected from ransomware and similar attacks,” Moses says.

CompTIA warns that no matter how robust a company's security measures, staff can prove a weak link, making end user training for everyone who has access to a company's email and business systems, crucial.

“It employees aren't aware of the potential threats, internal best practices and protocols, the organisation is vulnerable to a ransomware attack,” CompTIA says.

Adds Moses: “People remain the weakest link when it comes to securing networks.

“This makes end user training one of the most valuable security measures a company can implement.”