Business Continuity in the Age of Ever Evolving Ransomware

Andrew Martin, Director APAC & Japan, Zerto

Andrew Martin, Director APAC & Japan, Zerto

Zerto, is a dual-headquartered company (US & Israel) providing Disaster Recovery and enterprise-class Business continuity software for virtualized infrastructure and the cloud. The company is known for its ‘hypervisor-based replication software’, Zerto Virtual Replication.

Every day seems to bring news of another ransomware attack, or a new strain of the malware. It seems likely too, that there are even more incidents than we read about. Incidents where companies paid up rather than openly declared they had been targeted and that their data had been at risk. Data is one of the most important assets an organisation has. The price of paying the ransom is often lower than losing the company’s data, reputation and possibly entire business. With strainsevolving in sophistication and now reportedly capable of encrypting an entire network, no company is safe sticking to the narrow view of ‘keep the virus out’.

Effectively defeating the threat of ransomware means being able to recover critical applications and data within minutes. Backup solutions and firewalls alone do not offer this. Businesses need comprehensive Business Continuity (BC) and Disaster Recovery (DR) capabilitiesthat deliver fast recovery point objectives (RPOs) and recovery time objectives (RTOs).The challenge is many BC/DR plans involvelimited, technical point products.

Many organisations already have some form of backup process in place for standard audit requirements as mandated for highly regulated industries. However when disaster strikes it is the first few minutes that are critical, which businesses need to recover within those minutes, not hours, and as completely as possible. Relying on incomplete backups taken 12-24 hours previously could take hours to restore,leaving businesses with downtime they cannot afford and can be easily avoided.

Too often IT hasa very narrow view on security, simply focusing ondetecting and preventing intrusions. A more holistic approach involves a three-pronged strategy, which augments the detection and prevention of intrusions withfast recovery of critical data and applications to ensure uninterrupted business operations.

With proper DR processes and supporting technologies in place that provide instant access to data in the event a virus does break through, the impact can be highly minimalised. Advanced DR platforms help avoid downtime by allowing organisations to go back to the secondsbefore a file, application, or folder was lost. This nullifiesransomware as this “criminal disaster” is neutralisedand business as usualis quickly resumed.

Protecting against a virus is of course the first line of defensive, but this is proving more difficult as malware continues to evolve. Working from backups is time consuming and often out of date, but advanced DR allows businesses to recover from an outage or virus by re-winding their VMs to a point in time where the infection simply didn’t exist.

Successfully meeting compliance initiatives after a disaster is an added pressure for organisations with highly sensitive data, such as the healthcare, financial, legal and public sectors. These are the very sectors targeted most by the current wave of ransomware attacks. In the event of a disaster or a malware infection, these organisations come under increased pressure from regulatory bodies and the public. Failure to comply andrecover data within an adequate amount of time could result in costly fines and other negative repercussions.

In the digital age data is crucial to running nearly all businesses. As ransomware threats increase and the strains become more advanced, having a comprehensive BC/DRstrategy in place is paramount. Instead of discussing the options of paying or losing your data, you can instead restore to the seconds before the attack even took place, gaining confidence to keep your business moving forward.