In a previous article, I had written about a basic layered strategy to mitigate ransomware attacks. These strategies are useful in a business or corporate environment. However, what if you are an end user, not able to leverage your corporate IT? Or if your company has a Bring-Your-Own-Device (BYOD) policy? In many companies with a BYOD policy, the user's device, because it is a personal device, is not managed or supported by corporate IT. How do you ensure your data is safe?
One of the basic things you can do, besides having anti-virus and allow the computer to regularly update itself with security updates, is to activate OneDrive's data protection feature.
What this feature does, is redirects your Pictures, Desktop, and Documents folders, that are normally in the C:\Users\<UserName> folder, to your OneDrive. This allows these 3 folders to be constantly sync'd to the cloud, and therefore recoverable should you lose your physical machine.
To activate this feature, you have to have a proper license of Office 365. The screenshots below show my Office 365 Home Premium.
Right-click on your OneDrive icon in your System Tray (the area with the little icons beside the clock on your taskbar)
Click on SettingsClick on the Auto Save tab and click on Update Folders
Click on Start Protection
That is essentially it. You'll see little green check mark icons on your desktop files that indicates they've been properly sync'd.
For more details on how this feature works or for some basic troubleshooting, visit Office Support.
To restore files to an earlier date and time, use OneDrive's Restore feature. Details of this feature can be found on Microsoft Office Support.
OneDrive's built-in Ransomware Detection feature will also detect ransomware attacks and alert you through an email, mobile, or desktop notification and help you restore your OneDrive to a point in time before the intrusion. Details of the detection and alerting can be found on Office Support.
In a corporate environment, redirecting user's special folders to a central file store, enabling shadow copy with regular backups is a common practice to mitigate data loss and protect against malicious attacks. The fact that Microsoft has made an enterprise solution available to consumers is fantastic.