FEATURE : THREAT ASSESSMENT object storage , air-gapped and offline media , or Software-as-a-Service for backup and Disaster Recovery ( DR ).
In spite of these education and implementation techniques , organizations must still be prepared to remediate a threat if introduced . At Veeam , our approach is simple . Do not pay the ransom . The only option is to restore data . Additionally , organizations need to plan their response when a threat is discovered .
The first action is to contact support . Veeam customers have access to a special team with specific operations to guide them through the process of restoring data in ransomware incidents . Do not put your backups at risk as they are critical to your ability to recover .
makes more sense . Finally , the restoration process itself must be secure , running full anti-virus and anti-malware scans across all systems as well as forcing users to change their passwords post-recovery .
While the threat of ransomware is real , with the right preparation organizations can increase resiliency against an incident to minimize the risk of data loss , financial loss and reputational damage .
A multi-layered approach is key . Educate your IT teams and employees to minimize risk and maximize prevention . However , implement solutions to ensure data is secure and backed up . Finally , be prepared to remediate data systems through full backup and DR capabilities should your previous lines of defense fail . •
In disasters of any type , communication becomes one of the first challenges to overcome . Have a plan for how to communicate to the right individuals out-of-band . This would include group text lists , phone numbers or other mechanisms that are commonly used to align communications across an extended team . In this contact book you also need security , incident response and identity management experts – internal or external . at risk . While education is a critical step , organizations must prepare for the worstcase scenario . If there ’ s one takeaway for IT and business leaders , it is to have a form of ultra-resilient backup storage .
At Veeam , we advocate the 3-2-1 rule as a general data management strategy . The 3-2-1 rule recommends that there should be at least three copies of important data , on at least two different types of media , with at least one of these copies being offsite . The best part is that this rule does not demand any particular type of hardware and is versatile enough to address nearly any failure scenario .
The ‘ one ’ copy in the 3-2-1 strategy has to be ultra-resilient . By this , we mean air-gapped , offline or immutable . There are different forms of media which this copy of data can be stored in an ultraresilient manner . These include tape media , immutable backups in S3 or S3-compatible
There are also conversations to have around decision authority . Businesses must decide who makes the call to restore or to fail over before an incident takes place . Once a decision to restore has been made , organizations need to implement additional safety checks before putting systems back online .
A decision also has to be made as to whether an entire virtual machine ( VM ) recovery is the best course of action , or if a file-level recovery
Rick Vanover , Senior Director of Product Strategy , Veeam .
BE MINDFUL TO KEEP CURRENT WITH UPDATES TO CRITICAL CATEGORIES
OF IT ASSETS : OPERATING SYSTEMS , APPLICATIONS , DATABASES AND
DEVICE FIRMWARE . www . intelligentcio . com INTELLIGENTCIO
55