Start Your New Year Fresh Protect Your Data with Backup & DR

New year is just around the corner and before we jump into the new year, it is important to look at all the data loss incidents that occurred this year. Unfortunately, there have been a lot of ransomware attacks and experts predict that the number of these attacks would most likely increase in the coming year so it is best to include backup and DR in your new year’s resolution.

2019-A Year of Ransomware Attacks

2019 was supposed to be the year in which ransomware attacks would start to decrease but sadly this was not the case. Reportedly, 7.2 billion malware attacks were launched in 2019 as well as about 151.9 million ransomware attacks. This is a significant increase in ransomware attacks from the previous year and these numbers are only expected to grow in the coming year.

Get Ransomware Protection- Backup Your Data

There is no doubt that ransomware attacks would most likely increase in the coming year and without any ransomware protection, it is impossible to recover from these attacks. If your data is very important to you, which it most probably is, and you still do not have any ransomware protection, then backing up your data should be your topmost priority in 2020.

When there is ransomware, there is always a risk of data loss. Even without the element of ransomware, data loss is always a probability. If you do not want to lose your mission-critical data, then backing it up to the cloud is the right choice. Veeam backup to Azure can be used to back up data.

Backup & Disaster Recovery

Backups would enable you to back up your data to the cloud, in a safe location so that you know that even if you are hit with a ransomware attack, you can be at peace with your mind that your data is safe and ready to be recovered whenever needed.

Disaster recovery can help greatly in making sure that your Recovery Time Objectives (RTOs) and Recovery Point Objectives (RPOs) are as low as possible so that you can recover your data in a matter of minutes and suffer downtime as low as less than 15 minutes.

This little to none downtime is made possible due to the ability to directly spin up VMs to the backup appliance and this feature is offered by none other than StoneFly in their backup and disaster recovery appliances.

 To Sum Up

Ransomware is a huge threat and it will only get worse in the coming years. It is best to get a backup and disaster recovery solution today so that you can start your new year on a high note without having to worry about the protection of your data.

Ransomware Attack at Security Company Prosegur

Ransomware has struck again and this time it is a private security giant, Prosegur. Prosegur has become the latest victim of ransomware. This shows how still many companies are unprepared and still have no backup and ransomware protection at all. 

Without Backup & DR, Even the Strongest Security Company Can Become Vulnerable

The Spanish company, which produces building alarms and offers physical security services like cash transit vans, has over 60,000 employees all over the world. It is a very successful company with profits of $130M reported for the first ninth months of 2019.

The company used its Twitter account on Wednesday to post a statement claiming that they had been struck by the Ryuk variant. They added that they had enabled maximum security measures to prevent the spread of malware which unfortunately also included the restriction of all communications.

Prosegur appears to be in a mess and is struggling to get out of it. The attack was severe and the company’s website was taken offline in various regions.

The attack impacted the company greatly as hours after the attack, customers have been reported saying that the alarms were not working and new customers were even asking for refunds. This would dent the reputation of the company greatly as it is a security company, providing security services.

The Company has appeared to have ‘Recovered’ from the Attack

In a statement, released on Thursday, the company said that they had fully contained the attack and that the company have started the process of recovering data and started restoring its services slowly.

The company has also said that they have started an investigation and will get to the bottom of how the attack happened so that they can identify the vulnerabilities and improve them for the future.

Achieve Ransomware Protection with Backup & Disaster Recovery

It is not clear whether the company paid the ransom or restored from backups but one thing is clear that whatever it was, they suffered a lot of downtimes, even if they actually did restore from backups.

A good backup and disaster recovery solution or a backup and disaster recovery appliance can help greatly in protecting against ransomware. Apart from this, there are many data services that ensure that the company suffers little to no downtime.

There are many vendors who offer backup and disaster recovery solutions like Dell, Nutanix, Unitrends, etc. but there is one, StoneFly, who offers a unique feature that allows companies to spin up VMs directly onto the backup appliance. This helps greatly in reducing the RTOs and RPOs to less than 15 minutes which ensures that a company does not suffer any downtime whatsoever.

Conclusion

Ransomware has been in the news a lot lately and it seems like there is no stopping it. These attacks are not going to stop anytime soon and without any protection, it is impossible to recover from them. A good and efficient Backup and DR appliance helps greatly in protecting against ransomware attacks and helps recover data in a matter of minutes.

Disaster Recovery Testing-Key to a successful DR

Disasters can occur at any time and at any place and can be very cruel. Having a disaster recovery plan sure can help an enterprise in protecting their data but in order for it to do that, it needs to work first. The only way to know for sure that your disaster recovery plan will actually work is to test it, regularly.

Exactly How is Testing Important for an Enterprise

So much emphasis is made on building a disaster recovery plan but enterprises often forget that they actually need to make sure that their DR plan works or not.

An untested plan is just a set of steps in which some things might work and some might not. In order to ensure efficiency, all the steps of a DR plan should work. So, testing your DR backup plan is as important as setting up one.

Decide What Needs to be Tested

Testing a DR plan maybe simple or a bit complex, depending on your system. If there is only a single testing, then it may be quite simple rather than a multi-tiered system. Depending upon the criticality of your system, you need to test the plan accordingly.

Testing Frequency

Having talked about the importance of a DR plan testing it is also important to know the frequency of the tests performed on it.

The testing frequency should be based on how often your plan changes. If it changes a lot, then it should also be testing a lot frequently. If not so much, then it’s okay to test it only once a while.

To emphasize more on this, workloads or systems that don’t change at all only need to be tested maybe once a year, while workloads that tend to change a lot need to be regularly tested throughout the year.

More Efficient Disaster Recovery

Testing your DR plan enables you to identify any errors or issues encountered while recovering your data. This helps greatly as it pin-points exactly what the issue is and allows you to resolve it so that, at the time of actually needed recovery, there are no issues and all your files and systems are recovered, easily and efficiently.

Conclusion

Testing your DR plan is undoubtedly a very vital part of any DR backup plan. It can help greatly in identifying the issues or problems you might face while recovering your files and gives you an idea of whether your DR backup plan works or not. To ensure a more efficient DR backup plan, make sure you test your plan regularly. veeam cloud connect azure is also good for doing data backups.

Are you prepared for the worst possible DR scenario

Disasters can strike at any time and at any place and can be from mild to severe (usually severe). But are you prepared for the worst possible disaster attack? It is time to review or update your DR plan as it might not best be suited for the worst disaster recovery case scenario.

Backup for the ‘worst’

‘Worst’ is a relative term. While some enterprises might plan for the end of the world, total destruction as a worst-case scenario, others might not go all overboard with this.

The important thing to note here is that there might be different ‘worst cases’ for different enterprises. Everyone has to be prepared for their version of a worst-case scenario.

Take VFEmail hack for example, the attack took place earlier this year. In the attack, all of VFEmail’s U.S business data was deleted by the hackers overnight, without any sort of warning. Although they were able to ultimately recover its European operations, their U.S business no longer exists.

Many enterprises tend to ignore the fact that they could be hit by a worst-case scenario and don’t find it necessary to prepare for it. This is a very unprofessional approach and should be avoided.

Business Continuity & Disaster Recovery

While planning for the worst cases, business continuity should be in the mind of the business owners. If your backup and DR plan has some uncertainties which might make it vulnerable in case of a worst case scenario, then it is time to rethink and setup a new plan.

Risk calculation is important. It is important to note down exactly how will a severe natural disaster will affect the enterprise. If it is too much to handle for the enterprise, then it is time to setup a plan which is more effective and suitable for the enterprise.

A Disaster Recovery plan should check out a very important point and that is business continuity. If your enterprise can sustain a worst possible natural disaster with no disruptions to day to day operations whatsoever, then your plan is good enough, otherwise, make a plan for it.

Conclusion

Think of a worst DR scenario and put your plan in place of it and ask yourself, how well prepared are you for it? If everything checks out, your good to go, if not, advise a plan which is best suited for mild to sores case scenarios, in terms of disaster recovery.

Utility versus Fully Managed Cloud Backup and DR

The cloud market is getting highly saturated day by day. The options for cloud and backup solutions are increasing. The organizations that fail to benefit from cloud solutions are the ones that don’t take decision making seriously. A high percentage of organizations fail to provide a high availability structure to their customers and employees.

There are two types of backup service providers:

•             Utility Service Providers

•             Fully Managed Backup service providers

What is the difference between the two kinds of services?

The answer lies here:

Utility Service Providers

Utility Service Providers deploy backup and DR as a utility assuming that the organization requires the

utility only and has dedicated trained personnel to oversee the backup processes. Having trained IT

professionals to handle Cloud Backup services can be costly and SMEs and SMBs seldom have that manpower. What happens here is that the solutions are deployed without taking the data security and management into account.

Organizations end up losing data because of poor management. This is because the Backup service has been deployed as a mere utility. The main principle that should be from the cloud service provider’s perspective is that “you handle your end and we handle our”. On these terms, the ambiguity is removed.

Fully Managed Backup Service Providers

A fully managed backup service comes with all the perks of management and security. It saves a lot on the labor overhead. Reduces the possibility of human error. The cloud service provider in this case covers the deployment and overseeing of secure data transfer and backup.

Organizations should make sure that their data and backups are actively monitored. Choose from reliable service providers that prioritize security. The hardware used must be reliable. Cloud service providers should be compliant to well-known standards along with the standard that your organization follows. Lastly, even though the CSPs manage the infrastructure, Organizations must retain visibility and control. Everything should be transparent.

Conclusion

Fully Managed cloud backup and DR comes with a lot of advantages. The mission-critical workloads of the organization are managed with the right priority. Cloud backup service should not be completely ruled out; it is still an option for an organization that has dedicated staff to oversee the backup processes. Choosing from among a lot of different cloud vendors in a saturated market can be challenging. Organizations should not compromise on security, hardware, and control.

Ransomware attack on the Government of Nunavut

Ransomware has struck again and this time the victim is the government of Nunavut. Their communication system was infected with malicious software that encrypted GN servers, workstations and files, rendering them inaccessible. If they have backup and disaster recovery plan they would save thier data from such attacks.

The good news, however, is that GN services remained open and available which shows how serious they were about backups and were fully aware of the ransomware threats.

Backup & DR helped GN to remain open

A new and a very advanced, sophisticated type of ransomware hit the government of Nunavut’s electronic communication system. Fortunately, the essential services were not affected and the GN remained opened, although there may be some delays due to the attack.

Joe Savikataaq, a Nunavut premier stated that Nunavummiut are working non-stop to resolve this issue as quickly as possible and further said that essential services will not be impacted in any way and the GN will continue to operate while this issue is resolved.

Now, how was this possible? 

How were they able to remain operational even after a ransomware attack?

Backup and disaster recovery. They had a proper backup and disaster recovery plan in place which enabled them to continue operations efficiently, without suffering a lot of downtime.

Having said this, they did not remain completely operational. They only managed to remain partially open. So far, electronic data for services related to health, family services, education, justice and finance are down.

If a person wants to visit the QCH or the health clinic, he or she needs to bring their health card and a list of any medication they may take if form of a hard copy, until the services are restored back, which the officials say as a top priority.

The Officials stopped Ransomware from spreading

The attack encrypted individual files on many servers and workstations but the officials were able to stop the malware from spreading and are restoring all the files from the backups.

According to the GN, there was no loss of personal information or any privacy breach and the team was working around the clock to help restore all the files and services as soon as possible. The GN requested patience and corporation from the general public.

 A better DR plan would have boosted the recovery process

There is no doubt that the GN did a formidable job in stopping and containing the malware and are recovering from backups, but it is taking quite a long time to do so. They were able to restore some operations and were partially available but still suffered some inconvenience as their communication system was infected.

All this could have been avoided if they had a reliable and efficient DR backup plan which offers RTOs less than 15 minutes and offers end-to-end encryption which makes it highly resilient to ransomware. StoneFly, for example, offers such disaster recovery solutions in a very cost effective way.

Conclusion

The ransomware attack on the government of Nunavut reminds us how common these attacks have become and how important it is for any organization to setup a backup and disaster recovery plan. It enables organizations to restore workstations and servers and continue operations without suffering any sort of downtime whatsoever.

3-2-1 Backup Strategy - What it means & how to achieve it

Backup administrators are often tasked with creating a reliable backup of organizational workload and data. There are several backup best practices that the data managers must follow to keep their backups safe and secure.

They need to have a well-defined backup strategy like 3-2-1 Backup Strategy, along with that they must have a backup and disaster recovery plan.

The most modern solution for an off-site copy of data is having cloud data storage and disaster recovery solutions. Backup for disaster recovery is necessary for business continuity.

Here is the explanation of the 3-2-1 backup strategy:

Three copies of the important data

This strategy focuses on data redundancy which is important for disaster recovery and business continuity planning as well as data security compliance. The data managers or administrators must make at least three copies of data that are the first step in this strategy. The copies have to be current and must include an original copy along with two more copies.

Two different durable storage media

The second step here is storage and the two copies have to be stored on two different media. Making sure that the storage media used are durable if the data has to increase in future then the media have to be scalable as well. The data types also matter a lot; with tiered storage, this can be easily tackled with.

One copy of data off premises

One of the copy has to be off-premises to make sure that on-premises disasters do not affect the third copy. Cloud is perfect modern DR site because of its agility, durability, security and recovery time as well.

Once again the solutions in place for should complement the risk-free 3-2-1 strategy. Organizations should use cloud-agnostic backup, storage and gateway solutions like stonefly gateway that can be configured to support multiple public clouds. So you can have multiple cloud backups as well. Microsoft cloud backup can be used for data backups.

Conclusion

To minimize the risk of losing data many organizations introduce data redundancy. The 3-2-1 backup rule is the best practice IT administrators follow this makes the backup more reliable.

Using durable storage solutions has to be another priority for organizations. For cloud backup and archiving, organizations can use storage gateways that support hybrid and multi-cloud environments. This complements the 3-2-1 backup strategy for cloud data storage and backup.