In our last installment on ransomware preparedness for 2017, we discussed the sharp upward trend of ransomware attacks, security solutions that need to be in place and the role of backup and disaster recovery (BDR) as the key component to preparedness. In this installment, we will further outline the way a BDR solution augments and enhances your business’s ransomware preparedness.
BDR solutions are the answer to ransomware attacks since, if they are properly installed, they can recover a clone of your data in mere minutes after your company realizes they have been compromised. The speed of this solution is of the utmost importance due to how much is at stake during an attack. An article from CIO explains that deadlines may be a defining factor in the attacks as some are “designed to punish payment procrastination and they double or triple their ransom demands as stipulated deadlines pass.” The article espoused the virtues of BDR solutions but pointed out that “backups are useful only if they’re created before a malware attack, so it’s a good idea to immediately and regularly backup important files.” Frequent backups are worth the time and resource investments since it gives you flexibility to choose which version to use as your recovery copy.
The best way to save your business when your data is held hostage is to have a clone of it ready to be used within minutes. Your company should change its mindset to assume it WILL be attacked at some point and have a recovery plan in place. The sooner this is accepted, the sooner your company can set up offsite and secure backups that assure operations can be restored within minutes.
Immediately after a server is compromised, take your files and applications offline and isolate the attacks to one device. By launching a clone of your production server from a time before the attack, your company avoids downtime, lost data and can make the ransom a moot point. If your BDR solution has been sized correctly, your production application performance should be on-par with your regular hardware when running from the BDR solution. This gives you the time you need to repair or rebuild your production hardware and can also give you the option to review your patch levels and software updates. Once your production servers are clean and ready, you simply failover from your clone back to production.
But what can go wrong with BDR? If your company is using a legacy system, it will not be able to keep up with frequent backups. Even “advanced” solutions have presented new challenges, such as testing issues that leave teams unsure if their backups are even usable. Some solutions are so complicated that they require a specialized team just to handle the deployment. Others offer inadequate support or patchwork solutions that provide second-rate tools that don’t work well together. Though BDR can be a way to combat ransomware, most companies are using the wrong BDR solution making its saving grace ineffectual.
The right BDR will provide immediate recovery, encrypted backups and precise replicas of your vital systems. Make sure your systems and applications are virtualization-ready so you have the option to utilize a virtual infrastructure of an offsite backup and disaster recovery system. Quorum’s eBook, Waking Up From the Ransomware Nightmare, explains that the best bang for your buck will be investing in Disaster Recovery as a Service (DRaaS). Though Quorum found that only 39 percent of companies are using DRaaS, it is the best solution to save on labor costs as well as the headache and resources that come with handling a ransomware attack.
Quorum’s onQ is a top BDR product since it has the industry’s most complete suite of high availability, disaster recovery and hybrid cloud (DraaS) solutions. It offers one-click recovery, allowing customers to cut disaster recovery time from hours to minutes. It does this by making an exact copy of your critical servers so if ransomware gets into your environment, you can just run a copy of your servers through onQ until you get your production system return to duty. The key to achieving this is to immediately isolate the affected servers as soon as you realize there has been an attack.
As you run your encrypted production server clone from a point that you know is free of malware, you can continue working and Quorum will proceed to back up your systems. This allows your team to take the time to thoroughly fix your production systems without rushing the repairs to return to business as usual. When your production systems are cleaned and back online you can just failover from Quorum back to production and all changes that occurred while running the BDR will be migrated back to production. Since onQ can be configured as a DRaaS deployment, businesses using it save money by not having to fund, design, staff or maintain a replicated data center. And on the rare occasion of a data center outage, your IT staff can simply use any web browser to power on all Recovery Nodes (RNs) on the onQ appliance deployed in the Quorum Cloud.
onQ automatically tests the RNs and associated networking of each of your protected servers. These tests can be scheduled ahead of time to run automatically, and, if any failures occur your team will be notified. onQ also comes with a sandbox testing feature so you can test patches, new apps and configurations before pushing changes to the production environment.
onQ deduplicates both during the backup at the source and after it’s complete across the target repository. Deduplication enables much faster backups and reduces storage consumption, both of which keep costs down for your business. The deduplicated data that is recorded by the local onQ appliance can be replicated to a second onQ appliance at a designated DR site, such as a customer owned remote site or in the Quorum cloud. This replication compresses and encrypts the data to minimize any network traffic-related bottlenecks and maximizes data transfer speeds.
Failback is important but can be difficult with other solutions. onQ enables you to easily perform a bare metal restore (BMR) to dissimilar hardware and/or platforms with physical-to-virtual, virtual-to-virtual, virtual-to-physical and physical-to-physical options. It can also perform incremental failback that limits your downtime and ensures the most efficient recovery possible.
Along with its speed, onQ is easy to use and is delivered and managed from a single browser console. We shouldn’t expect anything less than onQ’s precision since it was developed for the U.S. military and has been protecting modern businesses with the same robust technology for years.
Do not simply hope your company will not be victimized by ransomware; instead, implement a BDR solution sooner rather than later. For more information, download Quorum’s eBook Waking Up From the Ransomware Nightmare.