decrypting myths
machines rather than focusing on their
most business-critical data.
So rather than having backup and
recovery policies based on the criticality
of each server, we will start to see
organisations match their most critical
servers with their most important data.
In essence, the actual content of the
data will become more of a decisiondriver
from a backup point of view. The
most successful companies in the digital
economy will be those that implement
storage policies based not on their server
hierarchy, but the value of their data.
What are the implications
for organisations which do
not employ robust data
protection schemes?
Organisations that fail to implement
a robust data protection scheme put
themselves at serious risk of suffering a
data breach and causing potentially fatal
damage to the business. When it comes
to system downtime, businesses risk
both reputational damage and the cost
associated with downtime.
If customer data is stolen, clients will
lose trust in the business and may look
to competitors. In addition, if employees
aren’t able to access critical files,
productivity will plummet. Companies
without a robust data protection scheme
should look to implement one as a
matter of urgency.
What best practice approach
should organisations take to
data protection?
StorageCraft recommends organisations
assess and test their recovery plans for
ransomware prevention, remediation,
systems failures, any type of natural
disaster, on a regular basis, being
once a year, twice a year, etc. It is the
only way to know whether they can
meet their Recovery Point Objectives
(RPO) and Recovery Time Objectives
(RTO). In the event of a ransomware
attack, businesses should first identify
and locate their business-critical
data and take steps to protect it. This
step includes email security systems,
firewalls, regular software updates,
clearly audited administrative and
access policies and user education.
If customer data is
stolen, clients will
lose trust in the
business and may
look to competitors.
Prevention is not foolproof, which is
why a ransomware-specific plan for
remediation and recovery is essential.
Thwarting ransomware is dependent
on an organisation’s data locality (i.e.,
on-premises, in the cloud or in cloudbased
applications such as G Suite and
O365) and preferred recovery location.
Critical elements of a successful
plan for ransomware remediation and
recovery include:
Immutable snapshots: To ensure
unstructured data can be recovered,
companies should protect their
information with continuous immutable
snapshots. Data captured this way is
‘frozen’ and cannot be overwritten or
deleted by ransomware attackers. This
ensures an organisation can revert to a
secure set of data.
Orchestration: A successful recovery
process requires that business-critical
data and applications are prioritised.
Companies using cloud-based recovery
should pre-determine the order in
which their data and applications will
be recovered. This ‘orchestration’
ensures minimal downtime once data
recovery begins.
Immediate recovery: Considering one
minute of downtime costs US$5,600
according to industry analyst firm,
Gartner, the speed of recovery
following a ransomware attack is a
crucial element of the remediation and
recovery process. Solutions such as
StorageCraft VirtualBoot provide the
ability to recover virtual and physical
infrastructures – and both structured
and unstructured data – instantly.
Failback: After a successful cloudbased
recovery, the last step in
remediating a ransomware infection
is returning the data infrastructure
to its original location and resuming
operations as usual. The planned
failback process should have a minimal
impact on production applications to
minimise any additional downtime and
adverse effect on the business.
www.intelligentciso.com | Issue 25
67