Ransomware and Cybersecurity: What You Can Do to Prepare
Ransomware is the hot – and detrimental – cybersecurity topic this season. NotPetya malware wreaked havoc across the Ukraine and some EU member countries over a few days this past summer. In the United States, Merck Pharmaceutical took weeks to recover and was unable to manufacturer or ship product. A West Virginia hospital had to replace the bulk of workstations and servers after a ransomware attack cut off their access to patient records.
Cybersecurity does not mean “to just keep threats out.” IT Managers must be prepared to respond when a destructive item gets through defenses.
If you are an IT Manager reading this, you definitely should have uncovered any flaws in your data backup and you should have implemented bold new initiatives that backup all business critical data as well as copied the data offsite in case of major disasters. Now can you rest easy? If any data needs recovery you can get it back – eventually.
File backups are the most basic part of disaster recovery. File folder trees should be a one touch restore with continuous backups of changes to be able to revert back to the moment before malware destroyed them.
How long will a recovery take if there are more than just a few file folders in need of restore? Will you be out of business by the time critical systems come online?
Recently I consulted with a mid-sized organization that had spent more than tens of thousands of dollars on a disaster recovery solution. This solution elegantly made complete snapshots of business critical databases, email servers and financial services. Backups replicated offsite and this organization was confident that they could recover these items to another site or into the cloud if there was a NotPetya level disaster or a natural disaster that cut them off from their server room.
I saw in the documentation of their product that the type of server infrastructure they were backing up was only restorable to very similar hardware and definitely not to cloud services. Data was being preserved but the ability to switch over to working copy of their customized database system could require up to a week for their personnel.
Disaster Recovery and Business Continuity Plans are separate, but integral, linked pieces of the IT/Management puzzle. An organization that has an impressive disaster recovery solution but will require 3-5 days to recover all critical systems from a major disaster might be out of business by the time recovery can be completed.
Beyond just backing up data there must be a plan to restore data onsite or to another site if a disaster prevents access to your office. A Business Continuity Plan compliments your Disaster Recovery with a plan to restore data at another site, whether physical office space or to cloud services. Going beyond just IT services, Business Continuity accounts for your critical business practices and plans for failure of phone hotlines, customer service desks or other public facing services.
Businesses can outsource most of their Business Continuity Plans with appropriately selected cloud services. Proper cloud infrastructure has built-in redundancies that let them keep Service Level Agreements with almost no downtime. If all critical services have been migrated to reliable cloud hosting, business continuity can become as simple as “pick up your laptop and move to a new wifi connection.”
Marcum’s Managed Technology Services includes Disaster Recovery and Business Continuity Planning in our flat-rate pricing packages that meet the needs of most small to mid-sized organizations.
For larger organizations, Marcum CIO services are available to help create your Business Continuity Plan and integrate your Disaster Recovery into overall strategy that keeps you in business even if technical or national disasters take your office offline.