More Ransomware Protection for ownCloud

After the current waves of attack of ransomware WannaCry in May and its successor Petya a few days ago, agitation prevails in many IT departments: how can you protect your company against these attacks, which have the potential to destroy all files?

The economic damage is now already in the billions and CIOs are under pressure to protect companies and their users from new attacks.

Data belongs in private enterprise cloud
Tobias Gerlinger, CEO, ownCloud GmbH, makes a recommendation to enterprises: “Company data should not be stored on the computers of the individual employees, but in a private cloud. WannaCry has affected companies in more than 150 countries, especially companies operating on a global scale, where many employees still negligently store important data on their own computers. That’s just what ransomware is waiting for.“

Prevention with file firewalls
The company already offers the possibility to filter access requests for files on an server with the firm’s File Firewall using tags and criteria such as IP address range, device type, file size, subnet, region, time or group membership. If these rules are violated within a connection request, access to the file is denied.

Now the EFSS vendor announces further measures for ransomware prevention: An automated configuration script initiates a ‘blacklisting’ of the well-known ransomware file endings in the company’s File Firewall, whereby these infected files do not gain access to the ownCloud server.

“Over 90% of the current ransomware attacks work with a renaming of the file ending. This can be effectively prevented,” says Holger Dyroff, COO, ownCloud.

File recovery at fingertips
Furthermore, the company will be delivered with a feature for ransomware protection soon.

File versioning allows a roll-back that can be carried out at the push of a button, thus an earlier, unencrypted file version can be used. Thereby, a loss of data and productivity can be effectively avoided immediately after a ransomware attack. File integrity checking based on the calculation of checksums of communication between server and desktop client eliminates transmission errors (eg bit errors) and ensures that functional versions are available on the ownCloud server at any time, which is accessible in critical cases.

Click to enlarge

Increasing security and protection requirements to ensure dynamic growth
“Important data belongs to the private cloud, under the sovereignty of the enterprise IT. Only your own cloud offers security against the increasing cyber attacks and, at the same time, effective protection against industrial espionage. More and more companies are opting for a secure on-premise EFSS solution and thus, ownCloud,” says Gerlinger.

This is also shown by the figures: the firm, as EFSS vendor, grew by more than 60% in the second quarter of 2017 compared to the previous year and includes large companies such as ZF Friedrichshafen AG, Deutsche Bahn AG, and Airbus SAS among its customers.

Currently, the company is targeting other data protection technologies, such as an end-to-end encryption plug-in that will be available soon.

Ressource:
Owncloud security