In the past couple of months, we have been hit with the ransomeware virus 3 times. Luck for us we have timely backups that allow us to restore shared network drives; however, I'm looking for a way around this. Since we are a completely virtual environment, I don't care about a person's individual VM getting blown up- we can always recreate that. What I do care about is our network shares. I've been trying to research ways to prevent the encryption of those files. One idea I had was requiring user authentication to the shared drives, like every 10 minutes if they have to access it. Then I'm limiting the window whereby I could have an infection. Has anyone come up with any solutions to prevent this from happening?
Any help would be greatly appreciated.