Ransomware protection

 Article for: Everyone 

	Difficulty:Easy 

	Importance: Could save your data, could do nothing 

Ransomware infects any drives that Windows can access using a letter. So those USB drives that are attached to your computer for backup could be infected. This will destroy your backup. Mapped network drives can also be infected.

All the security tips I've been giving for over 30 years will reduce the chance of getting infected. However, there are steps you can take to mitigate the disaster. if some ransomware gets through your protections.

Locked Images

An image is a complete copy of your entire drive, including Windows, all programs, drivers and data. Macrium Reflect's paid versions, both home and Workstation, offer ransomware protection. They lock the images so that only Macrium Reflect can write to the image or open it. Macrium can also unlock it. This should prevent the image from being encrypted even though it is on an attached USB drive.

Offsite data backups

SpiderOak protects your data from infection because the online backup is accessed through their program. It cannot be access from Windows using a drive letter. Many other off-site backup programs also offer this protection. As long as you can't access your backup from Windows directly, either via the network or a mapped drive, your files are probably safe.

Disconnected Drives

Multiple USB drives that are removed from the system will give you a safe backup. Use a drive for a couple weeks, then change it out for another one and store the first one in a safe place.

What I do

Follow a wide range of safe computing practices to reduce the chance of an infection getting in.
Backup all data with Spideroak every night and check that it is working. This way I have copies that cannot be corrupted by malware.
Have Macrium Reflect make an image every month which is protected against being able to be written to. This saves both my program files and data files from destruction (or at least allows me to resurrect them if destroyed).

Date: September 2019

This article is licensed under a Creative Commons Attribution-NoDerivs 3.0 Unported License.

Keeping clients' computers safe and profitable for over 30 years

Home Forms About Current Newsletter subscribe Search All Articles Browse by Category Security Internet Mobile Business Hardware Fun		Ransomware protection Article for: Everyone Difficulty:Easy Importance: Could save your data, could do nothing Ransomware infects any drives that Windows can access using a letter. So those USB drives that are attached to your computer for backup could be infected. This will destroy your backup. Mapped network drives can also be infected. All the security tips I've been giving for over 30 years will reduce the chance of getting infected. However, there are steps you can take to mitigate the disaster. if some ransomware gets through your protections. Locked Images An image is a complete copy of your entire drive, including Windows, all programs, drivers and data. Macrium Reflect's paid versions, both home and Workstation, offer ransomware protection. They lock the images so that only Macrium Reflect can write to the image or open it. Macrium can also unlock it. This should prevent the image from being encrypted even though it is on an attached USB drive. Offsite data backups SpiderOak protects your data from infection because the online backup is accessed through their program. It cannot be access from Windows using a drive letter. Many other off-site backup programs also offer this protection. As long as you can't access your backup from Windows directly, either via the network or a mapped drive, your files are probably safe. Disconnected Drives Multiple USB drives that are removed from the system will give you a safe backup. Use a drive for a couple weeks, then change it out for another one and store the first one in a safe place. What I do Follow a wide range of safe computing practices to reduce the chance of an infection getting in. Backup all data with Spideroak every night and check that it is working. This way I have copies that cannot be corrupted by malware. Have Macrium Reflect make an image every month which is protected against being able to be written to. This saves both my program files and data files from destruction (or at least allows me to resurrect them if destroyed). Date: September 2019 This article is licensed under a Creative Commons Attribution-NoDerivs 3.0 Unported License.
		I attempt to provide reliable information, but make no warranty as to the accuracy or safety of these articles. I disclaim all legal responsibility for what following these instructions may do. Follow my advice at your own risk