A successful way to recover from a ransomware attack is to have a reliable and fast backup process.
According to a many ransomware survey reports released ,49% of companies hit by ransomware paid the ransom and another 22% declined to say whether they paid or not. Part of the reason is the lack of backups, specifically the lack of usable backups.
Here are eight steps to ensure a successful recovery from backup after a ransomware attack.
1. Keep the backups isolated
Keeping an “air gap” between the backups and the production environment is critical to keep it safe from ransomware—and other disasters.
2. Use write-once storage techniques
Use either physical write-once-read-many (WORM) technology or virtual equivalents that allow data to be written but not changed.
3. Keep multiple types of backups
Keep different types of backups, such as full backups on one schedule combined with incremental backups on a more frequent schedule.
4. Protect the backup catalog
In addition to keeping the backup files themselves safe from attackers, companies should also ensure that their data catalogs are safe.
5. Back up everything that needs to be backed up
Do a thorough survey of all their systems and assets. This will usually involve leaders from every function, so that they can ask their people for lists of all critical systems and data that needs to be protected/backed up.
6. Back up entire business processes
Backing up just the data without backing up all the software, components, dependencies, configurations, networking settings, monitoring and security tools, and everything else that is required for a business process to work can make recovery extremely challenging.
7. Use hot disaster recovery sites and automation to speed recovery
A hot site, one that’s available at the switch of a key, would solve the recovery time problem. With today’s cloud-based infrastructure, there’s no reason not to have one.
8. Test, test, and test again
Approach this from a recovery point of view and NOT a Backup point of view.
Backups must be safe from malware, quick and easy to recover, and include not just important files and databases but also key applications, configurations, and all the technology needed to support an entire business process. Most importantly, backups should be well-tested.
Build your Ransomware Protection Plan…….
The Best time to fight ransomware is BEFORE it strikes – you don’t want to be trying to put together a plan during an attack.
Goliath can help you develop a plan that covers important attack vectors while protecting your data.