This blog post focuses on preventing encryption of your document library by ransomware such as CryptoLocker.
CryptoLocker is an encrypting ransomware trojan that re-emerged in 2013. The cryptovirus operates via infected mail attachments, pop-ups and various add-ons with shady content. It encrypts all the files on the local drive after which you can no longer use them and are forced to pay a certain amount of money to the anonymous attacker in the hope of retrieving your lost data. Usually you are given 72 hours to pay the ransom in exchange for the encryption keys but have in mind that this usually turns out to be a fraud and your data is inaccessible forever.
Here’s how, as a SharePoint admin, you can avoid such notorious file-encrypting ransomware infecting your SharePoint.
If you’re worried about the virus attacking your SharePoint data, there is no reason for concern. Data stored on SharePoint is actually stored in a content database and out of reach of CryptoLocker unless the database is exposed to it. However, CryptoLocker can tend to get ugly if you store your data locally on a hard drive.
SharePoint is generally secure, but just in case you should take certain precautionary steps. There are two ways you can get attacked by such a malware: when using OneDrive for Business or when you map document libraries as network drives. To make sure you stay safe, protect your computers, don’t open suspicious mail attachments and regularly install updates.
SPDocKit cannot bulwark you from the malicious ransomware lurking about in the cyber world, but it can help you to enforce versioning on all document libraries. This way, if CryptoLocker does get through to your SharePoint, you can use the version history of the affected files on SharePoint to return to the unlocked state.
Microsoft keeps 14 days of SharePoint backups if you’re using SharePoint Online, however, you must restore the entire site collection. If you’re using SharePoint on-premise, you have to do your own backups unless you have a third-party tool that takes a backup of the entire site collection.
To enable versioning on SharePoint using SPDocKit, you will need to use Queries & Rules feature. Queries and rules help you to enforce your company policies across a SharePoint farm, such as enabling SharePoint document versioning, finding checked-out files and examining other settings for document libraries or list levels, and much more.
The first component is Queries, which allows you to query your SharePoint database to retrieve information about particular settings or stuff that has been going on inside your SharePoint. The other is Rules, which allows you to set some of these settings according to your company policies or other best practices that you might wanna configure. Find more about it in this video.
Setting up document versioning with SPDocKit
1. Navigate to Queries & Rules and then click the New Rule button in the Home ribbon.
2. For the rule type select Document Version History. Click Next to continue.
3. In the Versioning Configuration section, select Create major and minor (draft) versions. Then choose additional configuration options depending on your needs. Click Next to continue.
4. Define how your rule will be executed and select Automatic. Then set up a schedule for automatic rule execution, such as the recurrence type, start time and how often you want the rule to be executed. Click Next to continue.
5. If you wish to refine your rule, select the conditions you want to apply and click Next to continue.
6. Define how widely across your SharePoint farm this rule should be enforced. To enable versioning across your whole SharePoint farm, select Web Application for both the Scope and the Target. When done, click Finish.
Each time the SPDocKit services execute a rule, a history record is created which you can explore.
If versioning is not turned on and CryptoLocker gets hold of your files, they will be lost forever. SPDocKit helps you by making sure that versioning is set up on all document libraries at all times.
Creating Your Own SharePoint Rules with SPDocKit
You can create any rule you want with SPDocKit. Say you want to create a rule that says “do now allow folders on document libraries”. You can simply chose the option Folders and click that you do not want to allow this option, choose the trigger, filters, the target, and voila!
There are two scopes for rules – one is for lists and the other one is for subsites.
Supported rule types:
- List Rules
- Attachments – to specify if users can attach files to items in a list.
- Dialogs – whether to launch a new, edit and display forms in the dialog.
- Display on the quick launch – whether the documents will be displayed on the quick launch.
- Document version history – whether a version is created each time you edit a file in a document library.
- Folders – whether the “New Folder” command is available.
- Item-level Permissions – specify which items user can read and edit.
- Offline Client availability – whether this document library should be available for offline clients.
- Opening Documents in the Browser – whether browser-enabled documents should be opened in the client or browser by default when user clicks on them.
- Quick edit – whether Quick Edit can be used on this list to bulk edit data.
- Rating Settings – whether or not items in a list can be rated.
- Require Check Out – whether users must check out documents before making changes in this document library.
- Search – list visibility in search results.
- Subsite Rules
- Request Access Mail – specify an email address used for approving access requests for subsite.
Download SPDocKit and discover new, stress-free ways to manage your SharePoint environment. Start you free 30-day trial right now!