What to do if Ransomware Strikes a Physical System

With ransomware, unlike almost any other form of disaster, there is an alternative to recovering from backups…pay the ransom. While one can argue the risk associated with paying a ransom, the organization may see it as a viable option. IT needs to recover data faster than the organization can order Bitcoin.

Rapid recovery becomes a challenge when a bare metal server, i.e. not a virtualized server, needs recovery. Most rapid recovery technology assumes a virtual server. Organizations however, often don’t virtualize mission critical applications and file servers. To become more appealing to the enterprise, virtualization specific applications are adding support for non-virtualized systems but many do not have bare metal recovery capabilities. The virtualized backup applications assume that IT will reinstall the operating system prior to data restoration. Ransomware makes this a dangerous assumption.

Most organizations are more than 70% virtualized so on the surface the lack of bare metal recovery seems like a minor problem. The reality is that if a server is not virtualized, it often runs a mission critical application that either can’t be virtualized, because of performance concerns, or runs its own cluster which isn’t compatible with virtualization.

Watch On Demand

The Lost Art of Bare Metal Recovery

Before virtualization, bare metal recovery was something that vendors focused on. They invested time and resources in making sure that the recovery was both fast and could occur on servers that weren’t the same as the original. In the modern era, virtualization specific systems, count on the hypervisor to take care of the nuances between physical servers.

Without the hypervisor to negotiate those differences, which is the case with a bare metal server, the virtualization specific applications don’t have bare metal recovery capabilities and require that IT install the server, set the various configuration options and implement the correct network configuration. While IT can correctly configure all of these settings across potentially hundreds of servers, the process takes time, which in the case of a ransomware attack IT can’t afford.

The Bare Metal Answer

Bare metal systems are just as vulnerable to a ransomware attack as virtual systems, and rapid recovery of those is just as important. Rapid recovery of bare metal systems is a capability that IT needs to look for in data protection applications. Bare metal recovery requires an investment in development time and resources, and many of the latest generation of data protection companies ignore the capability. There is no doubt however, that bare metal recovery is an important requirement.

Bare metal recovery should be able to reinstall an entire operating system, all applications and all data with a single command from the backup application. The bare metal recovery feature needs to identify the server automatically, even if different from the original server. It also needs to set all the configuration parameters and of course restore the data. The recovery should occur from a CD, a thumb drive or even over the network. A bare metal recovery, assuming that IT handles configuration parameters, is both very fast and very efficient.

StorageSwiss Take

We live in a virtualized world, but that doesn’t mean that all systems are virtualized. Storage Switzerland finds that most data centers are about ~70% virtualized, which means about ~30% of the data center is not. That 30% often represents critical applications that for one reason or another can’t be virtualized. The vulnerability of bare metal servers to a ransomware attack is just as high as virtualized systems.

While an increasing number of backup applications protect bare metal servers, most do not provide bare metal recovery; instead, they expect IT to do the work of installing the operating system and getting the server on the network. Again, while possible, the manual process consumes valuable time.

Bare metal recovery solves the problem by automatically setting configuration files and rapidly restoring the server. With a solid bare-metal recovery capability IT can recover bare metal systems so fast that paying the ransom is as unattractive as it should be.

To learn more about recovering from a ransomware attack, watch our on demand webinar “Backup vs. Ransomware – 5 Requirements for Success“.

Watch On Demand

George Crump is the Chief Marketing Officer at VergeIO, the leader in Ultraconverged Infrastructure. Prior to VergeIO he was Chief Product Strategist at StorONE. Before assuming roles with innovative technology vendors, George spent almost 14 years as the founder and lead analyst at Storage Switzerland. In his spare time, he continues to write blogs on Storage Switzerland to educate IT professionals on all aspects of data center storage. He is the primary contributor to Storage Switzerland and is a heavily sought-after public speaker. With over 30 years of experience designing storage solutions for data centers across the US, he has seen the birth of such technologies as RAID, NAS, SAN, Virtualization, Cloud, and Enterprise Flash. Before founding Storage Switzerland, he was CTO at one of the nation's largest storage integrators, where he was in charge of technology testing, integration, and product selection.

Tagged with: , , , , , , , ,
Posted in Blog

Enter your email address to follow this blog and receive notifications of new posts by email.

Join 25,542 other subscribers
Blog Stats
%d bloggers like this: