In the cloud, teamwork is key to protecting against ransomware attacks
Recent ransomware attacks are a reminder that healthcare organizations need to get the basics of ransomware defense right, including for systems that are increasingly cloud-based.
When it comes to ransomware attacks, you are not entirely out of the woods if you take to the clouds.
That’s one way of summing up a recent commentary by Rob Shapland, a web security specialist, who points out that “even if all your data is stored in the cloud, it is not entirely safe, and it still needs some sort of ransomware defense.”
Part of the challenge, he notes, is figuring out the ins-and-outs of the “shared responsibility model” under for the physical security of the servers, the hardware, and the host operating system and virtualization, but anything installed onto this hardware by the customer will be the customer's responsibility. “This means all the software and data is managed by the customer and, therefore, if the data is encrypted by a ransomware attack, it is the customer's responsibility to restore it”
Given the shared responsibility model, Shapland says “the same principles of ransomware defense you would use if the servers were on premises need to be applied in the cloud.”
First and foremost, then, is a regular backup process protected with multi-factor authentication.
Moreover, “patches should be applied to software using the same patch cycle your IT team uses for on-premises servers. Similarly, network security rules should be configured in the cloud to avoid exposing services that ransomware, such as WannaCry, can use to spread.”
In short, says Shapland, ransomware defense for cloud services should be treated the same as on-premises defense. “Using the same fundamental security processes as for on-premises data, and using a defense-in-depth approach with technical controls, combined with robust processes and regular staff training on cybersecurity, is the best approach to prevent your cloud data from being compromised.”