What to Think About When Using DRaaS to Protect Against Ransomware.

WhattoConsiderwhen ImplementingDRaaSfor ransomwareprotection

RecentPosts

AccordingtoGartner,downtimecostsmorethan$5,600aminute;therefore,everybusinessneedsa reliablemeansofbackupanddisasterrecovery

DisasterRecoveryasaservice(DRaaS)providesrecoveryinthecloudandisacost-effectiveandhighly efficiententerprisedataprotectionsolutiontotackledowntime,datasecurity,andimprovedata availability

Inthisblog,we’llsharewhatbackupadministratorsneedtoaskthemselvesinordertochooseandset upaDRaaSsolutionthatworksfortheirorganization

UnderstandYourCurrentRiskFactor

Thenumberofransomwareattacksisincreasingyearly,andeveryorganizationisatriskHowever,every organization’srisklevelwillbedifferentYourorganizationmightbeatahigherrisklevelifyourcompany belongstoahighlytargetedindustrysuchasmanufacturing,financeorhealthcare

Moreover,complianceregulations,suchasFISMA,FedRAMP,CJIS,HIPAA,SOX,FINRA,requireservice providerstoimplementdatasecurityandprotectionmeasurestopreventdataloss,limitdowntime,and ensureemployee/customerdataprivacyWhiletheseregulationshaveimproveddataaccessand securityforthecustomer,theyhavealsoincreasedtheresponsibilityoforganizationstoprotectthe dataagainstmisuse,theft,orlossFailingtocomplywiththeseregulationscanresultinfinesand increaseyourorganization’sriskfactor

Ontheotherhand,inordertocomplywiththeseregulations,organizationsneedtoinvestin cybersecurity,andbackupanddisasterrecoverysolutions;whichcanbeunnecessarilyexpensive,ifnot doneright

Thebestwaytoascertainyourriskisthroughafullsecurityassessmenttoexposetheunderliningissues andgapsinyourcurrentinfrastructureandthendocumentthoseareaswhichneedimprovementThis documentwillhelpguidetheservicelicenseagreementconversationwiththedisasterrecoveryasa service(DRaaS)provider,leavinglittleroomforsurprisesandunplanneddowntime

Herearesomethingsthatyouneedtoconsiderforathoroughriskassessment:

Identifymission-criticalapplications

Whatwillbetheimpactifoneormorecriticalapplicationbecomesunavailable?

Identifythefinancialimpactofeachapplicationbecomingunavailable

Documentandassesstheproceduresfortheprotectionofmission-criticalapplications

On-Premisevs

PrivateCloud: Choosingthe Right

Infrastructurefor YourBusiness Needs Enterprise Cybersecurity Solutions:Best Practicesand Strategiesfor DataProtection Upgrade3-2-1 RulewithVeeam ONEv12’s Immutabilityand Monitoring

2022

Ransomware AttackTrend Report:Key Findings

DeterminetherequiredrecoverytimesforeachcriticalapplicationandwhatRTPOsyoucanachieve withremoteDisasterRecoveryversuslocalDRsiteThiswillthenhelpdecidewhichDRsetupworksfor whichapplication/workload

WhatistheCurrentStateofYourDRandBackupInfrastructure?

Ifyourorganizationisusingadisasterrecoverysolutionandyouwanttoswitchtoorcomplementyour existingsolutionwithDRaaS,thesequestionscanhelpsimplifytheprocess:

Howfastcanyoursystemsrecover?(recoverytimeandpointobjectivesRTPOs)

Candataberestoredintheeventtheprimarycopy(orcopies)is/areunavailable,corrupted,or encrypted?

Arebackupcopiesprotected,andisolatedfrommaliciousencryption/deletionintheeventa hacker/ransomwaregainsaccesstotheproductionnetwork?

Ifahacker,orransomware,weretogainaccesstothebackupserver,aretheyimmutableandsafe frommodification,oraretheyatriskofmaliciousencryption/deletion?

Isbackupandrecoveryregularlytested,andupdated?Preferablyinanisolatedenvironmentwithout impactingproduction

Assesstheperformanceandefficiencyofthebackupandrecoverysystemtodetermineitscapabilities andtolearnwhatimprovementsyouneedviaaDRaaSsolution

ThefollowingshouldbetakenintoaccounttoascertainthecurrentstateofyourbackupandDR infrastructure:

BackupandDisasterRecoveryPerformance

Isdatabeingbackedupwithintheexpectedtimeframe?

Istheorganizationmeetingitsexpectedservicelevelagreements?

IstheDRsystemcapableofmeetingsetRTPOsintheeventofadisaster?

DeterminingtheBackupQuality

Whatisthebackupsuccesstofailureratio?

Istheinfrastructurecapableoftrackingandresolvingfailedbackupjobs? Arebackupsregularlytestedtoensurethattheyarerecoverable? Isbackupdataprotectedatrestandintransit?

AssessingRestoreCapabilities

Candataberestoredifprimarybackupcopyisencryptedordeletedbyransomware? Howquicklycantheprimarysystemfailoverintheeventproductionisunavailable? Howoftenarebackupstestedtoensuretheyarenotcorruptedandareavailablefordatarecovery whenneeded?

DoestheITteamperformexposureandgapanalysisbetweenrecoverygoalsandactual capabilities?

Isredundancybuiltintorecoverysystems(RAID,erasurecoding,3-2-1strategy,etc)?

ThesequestionswillsetrealisticexpectationsandwillinformtheDRaaSprovideraboutyourbackupand recoveryneeds

WhatwillbetheFinancialRamificationsofanOutageDuringa Disaster?

Whilequantifyingthefinancialimpactofadisasterisonepartoftheequation,youalsoneedto considerthelossofreputationandgoodwill,fines,legalimplications,andothercoststhataddtothe totalcostofunplanneddowntime

Notonlydoyouwanttocalculatetheapparentcostofdatalossbutalsothelegalramificationsand theactualimpactofthelostinformationwhengoingforaDRaaSsolutionButitisdifficulttoascertain exactlyhowmuchmoneyyouwillloseifyourcriticalinfrastructuregoesdown Formoreinformation,readhowtocalculatethecostofdowntime

Withclouddisasterrecoveryservices,organizationscangetreliableoffsiterecoverywithouthavingto investinhardwareMoreover,organizationscanrelyontheexpertiseoftheDRaaSserviceproviderwhich allowsthemtoinvestsparinglyinhiringprofessionalswithrelevantexpertise

Furthermore,cloudDRisanecessarystepinbuildinganinfrastructurecapableofsurvivinga ransomwareattackbecauseitallowsadministratorstostoreoffsitecopies;andsecurethemwithdata securityfeaturessuchasimmutabilityandair-gap

UnderstandingtheImpactofaDisasteronYourCustomers

Whathappenstoyourcustomerafteryourbusinessisaffectedbyadisaster?Today’sbusinesses demandinstantfulfilmentofcommitmentsEvenasmallamountofdowntimecanresultinlossof customerloyalty,andaminuteofdowntimecancauseawell-builtbusinessreputationtocollapse

Additionally,therearenumerouscaseswhereacompromiseofaserviceprovider’snetworkledto disruptionandlossesfortheircustomersThesetypesofattacks,whereasystem/networkcompromise impactsthecompany’scustomers,arecalledsupplychainattacksAnaptexampleistheKaseya breach

ServiceLicenseAgreements(SLAs)mustalsotakeintoaccountthecustomerexperienceintheeventofa disaster

Bydeterminingwhichapplication(s)affectcustomersthemostallowsbackupadministratorstoplan RTOsandRPOsanddefineSLAsaccordingly

ChoosingYourDisasterRecoveryasaService(DRaaS)Solution

WhenchoosingaDRaaSsolution,it’simportanttobearinmindthatwhatworksforone,maynotwork fortheotherThat’sbecauseproductioninfrastructureisuniquetoeachorganizationAsaresult,the dataprotectionsolutionsmustbedesignedtocomplementitwhichiswhytheytooareunique

TohelpyoufindtherightDRaaSforyourneeds,herearesomequestionsyouneedtoaskwhen analyzingasolution:

Doesitincludeisolation(orair-gap)?

Ifbackupcopiesarenotisolatedandair-gapped,thentheyareasvulnerableasproductionIfa hackerorransomwaregainsaccesstothenetwork,thenthebackupserver(s)canendupencrypted whichwillpreventdatarecovery

Arebackupsimmutable?

Intheeventthehackerorransomwareistogainaccesstothebackup(s),aretheyprotectedfrom changes/modifications/deletion?Ifnot,thenthemaliciousactorscanpreventdatarecoveryby encryptingordeletingthebackups

Furthermore,immutabilityalsohelpscompliancewithindustryregulationssuchasHIPAA,FedRAMP,FISMA, CJIS,andhelpsorganizationsgetcyber-insurancefortheircriticalapplications

Formoreoncyber-insuranceandimmutability,readmeetcyberinsurancerequirementswithimmutable backups

Isadminaccessprotectedviamulti-factorauthentication?

Analysisofmultiplesuccessfulransomwareattacksrevealthathackersgainedaccesstothenetwork viaacompromisedadminaccountTherefore,it’snecessarytocontroladminaccesstocriticalsystems, productionandbackup,usingmulti-factorauthentication(MFA)

Preferably,MFAshouldbeimplementedforeachendpointinthesystemincludingstorage,backup servers,networkcontrollers,etc

WhatmanagementoptionsdoestheDRaaSprovideroffer?

Whileitvariesbasedonthevendor,DRaaSisoftenavailablewiththreemanagementoptions:

1Self-ManagedDRaaS:Theoptionwheretheresponsibilityofconfiguration,management,monitoring, andrestoreistakencareofbyyourin-houseITteamWhiletheserviceproviderprovidesthebackup software,andthesecureinfrastructureforthebackupcopies

2PartiallyManagedDRaaS:Inthismanagementoption,partoftheresponsibilityofdisasterrecovery lieswithyourin-houseITteamwhiletherestismanagedbytheserviceprovider’sexpertsThespecifics varydependingonthearrangementbetweentheserviceproviderandthecustomer

3FullyManagedDRaaS:Asthenameimplies,inthiscase,alloftheresponsibilitylieswiththeservice providerfrominstallation,configuration,management,monitoring,testing,andtorestore;everything’s included

Whoisresponsibleforwhat?

Consideringthespecificityandrequirementsofmostdataprotectionanddataprivacyregulations,it’s necessarytoclarifytheresponsibilitiesoftheserviceproviderversusthedataowner DependingonthechosenDRaaSmanagementoption,thescopeoftheresponsibilitymayvary However,it’simportanttonotethatregardlessofwhomanageswhat,whileDRaaSprovidethebackup toolsandmanagement,it’stheresponsibilityofthedataowner(thecustomer),toensureeffectivedata securityanddataprotectionThisincludesanyliabilitythatmayincurintheeventofadisaster

Conclusion

DisasterRecoveryasaService(DRaaS)providesthenecessarytoolstoorganizationstoprotect employee/customerdatafromcyber-threatssuchasransomware,hackers,maliciousemployees,etc

TheprimarybenefitofDRaaSisthatbusinessesgainaccesstoprofessionaldataprotectioncapabilities withouthavingtoinvestinhardwareorspendingtimetrainingITpersonnelMoreover,theorganization remainsprotectedevenifanin-houseexpertisunavailablewhichisafixtosituationswhereemployees aresick,onleave/vacation,orwhentheyleavethecompany

Furthermore,withcapabilitiessuchascloudair-gappedbackupsandimmutability,DRaaScanbethe differencebetweencompletedisruptionanddataloss,andaminorinconvenience;intheeventofa ransomwareattack

Lookingtoprotectyourcriticalapplicationsusingdisasterrecoveryasaservice(DRaaS)?Wecanhelp!

Checkoutourbackupanddisasterrecoveryasaservice(BDRaaS)solutionformoredetailsGot questions?Fillouttheformonourcontactuspagetotalktoourexpertsfordemos,quotes,andmore

GETINTOUCHWITHUS

ContactName*

Company*

Phone*(extensions canbe enteredinthe Message eld)

EmailAddress*

Message

ABOUTSTONEFLY

Foundedin1996andheadquarteredinCastro Valley – StoneFly,Inc was establishedwiththe visionto simplify optimize anddeliverhighperformance budget-friendly data centersolutions forSMBs SMEs andlarge enterprises Beginningwithits registrationof the iSCSIcomInternetdomainname inMarch1996

StoneFly has made iSCSIinto a standardwhichis nowusedby ITprofessionals aroundthe world

Withover24years of innovationindata storage,hyperconvergedinfrastructure (HCI) andbackupanddisasterrecovery (DR)industries andtechnology partnerships withmarketleaders like VMware,Veeam,MicrosoftAzure,andAWS cloud StoneFly’s range of ever-growingdata managementproducts continue to growandinclude physical,virtual,andcloudsolutions suchas NAS,SAN,S3,unied NAS +SAN+S3appliances,storage gateways,backupgateways,complete backup andDRsystems,RAIDsystems,IP video surveillance storage systems,data migrationsoftware andmore – poweredby StoneFly’s patented8thgeneration storage virtualizationsoftware StoneFusion™ andintegratedwithenterprise features anddata services

*Allelds withanasterisk are required