Wednesday, 28th October 2020

Ransomware reality check required

StorageCraft has announced the second in a series of findings from an independent global research study of over 700 companies in Australia, France, Germany, North America and the UK on the attitudes of IT decision-makers (ITDM) around data management. The findings reveal a concerning disconnect between an organisation's confidence and its actual ability to recover from a ransomware attack. While 68% of respondents believe they have a clear plan in place and could quickly recover from a ransomware attack, nearly a quarter (23%) do not test their recovery plans. Of those that do test, nearly half (46%) only test their recovery plans once a year or less.

Further highlighting the difference between the perception and reality of being able to recover from a ransomware attack, the majority (86%) of respondents confirmed they suffered data loss in the past year, with over a quarter (27%) suffering data loss in the last six months. The research also uncovered issues around the budget and complexity of IT infrastructure, which will add to the challenge of ransomware preparedness.

  • Nearly half (46%) of respondents reported that they do not have the budget to manage their data and recover from a failure adequately.
  • Again, nearly half (49%) of respondents reported they have between 3 and 5 different types of systems to manage and protect data. Thirty-three percent have six or more different types of systems.

Said Shridar Subramanian, vice president of marketing and product management at StorageCraft: “Even though ransomware continues to be a scourge on business,with a reported[1] 118% increase of incidents in the first quarter of this year alone, our research shows too many organisations are ill-prepared to protect against it. They must take a reality check and assess and test their ability to protect and recover from a ransomware attack.”

StorageCraft recommends that organisations assess and test their plans for ransomware prevention, remediation, and recovery. First, businesses should identify and locate their business-critical data and take comprehensive steps to protect it. This step includes email security systems, firewalls, regular software updates, clearly audited administrative and access policies, and ongoing user education. However, prevention is not foolproof, which is why a ransomware-specific plan for remediation and recovery is essential. Thwarting ransomware is dependent on an organisations’ data locality (i.e., on-premises, in the cloud or in cloud-based applications such as G Suite and O365) and preferred recovery location. Critical elements of a successful plan for ransomware remediation and recovery include:

  • Immutable Snapshots: To ensure unstructured data can be recovered, companies should protect their information with continuous immutable snapshots. Data captured this way is ‘frozen’ and cannot be overwritten or deleted by ransomware attackers. This ensures an organisation can revert to a secure set of data.
  • Orchestration: A successful recovery process requires that business-critical data and applications are prioritized. Companies using cloud-based recovery should pre-determine the order in which their data and applications will be recovered. This ‘orchestration’ ensures minimal downtime, once data recovery begins.
  • Immediate Recovery: Considering one minute of downtime costs $5,600 according to industry analyst firm Gartner[2], the speed of recovery following a ransomware attack is a crucial element of the remediation and recovery process. Solutions such as StorageCraft VirtualBoot provide the ability to recover virtual and physical infrastructures - and both structured and unstructured data - instantly.
  • Failback: After a successful cloud-based recovery, the last step in remediating a ransomware infection is returning the data infrastructure to its original location and resuming operations as usual. The planned failback process should have a minimal impact on production applicationsto minimise any additional downtime and adverse effect on the business.
Among the newly introduced capabilities, Spot by NetApp’s Kubernetes optimization enables organizati...
Largest update yet to ATTO 360 introduces brand-new performance and statistics visualization feature...
Blocky for Veeam uses application whitelisting to protect Veeam backups from 'zero day' threats.
British Antarctic Survey (BAS) is implementing Quantum Scalar® i3 tape libraries on the brand-new RR...
CTERA has released version 7.0 of its Enterprise File Services Platform, delivering ultra-fast edge-...
Updates enable enterprises to accelerate their digital transformation by easily building and optimiz...
New training and certification courses help partners build technical and sales expertise in the high...
New capabilities, including low cost storage tiers, performance improvements and integrated storage...