How to protect your G Suite files from Ransomware

G Suite is a ubiquitous tool you use daily to access email, files on the web, and collaborate with others. With Google Drive’s backup capability that syncs files between your computer and your Drive, it’s easy to access files on the go and on multiple devices. However, when viruses and ransomware enter the picture, what measures should you take to protect your files?

Ransomware is a malicious software that is designed to block access to a computer system until a sum of money is paid. It encrypts computer files such as word, excel, or photoshop documents so that users cannot access or edit the files, supposedly until the ransom is paid. However, in many circumstances, paying the ransom still does not grant users access to their files.

Protecting computer files synced with Google Drive

Typically, trojan viruses such as ransomware are exposed to computer systems through external emails with enticing information. Unsuspecting users may download these files, allowing the virus to be installed onto their devices.

This virus then encrypts all files on the device with an extension (such as .doc.encrypted) that prevents user access. From there, Google Sync uploads these corrupted files to Google Drive. However, Google Drive offers a built-in capability to revert files back to previous versions, allowing users to retrieve their files. Rest assured that your Google Drive files such as google documents and google sheets will never be affected.

In order to do this, users must right-click on affected files within Drive, then select “Manage versions”. From there, Drive provides downloads for previous versions of the file. Google offers previous revisions for up to thirty days, so users have a thirty-day window to restore files. After moving uncorrupted files to a new database, users should immediately delete all malware versions of files.

The only method to retrieving files corrupted by ransomware is to revert to backups. Possible solutions include “Manage versions” in Drive and using external drives. Users should not pay the ransom—paying the ransom does not remove the encryption on the files. Administrators are encouraged to inform employees of potential risks associated with malware, and to encourage employees to take preventative measures.

Email on Outlook

On platforms such as Outlook, system administrators may create filters to prevent suspicious emails from entering the network. It is also possible to block emails that exceed a certain file size, or to use the email system to scan incoming mail. Administrators may also install anti-ransom software on the network, or create rules in the domain that protects user files from ransomware.

However, it is most important for users on the network to be able to identify viruses. In order to prevent the exposure of ransomware to a computer system, users should be wary of email downloads, especially those sent by unknown users or with the extension “.exe”, which signals that the file is executable.