Tuesday, 4th August 2020

Ransomware reality check required

StorageCraft has announced the second in a series of findings from an independent global research study of over 700 companies in Australia, France, Germany, North America and the UK on the attitudes of IT decision-makers (ITDM) around data management. The findings reveal a concerning disconnect between an organisation's confidence and its actual ability to recover from a ransomware attack. While 68% of respondents believe they have a clear plan in place and could quickly recover from a ransomware attack, nearly a quarter (23%) do not test their recovery plans. Of those that do test, nearly half (46%) only test their recovery plans once a year or less.

Further highlighting the difference between the perception and reality of being able to recover from a ransomware attack, the majority (86%) of respondents confirmed they suffered data loss in the past year, with over a quarter (27%) suffering data loss in the last six months. The research also uncovered issues around the budget and complexity of IT infrastructure, which will add to the challenge of ransomware preparedness.

  • Nearly half (46%) of respondents reported that they do not have the budget to manage their data and recover from a failure adequately.
  • Again, nearly half (49%) of respondents reported they have between 3 and 5 different types of systems to manage and protect data. Thirty-three percent have six or more different types of systems.

Said Shridar Subramanian, vice president of marketing and product management at StorageCraft: “Even though ransomware continues to be a scourge on business,with a reported[1] 118% increase of incidents in the first quarter of this year alone, our research shows too many organisations are ill-prepared to protect against it. They must take a reality check and assess and test their ability to protect and recover from a ransomware attack.”

StorageCraft recommends that organisations assess and test their plans for ransomware prevention, remediation, and recovery. First, businesses should identify and locate their business-critical data and take comprehensive steps to protect it. This step includes email security systems, firewalls, regular software updates, clearly audited administrative and access policies, and ongoing user education. However, prevention is not foolproof, which is why a ransomware-specific plan for remediation and recovery is essential. Thwarting ransomware is dependent on an organisations’ data locality (i.e., on-premises, in the cloud or in cloud-based applications such as G Suite and O365) and preferred recovery location. Critical elements of a successful plan for ransomware remediation and recovery include:

  • Immutable Snapshots: To ensure unstructured data can be recovered, companies should protect their information with continuous immutable snapshots. Data captured this way is ‘frozen’ and cannot be overwritten or deleted by ransomware attackers. This ensures an organisation can revert to a secure set of data.
  • Orchestration: A successful recovery process requires that business-critical data and applications are prioritized. Companies using cloud-based recovery should pre-determine the order in which their data and applications will be recovered. This ‘orchestration’ ensures minimal downtime, once data recovery begins.
  • Immediate Recovery: Considering one minute of downtime costs $5,600 according to industry analyst firm Gartner[2], the speed of recovery following a ransomware attack is a crucial element of the remediation and recovery process. Solutions such as StorageCraft VirtualBoot provide the ability to recover virtual and physical infrastructures - and both structured and unstructured data - instantly.
  • Failback: After a successful cloud-based recovery, the last step in remediating a ransomware infection is returning the data infrastructure to its original location and resuming operations as usual. The planned failback process should have a minimal impact on production applicationsto minimise any additional downtime and adverse effect on the business.
Acronis has opened a fully operational Cyber Protection Operation Center (CPOC), which puts the EMEA...
Nebulon has released the results of an independent survey completed by IT decision makers at 500 com...
Purpose-built for ransomware and cloud with the industry’s most scalable platform.
Supermicro has introduced an extension of its market-proven ultra-dense storage solutions with new 6...
New venture will deliver storage cost predictability during unpredictable times.
Quantum has introduced new multi-factor authentication software to the company’s Scalar® i3 and i6 t...
Commvault has introduced a new portfolio of products and services to intelligently manage data. In a...
The University of Reading, one of the foremost research-led universities in the UK, has implemented...