Business Continuity in the Age of Ever Evolving Ransomware
By Andrew Martin, Director APAC & Japan, Zerto
Every day seems to bring news of another Ransomware attack, or a new strain of the malware. It seems likely too, that there are even more incidents than we read about. Incidents where companies paid up rather than openly declared they had been targeted and that their data had been at risk. Data is one of the most important assets an organization has. The price of paying the ransom is often lower than losing the company’s data, reputation and possibly entire business. With strains evolving in sophistication and now reportedly capable of encrypting an entire network, no company is safe sticking to the narrow view of ‘keep the virus out’.
Effectively defeating the threat of Ransomware means being able to recover critical applications and data within minutes. Backup solutions and firewalls alone do not offer this. Businesses need comprehensive Business Continuity (BC) and Disaster Recovery (DR) capabilities that deliver fast recovery point objectives (RPOs) and recovery time objectives (RTOs). The challenge is many BC/DR plans involve limited, technical point products.
Many organizations already have some form of backup process in place for standard audit requirements as mandated for highly regulated industries.
Ransomware threats increase and the strains become more advanced, having a comprehensive BC/DR strategy in place is paramount
However when disaster strikes it is the first few minutes that are critical, which businesses need to recover within those minutes, not hours, and as completely as possible. Relying on incomplete backups taken 12-24 hours previously could take hours to restore, leaving businesses with downtime they cannot afford and can be easily avoided.
Too often IT has a very narrow view on security, simply focusing on detecting and preventing intrusions. A more holistic approach involves a three-pronged strategy, which augments the detection and prevention of intrusions with fast recovery of critical data and applications to ensure uninterrupted business operations.
With proper DR processes and supporting technologies in place that provide instant access to data in the event a virus does break through, the impact can be highly mineralized. Advanced DR platforms help avoid downtime by allowing organizations to go back to the seconds before a file, application, or folder was lost. This nullifies Ransomware as this “criminal disaster” is neutralized and business as usualis quickly resumed.
Protecting against a virus is of course the first line of defensive, but this is proving more difficult as malware continues to evolve. Working from backups is time consuming and often out of date, but advanced DR allows businesses to recover from an outage or virus by re-winding their VMs to a point in time where the infection simply didn’t exist.
Successfully meeting compliance initiatives after a disaster is an added pressure for organizations with highly sensitive data, such as the healthcare, financial, legal and public sectors. These are the very sectors targeted most by the current wave of Ransomware attacks. In the event of a disaster or a malware infection, these organizations come under increased pressure from regulatory bodies and the public. Failure to comply and recover data within an adequate amount of time could result in costly fines and other negative repercussions.
In the digital age data is crucial to running nearly all businesses. As Ransomware threats increase and the strains become more advanced, having a comprehensive BC/DR strategy in place is paramount. Instead of discussing the options of paying or losing your data, you can instead restore to the seconds before the attack even took place, gaining confidence to keep your business moving forward.