WhattoConsiderwhen ImplementingDRaaSfor ransomwareprotection
RecentPosts
AccordingtoGartner,downtimecostsmorethan$5,600aminute;therefore,everybusinessneedsa reliablemeansofbackupanddisasterrecovery
DisasterRecoveryasaservice(DRaaS)providesrecoveryinthecloudandisacost-effectiveandhighly efficiententerprisedataprotectionsolutiontotackledowntime,datasecurity,andimprovedata availability
Inthisblog,we’llsharewhatbackupadministratorsneedtoaskthemselvesinordertochooseandset upaDRaaSsolutionthatworksfortheirorganization
UnderstandYourCurrentRiskFactor
Thenumberofransomwareattacksisincreasingyearly,andeveryorganizationisatriskHowever,every organization’srisklevelwillbedifferentYourorganizationmightbeatahigherrisklevelifyourcompany belongstoahighlytargetedindustrysuchasmanufacturing,financeorhealthcare
Moreover,complianceregulations,suchasFISMA,FedRAMP,CJIS,HIPAA,SOX,FINRA,requireservice providerstoimplementdatasecurityandprotectionmeasurestopreventdataloss,limitdowntime,and ensureemployee/customerdataprivacyWhiletheseregulationshaveimproveddataaccessand securityforthecustomer,theyhavealsoincreasedtheresponsibilityoforganizationstoprotectthe dataagainstmisuse,theft,orlossFailingtocomplywiththeseregulationscanresultinfinesand increaseyourorganization’sriskfactor
Ontheotherhand,inordertocomplywiththeseregulations,organizationsneedtoinvestin cybersecurity,andbackupanddisasterrecoverysolutions;whichcanbeunnecessarilyexpensive,ifnot doneright
Thebestwaytoascertainyourriskisthroughafullsecurityassessmenttoexposetheunderliningissues andgapsinyourcurrentinfrastructureandthendocumentthoseareaswhichneedimprovementThis documentwillhelpguidetheservicelicenseagreementconversationwiththedisasterrecoveryasa service(DRaaS)provider,leavinglittleroomforsurprisesandunplanneddowntime
Herearesomethingsthatyouneedtoconsiderforathoroughriskassessment:
Identifymission-criticalapplications
Whatwillbetheimpactifoneormorecriticalapplicationbecomesunavailable?
Identifythefinancialimpactofeachapplicationbecomingunavailable
Documentandassesstheproceduresfortheprotectionofmission-criticalapplications
On-Premisevs
PrivateCloud: Choosingthe Right
Infrastructurefor YourBusiness Needs Enterprise Cybersecurity Solutions:Best Practicesand Strategiesfor DataProtection Upgrade3-2-1 RulewithVeeam ONEv12’s Immutabilityand Monitoring
2022
Ransomware AttackTrend Report:Key Findings
DeterminetherequiredrecoverytimesforeachcriticalapplicationandwhatRTPOsyoucanachieve withremoteDisasterRecoveryversuslocalDRsiteThiswillthenhelpdecidewhichDRsetupworksfor whichapplication/workload
WhatistheCurrentStateofYourDRandBackupInfrastructure?
Ifyourorganizationisusingadisasterrecoverysolutionandyouwanttoswitchtoorcomplementyour existingsolutionwithDRaaS,thesequestionscanhelpsimplifytheprocess:
Howfastcanyoursystemsrecover?(recoverytimeandpointobjectivesRTPOs)
Candataberestoredintheeventtheprimarycopy(orcopies)is/areunavailable,corrupted,or encrypted?
Arebackupcopiesprotected,andisolatedfrommaliciousencryption/deletionintheeventa hacker/ransomwaregainsaccesstotheproductionnetwork?
Ifahacker,orransomware,weretogainaccesstothebackupserver,aretheyimmutableandsafe frommodification,oraretheyatriskofmaliciousencryption/deletion?
Isbackupandrecoveryregularlytested,andupdated?Preferablyinanisolatedenvironmentwithout impactingproduction
Assesstheperformanceandefficiencyofthebackupandrecoverysystemtodetermineitscapabilities andtolearnwhatimprovementsyouneedviaaDRaaSsolution
ThefollowingshouldbetakenintoaccounttoascertainthecurrentstateofyourbackupandDR infrastructure:
BackupandDisasterRecoveryPerformance
Isdatabeingbackedupwithintheexpectedtimeframe?
Istheorganizationmeetingitsexpectedservicelevelagreements?
IstheDRsystemcapableofmeetingsetRTPOsintheeventofadisaster?
DeterminingtheBackupQuality
Whatisthebackupsuccesstofailureratio?
Istheinfrastructurecapableoftrackingandresolvingfailedbackupjobs? Arebackupsregularlytestedtoensurethattheyarerecoverable? Isbackupdataprotectedatrestandintransit?
AssessingRestoreCapabilities
Candataberestoredifprimarybackupcopyisencryptedordeletedbyransomware? Howquicklycantheprimarysystemfailoverintheeventproductionisunavailable? Howoftenarebackupstestedtoensuretheyarenotcorruptedandareavailablefordatarecovery whenneeded?
DoestheITteamperformexposureandgapanalysisbetweenrecoverygoalsandactual capabilities?
Isredundancybuiltintorecoverysystems(RAID,erasurecoding,3-2-1strategy,etc)?
ThesequestionswillsetrealisticexpectationsandwillinformtheDRaaSprovideraboutyourbackupand recoveryneeds
WhatwillbetheFinancialRamificationsofanOutageDuringa Disaster?
Whilequantifyingthefinancialimpactofadisasterisonepartoftheequation,youalsoneedto considerthelossofreputationandgoodwill,fines,legalimplications,andothercoststhataddtothe totalcostofunplanneddowntime
Notonlydoyouwanttocalculatetheapparentcostofdatalossbutalsothelegalramificationsand theactualimpactofthelostinformationwhengoingforaDRaaSsolutionButitisdifficulttoascertain exactlyhowmuchmoneyyouwillloseifyourcriticalinfrastructuregoesdown Formoreinformation,readhowtocalculatethecostofdowntime
Withclouddisasterrecoveryservices,organizationscangetreliableoffsiterecoverywithouthavingto investinhardwareMoreover,organizationscanrelyontheexpertiseoftheDRaaSserviceproviderwhich allowsthemtoinvestsparinglyinhiringprofessionalswithrelevantexpertise
Furthermore,cloudDRisanecessarystepinbuildinganinfrastructurecapableofsurvivinga ransomwareattackbecauseitallowsadministratorstostoreoffsitecopies;andsecurethemwithdata securityfeaturessuchasimmutabilityandair-gap
UnderstandingtheImpactofaDisasteronYourCustomers
Whathappenstoyourcustomerafteryourbusinessisaffectedbyadisaster?Today’sbusinesses demandinstantfulfilmentofcommitmentsEvenasmallamountofdowntimecanresultinlossof customerloyalty,andaminuteofdowntimecancauseawell-builtbusinessreputationtocollapse
Additionally,therearenumerouscaseswhereacompromiseofaserviceprovider’snetworkledto disruptionandlossesfortheircustomersThesetypesofattacks,whereasystem/networkcompromise impactsthecompany’scustomers,arecalledsupplychainattacksAnaptexampleistheKaseya breach
Howis Ransomware Affectingthe Healthcare IndustryServiceLicenseAgreements(SLAs)mustalsotakeintoaccountthecustomerexperienceintheeventofa disaster
Bydeterminingwhichapplication(s)affectcustomersthemostallowsbackupadministratorstoplan RTOsandRPOsanddefineSLAsaccordingly
ChoosingYourDisasterRecoveryasaService(DRaaS)Solution
WhenchoosingaDRaaSsolution,it’simportanttobearinmindthatwhatworksforone,maynotwork fortheotherThat’sbecauseproductioninfrastructureisuniquetoeachorganizationAsaresult,the dataprotectionsolutionsmustbedesignedtocomplementitwhichiswhytheytooareunique
TohelpyoufindtherightDRaaSforyourneeds,herearesomequestionsyouneedtoaskwhen analyzingasolution:
Doesitincludeisolation(orair-gap)?
Ifbackupcopiesarenotisolatedandair-gapped,thentheyareasvulnerableasproductionIfa hackerorransomwaregainsaccesstothenetwork,thenthebackupserver(s)canendupencrypted whichwillpreventdatarecovery
Arebackupsimmutable?
Intheeventthehackerorransomwareistogainaccesstothebackup(s),aretheyprotectedfrom changes/modifications/deletion?Ifnot,thenthemaliciousactorscanpreventdatarecoveryby encryptingordeletingthebackups
Furthermore,immutabilityalsohelpscompliancewithindustryregulationssuchasHIPAA,FedRAMP,FISMA, CJIS,andhelpsorganizationsgetcyber-insurancefortheircriticalapplications
Formoreoncyber-insuranceandimmutability,readmeetcyberinsurancerequirementswithimmutable backups
Isadminaccessprotectedviamulti-factorauthentication?
Analysisofmultiplesuccessfulransomwareattacksrevealthathackersgainedaccesstothenetwork viaacompromisedadminaccountTherefore,it’snecessarytocontroladminaccesstocriticalsystems, productionandbackup,usingmulti-factorauthentication(MFA)
Preferably,MFAshouldbeimplementedforeachendpointinthesystemincludingstorage,backup servers,networkcontrollers,etc
WhatmanagementoptionsdoestheDRaaSprovideroffer?
Whileitvariesbasedonthevendor,DRaaSisoftenavailablewiththreemanagementoptions:
1Self-ManagedDRaaS:Theoptionwheretheresponsibilityofconfiguration,management,monitoring, andrestoreistakencareofbyyourin-houseITteamWhiletheserviceproviderprovidesthebackup software,andthesecureinfrastructureforthebackupcopies
2PartiallyManagedDRaaS:Inthismanagementoption,partoftheresponsibilityofdisasterrecovery lieswithyourin-houseITteamwhiletherestismanagedbytheserviceprovider’sexpertsThespecifics varydependingonthearrangementbetweentheserviceproviderandthecustomer
3FullyManagedDRaaS:Asthenameimplies,inthiscase,alloftheresponsibilitylieswiththeservice providerfrominstallation,configuration,management,monitoring,testing,andtorestore;everything’s included
Whoisresponsibleforwhat?
Consideringthespecificityandrequirementsofmostdataprotectionanddataprivacyregulations,it’s necessarytoclarifytheresponsibilitiesoftheserviceproviderversusthedataowner DependingonthechosenDRaaSmanagementoption,thescopeoftheresponsibilitymayvary However,it’simportanttonotethatregardlessofwhomanageswhat,whileDRaaSprovidethebackup toolsandmanagement,it’stheresponsibilityofthedataowner(thecustomer),toensureeffectivedata securityanddataprotectionThisincludesanyliabilitythatmayincurintheeventofadisaster
Conclusion
DisasterRecoveryasaService(DRaaS)providesthenecessarytoolstoorganizationstoprotect employee/customerdatafromcyber-threatssuchasransomware,hackers,maliciousemployees,etc
TheprimarybenefitofDRaaSisthatbusinessesgainaccesstoprofessionaldataprotectioncapabilities withouthavingtoinvestinhardwareorspendingtimetrainingITpersonnelMoreover,theorganization remainsprotectedevenifanin-houseexpertisunavailablewhichisafixtosituationswhereemployees aresick,onleave/vacation,orwhentheyleavethecompany
Furthermore,withcapabilitiessuchascloudair-gappedbackupsandimmutability,DRaaScanbethe differencebetweencompletedisruptionanddataloss,andaminorinconvenience;intheeventofa ransomwareattack
Lookingtoprotectyourcriticalapplicationsusingdisasterrecoveryasaservice(DRaaS)?Wecanhelp!
Checkoutourbackupanddisasterrecoveryasaservice(BDRaaS)solutionformoredetailsGot questions?Fillouttheformonourcontactuspagetotalktoourexpertsfordemos,quotes,andmore
GETINTOUCHWITHUS
ContactName*
Company*
Phone*(extensions canbe enteredinthe Message �eld)
EmailAddress*
Message
ABOUTSTONEFLY
Foundedin1996andheadquarteredinCastro Valley – StoneFly,Inc was establishedwiththe visionto simplify optimize anddeliverhighperformance budget-friendly data centersolutions forSMBs SMEs andlarge enterprises Beginningwithits registrationof the iSCSIcomInternetdomainname inMarch1996
StoneFly has made iSCSIinto a standardwhichis nowusedby ITprofessionals aroundthe world
Withover24years of innovationindata storage,hyperconvergedinfrastructure (HCI) andbackupanddisasterrecovery (DR)industries andtechnology partnerships withmarketleaders like VMware,Veeam,MicrosoftAzure,andAWS cloud StoneFly’s range of ever-growingdata managementproducts continue to growandinclude physical,virtual,andcloudsolutions suchas NAS,SAN,S3,uni�ed NAS +SAN+S3appliances,storage gateways,backupgateways,complete backup andDRsystems,RAIDsystems,IP video surveillance storage systems,data migrationsoftware andmore – poweredby StoneFly’s patented8thgeneration storage virtualizationsoftware StoneFusion™ andintegratedwithenterprise features anddata services
*All�elds withanasterisk are required