Disaster recovery as a service (DRaaS) vendors suggest their offerings can cure a number of ails. They offer the power and recoverability of a hot site without the traditional costs that a hot site present. They offer a way to get data off-site almost immediately without the risks of human intervention. What about ransomware? Do DRaaS vendors have anything to offer there?
For those unfamiliar with ransomware here’s a quick summary. Someone in your company opens the wrong email or goes to the wrong website and it activates a ransomware attack. The attack immediately begins to encrypt all of the files it can. Once that is done, someone contacts you with a ransom demand. Send them money (usually with BitCoin) and they will un-encrypt your data.
Ransomware attacks started with individual users, and the ransom was only a few hundred dollars. Once the attackers figured out how to do things much faster, and also how to crawl a corporate network, they started attacking companies as well. This resulted in the ransom demands quickly increasing to thousands and even millions of dollars. There are multiple reports of ridiculously large ransom demands.
“What’s the big deal,” you ask. “All you need to do is restore from your backups.” That is true, but unfortunately the backup system is often attacked by the ransomware and it is inaccessible. One of the reasons for this is most people run their backup system on Windows, which is the same operating system that most ransomware attacks go after. In fact, some attacks are sophisticated enough to go directly after the backup server.
The best protection against a ransomware attack is frequent – if not continuous – backups that are stored in an alternate location in an alternate operating system. Some DRaaS vendors offer exactly that.
The servers controlling and storing the off-site backups are neither in your corporate network, nor are they usually running Windows. For many reasons, not the least of which is cost, the virtualization system that DRaaS vendors used to provide VMs to you in case of disaster is usually based on a Linux-based operating system. While such servers are not impervious to attacks, they are definitely immune to attacks that are designed to attack a Windows-based file system. In addition, the fact that your data is stored in another facility with completely different access protocols protects it as well.
DRaaS forces IT to ask new questions, but it can definitely answer “yes,” to the question of protecting the organization from ransomware. To learn the other questions that DRaaS forces IT to ask and see if it can answer yes to those, check out our on-demand webinar “ The 5 Disaster Recovery Questions You’re Not Asking”.