Sticky Blog

Disaster Recovery - The Inevitable Truth

  • 27 October 2020
  • 15 replies
  • 1140 views
Disaster Recovery - The Inevitable Truth
Userlevel 7
Badge +17

With Ransomware continuing to take down digital infrastructure across the globe and natural disasters seemingly more dramatic every year, having a disaster recovery plan for your business has never been more critical. The time is past when a simple “backup plan” was sufficient for a company relying on servers and its data to be available at a moment’s notice.

Disaster recovery is the process of devising failsafes to allow a business to bounce back from adverse events, like a hurricane disabling a server or ransomware locking down entire banks of computers. Employing disaster recovery as a service (DRaaS) is now a vital part of a strong cyber resilience plan for every market, from small businesses to Fortune 500 companies.

The truth is, almost every industry has trended digital for the past two decades. As such, being prepared for the inevitable disaster is on par with cybersecurity in terms of importance. Because let’s face it: something will happen to company data at some point. Even if with DNS filtering, phishing training and other cybersecurity best practices, there’s still a significant possibility that an unforeseen disaster will strike.

Consider once-sufficient methods of “disaster recovery” like local backups. Today, silent ransomware can infect crucial files and go months without detection. In the meantime, the ransomware quietly scans files as its human owners determine the value of the files on the network. Suddenly, the ransomware fully activates and encrypts all the data on every computer in the building.

Even while running rolling backups to a local or off-site server, that ransomware has most definitely been replicated on all backups that took place while the ransomware lay dormant. Meaning restoring everything also restores the ransomware.

Avoiding restoring the malware requires a closed environment. Given that, the ransomware can be scanned for and a targeted removal conducted. Without knowing where it resides—and having a comprehensive cyber resilience plan in place—a company could be left with no choice but to restore a ransom to restore its files.

To successfully remediate ransomware infections, organizations must be prepared with both cybersecurity for defense and recovery options in case these are undermined. A backup solution alone is not enough. Instead, a comprehensive plan accounting for all kinds of disasters puts a business on far more solid footing, hence the idea of cyber resilience. This term describes a set of preparations and methods that keep your company resilient and operational, even in the face of disaster.

Being able to maintain operational capacity in the face of a ransomware attack or a natural disaster is incredibly difficult without a plan. Considering it after the fact is a surefire way to lose revenue or­ vital data.

Another backup strategy worth including in a disaster recovery plan boasts a level of security which a single-source backup methodology cannot replace: immutable, air-gapped backups. “Air-gapped” means local and cloud backups are segmented, where the local backup shares the same network as your data, but the cloud backup is on a separate network. It is not on the same domain and accessible only by an authenticated agent.

This method entails an entirely different authentication framework than any device, which makes it even more difficult for malware to penetrate. Employing this combination of localized and cloud backups, with failover plans for each, is gold standard of a comprehensive backup plan. 

Disaster recovery and cyber resilience are intertwined. It’s impossible to have one without the other. To stay resilient when against ransomware, data loss, and other threats, companies must implement an array of tools and services to protect data in a variety of contingencies. Gone are the days of local backups and a “once-in-a-while” virus scan being sufficient to protect even small businesses.

Every business housing valuable data must devise a comprehensive cyber resilience plan before they inevitably become the target of an attack or victim of a disaster. This means solutions for data security, data management and data recovery—the triumvirate of cyber resilience.

It’s simply better to take action sooner rather than later. Though cyber resilience can seem complicated, it’s necessary. Luckily, it’s easier than ever to employ existing services to take care of this for your company. While cyber resilience plans do cost money, they save money in the long run. 

Have you or your company ever experienced a Data Disaster? If so, how did you recover? Let me know about your stories in the comments below! 


15 replies

Userlevel 3
Badge +2

All of our clients back up locally and also back up to the cloud. We also use snapshot technology to protect previous backups from malware and ransomware. Some clients also back up to alternating USB drives. We’ve saved many clients from malware using their cloud backup.

Teaching others to use Disaster Recovery is a big plus, especially if businesses aren't aware of what's at risk if something enters the network and brings it all down in seconds or maliciously infects all devices. 

Out of experience, I worked on a client who had a Ransomware outbreak and although they only had, let's say, 4 servers and 15 workstations, it's still a core function of their business that got files encrypted in seconds across various devices.

Luckily, they had a backup of their servers and we could restore back. Workstations were rebuilt and I personally could decrypt the files as they were uploaded onto OneDrive so Microsoft's scanner online behind OneDrive must've stopped the encryption before it attempted to do so.

Renaming the filenames with a script I made had recovered the files easily, but it's not to say anyone in this situation would be as lucky.

Disaster Recovery, implement it, I can't stress enough how important it is if you value your business.

Userlevel 7
Badge +17

Since I don’t like clouds, I use external drives (not one) for backups at regular intervals. A product that automatically checks external drives would be a great solution.

You can set most antivirus software (Webroot included) to auto-scan any hard drive. That can be done with the “scheduling” feature. Just remember to keep those hard drives plugged in! 

Since I don’t like clouds, I use external drives (not one) for backups at regular intervals. A product that automatically checks external drives would be a great solution.

Userlevel 2
Badge +1

It’s true not every business see this as a must have, despite the clear need. I’ve found one way of getting businesses more interested is to get them to think about DR & BCP from a business perspective and ignore the technology for a while. Having them work through what could happen and the impact in each area helps focus on what is really needed and from there you can get the technology to deliver it.

It’s a scary place to be when you take on a client who’s completely obvious to the risks, cloud/offsite and onsite backups are something you cannot be without along with a recovery plan and the regular testing of the backup/recovery to ensure this still meets your clients needs.

Userlevel 3
Badge +5

Although our setup is similar, we’re going to explore our options in the spring.  As the setup ages, my confidence lowers because expectations are higher.  Recovery times from 3-4 years ago may not be good enough today.

One thing I noticed with the diagram...no cloud source on the primary side.  Cloud resources needs to be backed up like on-premises.

Userlevel 1
Badge

We are using this solution (different vendor though) with some of our clients who utilise on-premise servers and it is a fantastic combination of quick recovery for on-premise hardware failure as well as being a robust contingency for all the reasons mentioned above.

Userlevel 6
Badge +17


So a product that scans external drives for virus or malware issues automatically would be great. 

@MajorHavoc ,

Thanks for the response! Most antivirus software, Webroot included, can be scheduled to scan x times per day any external hard drive you have. Additionally, a business could easily write a macro that has their antivirus scan during every backup. 

Thanks khumphrey for the answer, but this is not my fist rodeo . Can, could, most ….  yea I get that I could wrench a tool to do what I want, and actually already do. But it requires a lot of care and feeding with every update or major OS change or app change. 
 

But since it was asked, I was suggesting something that just does this automatically. We take backup drives off line after backups so that they cannot be encrypted or infected. I want an immediate scan when they are brought back on line just in case something bad got backed up.
 

My request, which some previous product I used to have, had as a standard feature to immediately scan any external storage drive (at the time floppies, hard drives, network drives,  and cartridge drives) and thumb/usb drives when they became “available.” An exclusion list would be a desired feature to not scan slow NAS for example, but nothing gets used that does not get scanned   


Thanks. 

Great blog and good content.

You never want this to happen to you as it is a horrible thing to be a part of. That said all to often I am on the phone with one of our partners talking about sending data back to a customer of theirs so they can have a copy of the data on site then they leverage a DRaaS solution like Carbonite’s Recover to failover to the cloud while putting the pieces back together.

It is truly amazing how having a tested, good, proven, and reliable data protection strategy truly makes these kind of events far less impactful to the business.

Userlevel 7
Badge +17


So a product that scans external drives for virus or malware issues automatically would be great. 

@MajorHavoc ,

Thanks for the response! Most antivirus software, Webroot included, can be scheduled to scan x times per day any external hard drive you have. Additionally, a business could easily write a macro that has their antivirus scan during every backup. 

Userlevel 1

@simonz ,

Yeah, it truly can happen to anyone! It happened to me multiple times - I’ve lost a bunch of video projects and whatnot to hard drive crashes. Once, I even had a laptop stolen and my backup hard drive die the next day! Talk about bad luck.


That's a new level of bad luck, i cannot compete with it :)
 

Userlevel 6
Badge +17

Thanks for this. Not too dissimilar to setups I have done, but some of the pieces might be different. 

For people who are weary of the cloud (yes, there are still some) I use a rotating set of backup drives, swapping out at some regular interval. One near the machine, one somewhere else, even if it is in the car (used to say take to work, but that is a different thing now!). Best solution to all these problems is being able to wipe clean and get back to work. 

So a product that scans external drives for virus or malware issues automatically would be great. 

Userlevel 7
Badge +17

@simonz ,

Yeah, it truly can happen to anyone! It happened to me multiple times - I’ve lost a bunch of video projects and whatnot to hard drive crashes. Once, I even had a laptop stolen and my backup hard drive die the next day! Talk about bad luck.

Userlevel 1

this is the nightmare that can happen to anyone.
It did happen to few of our home users customers and 1 or 2 business customers.
Home users not all of them were using backup service and they ended up losing their data.
Business customers had both local and cloud backup solution.
with one of them the local copy got corrupted as well and was encrypted.
we managed to restore things to earlier version through the cloud backup solution

Simon

Reply