2. Back, back, back it up!
Automated daily backups can potentially save you in a bad situation—that's what saved us. I lost enough term papers in college to know the importance of saving, saving, and saving some more.
Every important file should be saved in multiple locations. Email it to yourself, save it in the cloud, save it on a USB drive—never ever have only one copy. Patient files follow the same rule—back them up often.
Prior to the attack, I was solely responsible for our backup drives. We’ve now made switching the backup drives an everyday checkout task. Not all backups should be in the same place. At least one backup should be offsite. Make sure the daily backups are actually happening and that the files on the backup are usable.
The best defense against losing all of your files to encryption is having those files saved elsewhere. When I handed over our encrypted computer to get fixed, it was amazing to be able to say ,“Just wipe it, I don’t need those files. They were all backed up.”
If you don’t have a backup, you may just have to pay the ransom. It’s not guaranteed that all files will be returned. Attempting to get the remaining encrypted files decrypted may be costly and time consuming and may still result in file loss.