At DropSecure, we have made MFA as our top most priority and we provide MFA even for unregistered users. All links are by default protected by MFA so only the intended recipient can access the link and no one else. It is also important to know that not all MFA are same. MFA has to be a second factor, which means if you are getting a link by email, it’s best for MFA to be sent to a device other than email and the preferred choice has become SMS to mobile.
With recent events though, it turns out that SMS can be easily hacked. The next best secure option without needing any additional hardware is TOTP (Time-based OTP) authenticator. At DropSecure the authenticator is our preferred option for MFA and we will keep working on educating our clients about the safest way to set up a second factor. Do remember that, given some of the vulnerabilities of a second factor, it is still far more secure to have a second factor vs none.
What is a Ransomware attack ?
Ransomware is a type of malicious software (malware) that encrypts your files and drives with a key that you can only obtain by paying whatever ransom your attackers want. Attackers often demand payment in crypto currency that complicates law enforcement efforts to track them down. Even worse, payment does not guarantee that you’ll get the key needed to decrypt your data.
Can Ransomware attacks be avoided ?
Recent well-publicized ransomware attacks have exploited vulnerabilities in products used by IT services and Managed Service Providers (MSPs), such as SolarWinds and Kaseya. The size and sophistication of these attacks means that no one person or organization can stop ransomware attacks.
Ransomware organizations have even begun offering Ransomware-as-a-Service (RaaS) to anyone wanting to make money and/or disrupt businesses. The word “ransomware” sounds scary and those who wield it seem like criminal masterminds who can take over our digital lives any time they want. The situation is dire, but there is reason for hope… and there are some things you can do to greatly reduce the impact of ransomware attacks.
Can you isolate yourself from ransomware attacks ?
The first thing to remember is that ransomware attackers need access to your data… so maintain tight controls over your data. This is as simple as migrating your data from local storage to a Cloud Service Provider (CSP). Removing your data from your device leaves nothing for ransomware to access. Infected computer? Simply disconnect it and reinstall your operating system and applications, or switch to a different computer. Simply migrating to a CSP is not enough. You need to select a CSP who will keep your data safe. It’s tempting to think that popular file storage services are secure and that you need only choose the lowest-cost provider.
What kind of technology protects you from ransomware attacks ?
The real question you need to be asking is whether the provider offers true end-to-end encryption that locks your data before it leaves your premises and keeps it locked at all times thereafter until you access it using your unique key. Think of end-to-end encryption as placing your data inside a safe and then placing that safe in storage while you keep the key. This ensures that only persons with a valid copy of that key can unlock the safe and access your data. Giving your key to someone lets them access some or all your data, depending on how you use your keys… but it does not give anyone any kind of access to the CSP itself.
DropSecure offers true end-to-end encryption. We protect your data using military-grade AES-256 end-to-end encryption. Migrating your data to DropSecure you remove all of your sensitive data from your own hard drives while keeping it safely tucked away on our servers. Ransomware attack? Disconnect the affected computer and either refresh it or keep right on working from a different computer.
DropSecure always keeps your data safe and gives you access from any location at any time. All the cybersecurity experts in the world can’t always stop ransomware attacks, but everyone who uses data can outsmart would-be attackers by thinking ahead.
Selecting a truly secure CSP such as DropSecure helps make sure that you–and not the criminals–have the true power.