What to do if Ransomware Strikes a Physical System

With ransomware, unlike almost any other form of disaster, there is an alternative to recovering from backups…pay the ransom. While one can argue the risk associated with paying a ransom, the organization may see it as a viable option. IT needs to recover data faster than the organization can order Bitcoin.

Rapid recovery becomes a challenge when a bare metal server, i.e. not a virtualized server, needs recovery. Most rapid recovery technology assumes a virtual server. Organizations however, often don’t virtualize mission critical applications and file servers. To become more appealing to the enterprise, virtualization specific applications are adding support for non-virtualized systems but many do not have bare metal recovery capabilities. The virtualized backup applications assume that IT will reinstall the operating system prior to data restoration. Ransomware makes this a dangerous assumption.

Most organizations are more than 70% virtualized so on the surface the lack of bare metal recovery seems like a minor problem. The reality is that if a server is not virtualized, it often runs a mission critical application that either can’t be virtualized, because of performance concerns, or runs its own cluster which isn’t compatible with virtualization.

Watch On Demand

The Lost Art of Bare Metal Recovery

Before virtualization, bare metal recovery was something that vendors focused on. They invested time and resources in making sure that the recovery was both fast and could occur on servers that weren’t the same as the original. In the modern era, virtualization specific systems, count on the hypervisor to take care of the nuances between physical servers.

Without the hypervisor to negotiate those differences, which is the case with a bare metal server, the virtualization specific applications don’t have bare metal recovery capabilities and require that IT install the server, set the various configuration options and implement the correct network configuration. While IT can correctly configure all of these settings across potentially hundreds of servers, the process takes time, which in the case of a ransomware attack IT can’t afford.

The Bare Metal Answer

Bare metal systems are just as vulnerable to a ransomware attack as virtual systems, and rapid recovery of those is just as important. Rapid recovery of bare metal systems is a capability that IT needs to look for in data protection applications. Bare metal recovery requires an investment in development time and resources, and many of the latest generation of data protection companies ignore the capability. There is no doubt however, that bare metal recovery is an important requirement.

Bare metal recovery should be able to reinstall an entire operating system, all applications and all data with a single command from the backup application. The bare metal recovery feature needs to identify the server automatically, even if different from the original server. It also needs to set all the configuration parameters and of course restore the data. The recovery should occur from a CD, a thumb drive or even over the network. A bare metal recovery, assuming that IT handles configuration parameters, is both very fast and very efficient.

StorageSwiss Take

We live in a virtualized world, but that doesn’t mean that all systems are virtualized. Storage Switzerland finds that most data centers are about ~70% virtualized, which means about ~30% of the data center is not. That 30% often represents critical applications that for one reason or another can’t be virtualized. The vulnerability of bare metal servers to a ransomware attack is just as high as virtualized systems.

While an increasing number of backup applications protect bare metal servers, most do not provide bare metal recovery; instead, they expect IT to do the work of installing the operating system and getting the server on the network. Again, while possible, the manual process consumes valuable time.

Bare metal recovery solves the problem by automatically setting configuration files and rapidly restoring the server. With a solid bare-metal recovery capability IT can recover bare metal systems so fast that paying the ransom is as unattractive as it should be.

To learn more about recovering from a ransomware attack, watch our on demand webinar “Backup vs. Ransomware – 5 Requirements for Success“.

Watch On Demand

Twelve years ago George Crump founded Storage Switzerland with one simple goal; to educate IT professionals about all aspects of data center storage. He is the primary contributor to Storage Switzerland and is a heavily sought after public speaker. With over 25 years of experience designing storage solutions for data centers across the US, he has seen the birth of such technologies as RAID, NAS and SAN, Virtualization, Cloud and Enterprise Flash. Prior to founding Storage Switzerland he was CTO at one of the nation's largest storage integrators where he was in charge of technology testing, integration and product selection.

Tagged with: , , , , , , , ,
Posted in Blog

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

Enter your email address to follow this blog and receive notifications of new posts by email.

Join 21,893 other followers

Blog Stats
  • 1,255,922 views
%d bloggers like this: