| > What would you do to protect your company. How big is the company? If the company is big enough then it should really have an infrastructure manager or similar who is directly responsible for this sort of thing, rather than relying on seconding the dev team into managing IT. When we were a team of five plus the owner and I gave up on getting time+budget to properly setup off-site backups, I ended up spending a weekend hacking together something with ssh+rsync to the machine under my desk at home for key data (the source repos, email, etc.) basically replicating what I did for my home data (backing up to an external site). I can't recommend this. It no doubt breaks many data protection rules. But I wasn't comfortable with the idea that my job would be entirely gone if the building burned down overnight and we lost what would be needed to restore operation. I was protecting me, not the company at that point. Luckily when we were in the process of being bought and due diligence audits came around, backup & DR concerns were taken a bit more seriously and I did get the time allocated to do something better. > I have limited backups but we would be done with systems down for days. Make a case to management that these attacks are not targetted at the big companies, they just happen to catch them in the net and we hear about them because they are big companies. The bots out there infecting sites will get into anywhere they can, and the blackmailers are more than happy to have many small marks instead of a few big ones. You are a target as much as Fuji or Garmin are. That case should list how long it would take to get operational again (refreshed infrastructure, restored data) if you paid for decryption and if you didn't (which in your case might be "it'll never happen" currently). Make a recommended plan and list what the restore time is for that if you had to rebuild everything. Break the restore time into essentials (what you need to support current clients) and everything else (what you need to continue new work and chase new clients). Also include in your plan time to regularly test your backups and arrange some automated tests of key parts. That, other than taking matters into your own hands in your own time which is as likely to get you slapped as it is to get you thanked, is all you can do. If they don't take these matters seriously, consider if you can get a job with a company that does (you'll have to if the worst happens anyway so consider planning this to be your personal DR plan even if you don't want to jump ship now). |