DR planning with Disaster-Recovery-as-a-Service (DRaaS) has a brilliant application: It can help protect your business during ransomware attacks, securing your backups and restoring your data, potentially in minutes. Good DRaaS providers follow strict guidelines and a specific set of requirements to protect your backups against ransomware. Additionally, DRaaS can satisfy regulatory mandates, save your IT budget from unplanned person-hours and hardware costs.
Ransomware is Real, Expensive, and Growing
As of January 2017, ransomware is a billion-dollar a year criminal industry and climbing as of January 2017, according to a 2017 NBC News report. The number of ransomware strains grew 600% during the year ending in January, according to the PCI Security Standards Council. As long as enterprise and SMB data are vulnerable, criminal hackers have no reason to abandon ransomware.
According to a Marketsandmarkets.com report, DRaaS will rise from a $1.42 Billion market in 2015 to $11.92 Billion in 2020, at a Compound Annual Growth Rate (CAGR) of 52.9%,.
DRaaS works when ransomware strikes
Enterprises and SMBs are finding DRaaS a robust solution to substantial downtime costs and the debilitating results of data loss, according to Marketsandmarkets.com. DRaaS offers the best DR planning response to ransomware to date.
DRaaS solutions protect backups against ransomware attacks because of the nature of the service provided: available, continuous copies (or snapshots) of your data. Deleting or altering backups automatically when/if certain production data is changed, as some cloud backup solutions do, is risky business. If an update or edit to production data then triggers a change to an entire repository of cloud-based backups, a ransomware attack that encrypts production files could cost your business their backups, and data restoration would be impossible.
Tip #1: Make sure to use a DRaaS solution that offers versioning of files and data so you can always restore from an uninfected version.
Disaster-Recovery-as-a-Service typically permits access to cloud backups only through a centralized portal or application. Neither the service nor the portal is part of your network. Therefore, a ransomware attack cannot access your production environment or your backups in the cloud.
Tip #2: Ensure that your network credentials are not accessible to ransomware by utilizing an extra layer of protection that a DRaaS solution can provide.
Challenges around legacy cloud backups
Without DRaaS, recovery from cloud backups can take hours, making it hard to meet RTOs. Legacy cloud backups often require retrieval of your most recent backup first, then rebuilding of the applications and data and finally, the testing phase which can determine whether you have restored an infected copy. If the copy turns out to be infected, you may have to repeat the process until you come to a usable copy.
Advantages to using DRaaS for ransomware attack recovery
1 DRaaS solutions can capitalize on the cloud’s inherent replication capabilities by offering tiered backups. These backups can retrieve data of differing types and priorities from different storage tiers to meet varying Recovery Time Objectives (RTOs) and Recovery Point Objectives (RPOs). DRaaS can distribute backups to keep multiple copies of the same backups in different media and locations to keep infected media from having direct access to backups.
2 DRaaS enables automatic failover to a cloud DR environment and brings data up at the recovery site immediately, allowing you access to your data without delay. By browsing drive images in the cloud from before the attack, you can be sure that ransomware has not encrypted the backup data you choose to use.
3 With DRaaS, quick recoveries mean fast, efficient recovery testing. This is important to ensure you can meet your desired RTOs and RPOs and pass audits for compliance with government regulations. DRaaS enables recovery testing to a cloud recovery site; you won’t need to tie up or risk your production environment as a recovery destination to test your backups. Given the speed of recovery using DRaaS, you can easily perform recovery testing as frequently as needed.
4 DRaaS enables enterprises and SMBs to free IT assets to meet core business objectives, and redirect IT security person-hours to defend against cyberattacks in progress. DRaaS shrinks the on-premise IT hardware footprint necessary for data recovery, creating cost savings. Utilizing this service allows your team to outsource DR expertise to the cloud provider, saving time and budget dollars.
The new normal
Malware, which currently includes ransomware, is not going away. To minimize successful ransomware attacks, businesses must focus on closing the gaps in IT - using the strongest recovery methods available for business continuity and disaster recovery.
SVP Strategic Business Operations Bob Hicks brings more than 30 years of industry experience to his current role, leading the implementation teams and service delivery managers who comprise TierPoint’s customer implementation organization. Bob is a customer-focused executive with a strong technology background. Prior to joining TierPoint, Bob served as Chief Operating Officer at DBSi in Pennsylvania, and in senior sales leadership and business management positions at two Florida-based system integrators.