Key Factors to Keep in Mind when Deploying DRaaS for Safeguarding against Ransomware

WhattoConsiderwhen ImplementingDRaaSfor

AccordingtoGartner,downtimecostsmorethan$5,600aminute;therefore,everybusinessneeds areliablemeansofbackupanddisasterrecovery.

DisasterRecoveryasaservice(DRaaS)providesrecoveryinthecloudandisacost-effective andhighlyefficiententerprisedataprotectionsolutiontotackledowntime,datasecurity,and improvedataavailability.

Inthisblog,we’llsharewhatbackupadministratorsneedtoaskthemselvesinordertochoose andsetupaDRaaSsolutionthatworksfortheirorganization.

UnderstandYourCurrentRiskFactor

Thenumberofransomwareattacksisincreasingyearly,andeveryorganizationisatrisk. However,everyorganization’srisklevelwillbedifferent Yourorganizationmightbeatahigherrisk levelifyourcompanybelongstoahighlytargetedindustrysuchasmanufacturing,financeor healthcare

Moreover,complianceregulations,suchasFISMA,FedRAMP,CJIS,HIPAA,SOX,FINRA, requireservice providerstoimplementdatasecurityandprotectionmeasurestopreventdataloss,limit downtime,andensureemployee/customerdataprivacy Whiletheseregulationshaveimproved dataaccessandsecurityforthecustomer,theyhavealsoincreasedtheresponsibilityof organizationstoprotectthedataagainstmisuse,theft,orlossFailingtocomplywiththese regulationscanresultinfinesandincreaseyourorganization’sriskfactor.

Ontheotherhand,inordertocomplywiththeseregulations,organizationsneedtoinvestin cybersecurity,andbackupanddisasterrecoverysolutions;whichcanbeunnecessarilyexpensive, ifnotdoneright

Thebestwaytoascertainyourriskisthroughafullsecurityassessmenttoexposetheunderlining issuesandgapsinyourcurrentinfrastructureandthendocumentthoseareaswhichneed improvement.Thisdocumentwillhelpguidetheservicelicenseagreementconversationwiththe disasterrecoveryasaservice(DRaaS)provider,leavinglittleroomforsurprisesandunplanned downtime.

Herearesomethingsthatyouneedtoconsiderforathoroughriskassessment:

Identifymission-criticalapplications

Whatwillbetheimpactifoneormorecriticalapplicationbecomesunavailable?

Identifythefinancialimpactofeachapplicationbecomingunavailable.

Documentandassesstheproceduresfortheprotectionofmission-criticalapplications

DeterminetherequiredrecoverytimesforeachcriticalapplicationandwhatRTPOsyoucan achievewithremoteDisasterRecoveryversuslocalDRsite.ThiswillthenhelpdecidewhichDR setupworksforwhichapplication/workload

WhatistheCurrentStateofYourDRandBackupInfrastructure?

Ifyourorganizationisusingadisasterrecoverysolutionandyouwanttoswitchtoor complementyourexistingsolutionwithDRaaS,thesequestionscanhelpsimplifytheprocess:

Howfastcanyoursystemsrecover?(recoverytimeandpointobjectivesRTPOs)

Candataberestoredintheeventtheprimarycopy(orcopies)is/areunavailable,corrupted, orencrypted?

Arebackupcopiesprotected,andisolated,frommaliciousencryption/deletionintheeventa hacker/ransomwaregainsaccesstotheproductionnetwork?

Ifahacker,orransomware,weretogainaccesstothebackupserver,aretheyimmutableand safefrommodification,oraretheyatriskofmaliciousencryption/deletion?

Isbackupandrecoveryregularlytested,andupdated?Preferablyinanisolatedenvironment withoutimpactingproduction.

Assesstheperformanceandefficiencyofthebackupandrecoverysystemtodetermineits capabilitiesandtolearnwhatimprovementsyouneedviaaDRaaSsolution

ThefollowingshouldbetakenintoaccounttoascertainthecurrentstateofyourbackupandDR infrastructure:

BackupandDisasterRecoveryPerformance

Isdatabeingbackedupwithintheexpectedtimeframe?

Istheorganizationmeetingitsexpectedservicelevelagreements?

IstheDRsystemcapableofmeetingsetRTPOsintheeventofadisaster?

DeterminingtheBackupQuality

Whatisthebackupsuccesstofailureratio?

Istheinfrastructurecapableoftrackingandresolvingfailedbackupjobs?

Arebackupsregularlytestedtoensurethattheyarerecoverable?

Isbackupdataprotectedatrestandintransit?

AssessingRestoreCapabilities

Candataberestoredifprimarybackupcopyisencryptedordeletedbyransomware?

Howquicklycantheprimarysystemfailoverintheeventproductionisunavailable?

Howoftenarebackupstestedtoensuretheyarenotcorruptedandareavailablefordata recoverywhenneeded?

DoestheITteamperformexposureandgapanalysisbetweenrecoverygoalsandactual capabilities?

Isredundancybuiltintorecoverysystems(RAID,erasurecoding,3-2-1strategy,etc)?

ThesequestionswillsetrealisticexpectationsandwillinformtheDRaaSprovideraboutyour backupandrecoveryneeds.

WhatwillbetheFinancialRamificationsofanOutageDuringa Disaster?

Whilequantifyingthefinancialimpactofadisasterisonepartoftheequation,youalsoneedto considerthelossofreputationandgoodwill,fines,legalimplications,andothercoststhataddto thetotalcostofunplanneddowntime

Notonlydoyouwanttocalculatetheapparentcostofdatalossbutalsothelegalramifications andtheactualimpactofthelostinformationwhengoingforaDRaaSsolutionButitisdifficultto ascertainexactlyhowmuchmoneyyouwillloseifyourcriticalinfrastructuregoesdown Formoreinformation,readhowtocalculatethecostofdowntime

Withclouddisasterrecoveryservices,organizationscangetreliableoffsiterecoverywithout havingtoinvestinhardware.Moreover,organizationscanrelyontheexpertiseoftheDRaaS serviceproviderwhichallowsthemtoinvestsparinglyinhiringprofessionalswithrelevant expertise

Furthermore,cloudDRisanecessarystepinbuildinganinfrastructurecapableofsurvivinga ransomwareattackbecauseitallowsadministratorstostoreoffsitecopies;andsecurethem withdatasecurityfeaturessuchasimmutabilityandair-gap.

UnderstandingtheImpactofaDisasteronYourCustomers

Whathappenstoyourcustomerafteryourbusinessisaffectedbyadisaster?Today’s businessesdemandinstantfulfilmentofcommitmentsEvenasmallamountofdowntimecan resultinlossofcustomerloyalty,andaminuteofdowntimecancauseawell-builtbusiness reputationtocollapse

Additionally,therearenumerouscaseswhereacompromiseofaserviceprovider’snetworkled todisruptionandlossesfortheircustomersThesetypesofattacks,whereasystem/network

compromiseimpactsthecompany’scustomers,arecalledsupplychainattacksAnaptexample istheKaseyabreach

ServiceLicenseAgreements(SLAs)mustalsotakeintoaccountthecustomerexperienceinthe eventofadisaster

Bydeterminingwhichapplication(s)affectcustomersthemostallowsbackupadministratorsto planRTOsandRPOsanddefineSLAsaccordingly.

ChoosingYourDisasterRecoveryasaService(DRaaS)Solution

WhenchoosingaDRaaSsolution,it’simportanttobearinmindthatwhatworksforone,maynot workfortheother That’sbecauseproductioninfrastructureisuniquetoeachorganizationAsa result,thedataprotectionsolutionsmustbedesignedtocomplementitwhichiswhytheytooare unique

TohelpyoufindtherightDRaaSforyourneeds,herearesomequestionsyouneedtoaskwhen analyzingasolution:

Doesitincludeisolation(orair-gap)?

Ifbackupcopiesarenotisolatedandair-gapped,thentheyareasvulnerableasproductionIfa hackerorransomwaregainsaccesstothenetwork,thenthebackupserver(s)canendup encryptedwhichwillpreventdatarecovery.

Arebackupsimmutable?

Intheeventthehackerorransomwareistogainaccesstothebackup(s),aretheyprotected fromchanges/modifications/deletion?Ifnot,thenthemaliciousactorscanpreventdata recoverybyencryptingordeletingthebackups

Furthermore,immutabilityalsohelpscompliancewithindustryregulationssuchasHIPAA, FedRAMP,FISMA,CJIS,andhelpsorganizationsgetcyber-insurancefortheircriticalapplications.

Formoreoncyber-insuranceandimmutability,readmeetcyberinsurancerequirementswith immutablebackups.

Isadminaccessprotectedviamulti-factorauthentication?

Analysisofmultiplesuccessfulransomwareattacksrevealthathackersgainedaccesstothe networkviaacompromisedadminaccount.Therefore,it’snecessarytocontroladminaccessto criticalsystems,productionandbackup,usingmulti-factorauthentication(MFA).

Preferably,MFAshouldbeimplementedforeachendpointinthesystemincludingstorage, backupservers,networkcontrollers,etc.

WhatmanagementoptionsdoestheDRaaSprovideroffer?

Whileitvariesbasedonthevendor,DRaaSisoftenavailablewiththreemanagementoptions:

1.Self-ManagedDRaaS:Theoptionwheretheresponsibilityofconfiguration,management, monitoring,andrestoreistakencareofbyyourin-houseITteamWhiletheserviceprovider providesthebackupsoftware,andthesecureinfrastructureforthebackupcopies

2.PartiallyManagedDRaaS:Inthismanagementoption,partoftheresponsibilityofdisaster recoverylieswithyourin-houseITteamwhiletherestismanagedbytheserviceprovider’s

expertsThespecificsvarydependingonthearrangementbetweentheserviceproviderandthe customer

3.FullyManagedDRaaS:Asthenameimplies,inthiscase,alloftheresponsibilitylieswiththe serviceproviderfrominstallation,configuration,management,monitoring,testing,andtorestore; everything’sincluded

Whoisresponsibleforwhat?

Consideringthespecificityandrequirementsofmostdataprotectionanddataprivacy regulations,it’snecessarytoclarifytheresponsibilitiesoftheserviceproviderversusthedata owner

DependingonthechosenDRaaSmanagementoption,thescopeoftheresponsibilitymayvary. However,it’simportanttonotethatregardlessofwhomanageswhat,whileDRaaSprovidethe backuptoolsandmanagement,it’stheresponsibilityofthedataowner(thecustomer),to ensureeffectivedatasecurityanddataprotectionThisincludesanyliabilitythatmayincurinthe eventofadisaster

Conclusion

DisasterRecoveryasaService(DRaaS)providesthenecessarytoolstoorganizationstoprotect employee/customerdatafromcyber-threatssuchasransomware,hackers,malicious employees,etc.

TheprimarybenefitofDRaaSisthatbusinessesgainaccesstoprofessionaldataprotection capabilitieswithouthavingtoinvestinhardwareorspendingtimetrainingITpersonnel.Moreover, theorganizationremainsprotectedevenifanin-houseexpertisunavailablewhichisafixto situationswhereemployeesaresick,onleave/vacation,orwhentheyleavethecompany

Furthermore,withcapabilitiessuchascloudair-gappedbackupsandimmutability,DRaaScan bethedifferencebetweencompletedisruptionanddataloss,andaminorinconvenience;inthe eventofaransomwareattack.

Lookingtoprotectyourcriticalapplicationsusingdisasterrecoveryasaservice(DRaaS)?We canhelp!

Checkoutourbackupanddisasterrecoveryasaservice(BDRaaS)solutionformoredetailsGot questions?Fillouttheformonourcontactuspagetotalktoourexpertsfordemos,quotes,and moreinformation.

CompareArrayvsHostvsHypervisorvsNetwork-BasedReplication

MirroringvsReplicationvsClustering:ADataProtectionComparison

ComparingHighAvailabilityvsFaultTolerancevsDisasterRecovery

BaaSvsRaaSvsDRaaSComparison–WhichisBest

GETINTOUCHWITHUS

ContactName*

Company*

Phone*(extensionscanbeenteredinthe"Message"field)

EmailAddress*

Message

*Allfieldswithanasteriskarerequired

Send

Bysubmittingthisrequestyouagreetobecontactedandreceiveproductinformationviaemail orcall.Youmayunsubscribeatanypoint.

ABOUTSTONEFLY

Foundedin1996andheadquarteredinCastroValley–StoneFly,Inc wasestablishedwiththevisiontosimplify, optimizeanddeliverhighperformancebudget-friendlydatacentersolutionsforSMBs,SMEs,andlarge enterprises BeginningwithitsregistrationoftheiSCSIcomInternetdomainnameinMarch1996,StoneFlyhas madeiSCSIintoastandardwhichisnowusedbyITprofessionalsaroundtheworld

Withover24yearsofinnovationindatastorage,hyperconvergedinfrastructure(HCI),andbackupanddisaster recovery(DR)industriesandtechnologypartnershipswithmarketleaderslikeVMware,Veeam,MicrosoftAzure, andAWScloud,StoneFly’srangeofever-growingdatamanagementproductscontinuetogrowandinclude physical,virtual,andcloudsolutionssuchasNAS,SAN,S3,unifiedNAS+SAN+S3appliances,storagegateways, backupgateways,completebackupandDRsystems,RAIDsystems,IPvideosurveillancestoragesystems,data migrationsoftwareandmore–poweredbyStoneFly’spatented8thgenerationstoragevirtualizationsoftware StoneFusion™andintegratedwithenterprisefeaturesanddataservices

LearnMore

©2023StoneFly|AllRightsReserved