Ricoh South Africa is helping businesses stop the time-wasting, and costly effects of a growing spate of ransomware attacks.
As Ricoh’s digital services portfolio continues to grow, it increasingly helps organisations digitally transform their operations to align with their shifting strategic business objectives.
“Ransomware is a huge global threat and it’s growing. There are hundreds of ransomware attacks in South Africa every day, as many as 12,000 across the country in the first half of 2021 alone,” says Jolene Castelyn, marketing executive at Ricoh South Africa.
“A significant element of digitalisation is the transformation of operational processes and the workflows that feed them, placing Ricoh’s document, device, and workflow digital services at the very heart of an enterprise journey. It is an ideal opportunity to bake in layered cybersecurity related to the target of every ransomware attack, the documents and the data.”
Ricoh calls its solution RansomCare. It was released to markets abroad in March 2021 and is available in South Africa from October 2022.
The solution actively monitors to detect known and unknown ransomware, immediately respond to the threat by containing the malicious software, alerting administrators to take remedial action, and reporting to actively meet compliance requirements and continuous improvement.
“Rapid response is key,” says Castelyn. “Ransomware typically infects up to 10 000 files per minute once it gets inside the firewall and an unwitting user activates it. Informed recoveries ensure you work with impacted files only, which simplifies backup and restoration. Detailed reporting gives you the data you need to report to key stakeholders and data authorities.”
RansomCare is powered by Bullwall. It monitors in near real-time and uses multiple detection tactics. It instantly detects tell-tale ransomware signs. It quarantines compromised devices, identifies encrypted files, restores them from backup, and automates policy-based incident reporting.
It is very quick and easy to deploy because it is agentless. That means it operates remotely, without being installed on every device, yet it creates no discernible network overhead. It integrates seamlessly into existing security and works alongside them to complement traditional cybersecurity services and make them stronger. It also has built-in alerting.