Ransomware, like the name suggests, is when your files are held for ransom. It is a type of malware that essentially takes over a computer and prevents users from accessing their data until such time as a ransom is paid. The ransomware encrypts data on the computer using an encryption key that only the attacker knows. If you want to decrypt them, you have to pay. If the ransom isn’t paid, the data is often lost forever.
A ransomware attack, also known as WannaCry or WeCrypt, recently spread across the globe and is believed to have affected over 200,000 organisations. The cyber-attack struck banks, hospitals and government agencies in more than 150 countries, exploiting known vulnerabilities in Microsoft operating systems.
How to protect against a ransomware attack?
- Think before you click – It is important to look for malicious email messages that are often concealed as emails from companies or people you regularly interact with online. It is important to avoid clicking on links or opening attachments in those messages, since they could unleash malware. However, unlike many other malicious programs, WannaCry has the ability to move around a network by itself. Once the virus is inside an organisation, it will hunt down vulnerable machines and infect them too.
- Keep software up to date – Users should ensure that security updates are installed on their computer as soon as they are released. Last month, the NSA revealed software vulnerabilities in a Windows Server component which allows files to spread within corporate networks. Since then, Microsoft has released software patches for the security holes. Anyone who applied this patch more than likely was not affected by WannaCry. However, not everyone has installed these updates and so these users are susceptible to an attack. It is also important to note that the vulnerability does not exist within Windows 10, but is present in all versions of Windows prior to that, dating back to Windows XP. Support for Windows XP was discontinued in 2014, and so if you are using XP it is recommended to upgrade to a more secure system. It is important to keep all software packages up to date to maximise protection against attacks.
- Keep backups of data files – Users should regularly back up their data, which will make it possible to restore files without paying a ransom. This can be done by saving files to a USB key, external server or a cloud sharing facility such as Dropbox or Google Drive. Individual software packages may also offer a backup facility, enabling you to automatically back up sensitive data, for example Thesaurus Cloud allows users to easily backup payroll data.
How can Thesaurus Cloud help?
Thesaurus Cloud is an optional add-on to your payroll software that allows employers to automatically and securely backup payroll data to a highly secure cloud server, ensuring that you will never lose your payroll data if you are the victim of an attack.
You may decide that you only want to use Thesaurus Cloud for payroll backups, however, the features listed below can also be availed of.
With Thesaurus Cloud, employers can invite their employees to their own self-service portal. Employees can login to their own personal account, be it on their PC, tablet or smartphone, where they can view payroll documents relevant to them, with a full history of payslips and P60s. Employees can also request annual leave and view annual leave remaining through their portal.
Furthermore, Thesaurus Cloud provides users with an annual leave management facility and a document upload facility, where all information is stored within the same location. With the document upload, employers can upload employee contracts & staff handbooks, training manuals, employment documents and much more, which can be accessed by employers and employees on any device.
Find out more about Thesaurus Cloud with an online demo.
Posted byRachel HynesinBrightPay ConnectEmployee ContractsEmployee HandbookEmployee Self ServicePayroll SoftwareStaff Handbook