Shifting to Software-Defined
cancel
Showing results for 
Search instead for 
Did you mean: 

6 ways to limit your data loss if you're hit with ransomware

JesseStLaurent


ransomware.jpgRansomware is a dominant threat to businesses everywhere that is not going away anytime soon. It’s a reality IT teams acknowledge, but are not always prepared for. Of course, no one thinks that their datacenter will be the next one to fall victim to a ransomware attack, but the statistics are alarming.

According to an FBI report, one ransomware variant in early 2016 compromised as many as 100,000 computers a day. And those statistics are not subsiding. Hackers are constantly inventing new ways to gain access to sensitive information and critical files, evidenced by the fact that ransomware has advanced from the 22nd most common type of malware in Verizon’s 2014 Data Breach Investigations Report to the fifth most common in this year’s report.

Businesses that have a response strategy will be able to better identify the signs of an attack and recover from it more quickly.

Your ransomware response strategy should include six critical steps your business can take to respond better to a cyber attack and avoid data loss and company downtime.

Ransomware Response Strategy

1. Educate the company.

Your IT teams should make sure that everyone knows what is at stake and what steps to take both before and after a ransomware attack occurs. Education is key to not only preventing ransomware from entering the systems but also to stopping it quickly once inside. Ransomware often infiltrates the system by an employee clicking on a link in a seemingly harmless email from an unknown source. With proper education, your staff can identify the most common types of ransomware and the typical ways by which it enters the system. They should also be educated on how prevalent these types of viruses are becoming. Equally important, educate staff on what to do after an attack – who to report issues to, and what steps can be taken to minimize the damage.

2. Know the signs of an attack.

A ransomware attack is most often characterized by the locking of files, folders, and applications until a price is paid in bitcoin to attackers. Attacks will often masquerade as government or police agencies accusing the computer-owner of criminal activity and demanding that payment be made within a certain timeframe or else the user will be arrested. It’s important to recognize attacks quickly so the restoring processes can begin as soon as possible. And it’s important to note: many companies never get their data back, even if they pay the ransom.

3. Correctly define how long your business can be offline and how much data you can afford to lose.

The first step in your ransomware recovery plan is to correctly define the recovery time objectives (RTOs) and recovery point objectives (RPOs) for your company. This is imperative in order to get operations back online without paying attackers. To define your RTOs and RPOs, you must first ask yourself two questions: How long can the business shut down while waiting for the restore to take place, and how many hours of business-critical data can the company afford to lose?

4. Decide on a solution that can meet your defined RTOs and RPOs.

Once you’ve defined your RTOs and RPOs, you have to find a solution that can meet those requirements to get your infrastructure back up and running. According to Ponemon Institute, the average cost of IT downtime is $8,850 per minute. Therefore, a business will be bleeding money for every second spent waiting on requirements to be met. You should make sure to choose a data protection strategy that is not only best for the business, but it also can get the infrastructure running again in the time provisioned.

5. Assess integrated solutions to protect remote and branch offices.

Having multiple backup and disaster recovery solutions only serves to intensify complexity. Simplify your data protection scheme by picking only the solutions that are right for your environment, particularly if you have multiple remote offices (ROBO) to support with small or nonexistent staff at each site. Solutions that offer integrated functions, such as built-in data protection, will help to ease the burden at remote offices and provide better protection to ROBO sites.

6. Ensure your solution is simple enough to allow systems to get back online quickly.

In addition to reducing the complexity of your data protection and backup solutions, seek a datacenter solution that stresses ease of use. Simplicity is most critical when recovering from a ransomware attack.  When IT downtime incurs as much as $8,850 per minute, every second counts and reducing the restore process by a few clicks may make a significant difference.

Peace of mind – built in and guaranteed

Some businesses have turned to HPE SimpliVity powered by Intel® because it makes ransomware protection simple with its built-in data protection. When using HPE SimpliVity’s built-in backup capability, it takes less than one minute, on average, to complete a local backup or local restore of a 1TB VM, guaranteed. In fact, one customer fell victim to a ransomware attack when transferring data from the previous infrastructure to the new hyperconverged solution. They were able recover data quickly and avoided any downtime and expenses. Had the attack occurred during a period when they were still backing up to tape, the business would have lost almost 12 hours of data. Thankfully, they only lost less than an hour of data with HPE SimpliVity.

Ransomware is a threat to every business. IT teams need to recognize this fact and adjust their data protection strategies accordingly. Organizations should work under the assumption that they will eventually become infected and should focus on minimizing downtime once infected, as well as have a data protection strategy in place that supports their defined RTOs and RPOs. Using the six steps listed above, the damage done by ransomware can be minimized.

For more information on hyperconvergence for data protection, download the free e-book: Hyperconverged Infrastructure for Dummies.

Jesse

Follow HPE Composable Infrastructure

0 Kudos
About the Author

JesseStLaurent

Events
Nov 27 - 29
Madrid, Spain
HPE Discover 2018 Madrid
Learn about all things HPE Discover 2018 in Madrid, Spain, 27 - 29 November, 2018.
Read more
See posts for
dates/locations
HPE at 2018 Technology Events
Learn about the technology events where Hewlett Packard Enterprise will have a presence in 2018.
Read more
View all