As a solutions architect, the most important advice I give to my clients when designing new ransomware protection and recovery solutions is “Transform your data into a couch!”
The couch ransomware analogy
To understand what I mean by this seemingly silly statement, consider the following scenario:
One day, you answer a phone call from a number you don’t recognize. On the other end of the line, a distorted voice informs you that some of their “associates” had stopped by your home earlier in the day. They broke in, stole your couch, and now they are holding it hostage in an undisclosed location.
The voice then demands that you immediately pay them a Bitcoin ransom, and if you don’t, these associates will cause irreparable harm to your helpless, defenseless couch.
What would be your response be to this person’s attempted extortion? I’d imagine that most people—myself included—would tell the person to get lost and hang up the phone. The interaction would end without the criminal profiting from the crime.
Have a ransomware backup strategy
Now consider this same scenario, with some minor changes to the story:
One day, you answer a phone call from a number you don’t recognize. On the other end of the line, a distorted voice informs you that they have successfully infected your IT environment with malware. The malware has encrypted all your critical business data, and the encryption key to unlock the data is in their possession.
The voice then demands that you immediately pay them a Bitcoin ransom, or else you’ll never be able to use and access your data again.
I suspect that the response to this all-too-familiar scenario would be quite different from the first one.
Why is that? In both scenarios, the “hostages” are non-living things: your sofa and your data.
With the stolen couch, you can just go to the store and purchase a new one. The criminals can’t prevent you from exercising this option.
With the encrypted data scenario, you can protect the critical data with a robust backup solution, and simply try to restore any encrypted data from the most recent backup job. However, in this case, the hackers still have two ways to stop you from recovering data from backups:
- By targeting and encrypting your backup repositories and the storage they reside on, or
- By gaining access to the backup software itself and deleting the backup repositories directly
But there’s hope to stop hackers from disabling your data recovery options.
How to protect your data from ransomware
When designing backup solutions with ransomware protection and recovery in mind, these solutions should always include the following requirements:
- All flash storage to enable fast recovery of large datasets within defined SLAs
- Built-in, always-on ransomware protection features that provide immutable or “air gap” protection for backup data from encryption or malicious deletion
- Compatibility and interoperability with existing investments in data protection
- Cloud-like consumption options that allow you to pay only for the storage you need
With these recommendations in place, you would have the capability to successfully recover from a ransomware attack within your organization’s defined SLAs. That means that you can now respond to the ransom demand for the data the same way you would if the ransom demand were for the couch—by simply saying, “No.”
Whenever that happens, I will know that I have been successful in my goal of transforming my clients’ data into a couch!
With the right people and the right partners, Sirius focuses on solutions that will help you manage your operations, optimize your IT, secure it all, and transform your business.
If you need a plan to stop ransomware in its tracks and recover quickly, be sure to contact us to discuss your specific needs. Our team can help you implement a comprehensive and effective data protection strategy.