Revisit ransomware prevention & mitigation : Sharepoint, continuous backup, etc
Posted on 2016-08-19
A related organization's critical files in 'encrypted shared folder' (not Sharepoint) just
show up with plenty of *.zepto
As post-mortem, they will ask for preventive & mitigation measures:
a) I suppose mapping a drive to an encrypted shared folder doesn't help at all.
Will using Sharepoint help (assuming we don't map a drive to the Sharepoint)
but users have to use IE/browser to upload/update/download files?
But of course the very busy users (who almost constantly have to update
the files, including Excel) hate to use IE/browsers to do this as it's much
slower than using Windows Explorer: got to check out a file & will be
prompted many times. Is there something as fast & like Win Explorer (for
b) apparently the AV either did not work or not updated, will AV detect &
stop zepto ?
c) Will IOC (indicators of Compromise) tools help with this? Do name
specific opensource tools
d) Exploring Acronis backup for workstations: is there a 'continuous' backup
feature that will allow us to restore just a second or a few secs just to
prior being attacked?