5 Essential Features of an Effective Ransomware Recovery Solution

October 28, 2020 | Barrie Kuza 5 Essential Features of an Effective Ransomware Recovery Solution

As if the global pandemic hasn’t caused enough trouble, ransomware attacks are on the rise this year. In the past, one of our customers would suffer an attack every few months. Now two or three customers might be hit in a single weekend. Ransomware attacks have evolved, and the pandemic seems to have emboldened malicious agents looking to take advantage of new WFH environments.

My colleague John Bilotti, CIO/CISO at Nasuni, and I recently joined Tom Field of the Information Security Media Group (ISMG) to talk about these issues, and what large enterprises can do to prepare for a ransomware attack. Our conversation is available here and it’s a short but detailed dive into the specific.

5 Essential Features

As we see it, there are 5 essential features of a ransomware recovery solution. Any effective enterprise solution needs to be:

1. Fast

You need to be able to get your data back quickly so your business can restore operations quickly. The solution should be able to quickly identify what was impacted, when it was impacted, and restore the last clean version(s) quickly. The longer people, applications, or machines are separated from the data they need, the higher the costs to the business.

2. Tight Restore Point

Ideally, your solution should allow you to recover data as close to the point of attack as possible. You don’t want to have to restore data from a few days earlier, as this sets your end users back. If you can restore to the closest known good point, then you’re that much closer to getting your business back to normal operations.

3. Multi-site

Ransomware attacks are now hitting multiple sites simultaneously, or striking one site and rapidly spreading through organizations. Some solutions will force you to restore one site at a time, delaying the recovery of the remote or branch offices that were impacted. But if your file system resides in the cloud, as it does with Nasuni, then you can restore many global sites simultaneously – once you restore a copy in the cloud, that change is synced out to all your other regional or global sites.

4. Immutable

Not all cloud products are immutable; objects can be overwritten, and this could slow your recovery. An immutable file system, on the other hand, means that every version is unique, so even if the file system is corrupted, the attack cannot touch those previous versions. Once you restore to a point before the attack, you can rest assured that the file system is safe again.

5. Testable

Finally, a solution has to be testable. You need to prepare, plan, and run through simulated attacks. We help our own customers come up with ransomware recovery playbooks and run quarterly tests on small data sets. That way, if they are attacked, they’ll know exactly what to do.

Enterprise-Tested Ransomware Mitigation

As John mentions on the podcast, we use our own product at Nasuni, and we also test our ransomware recovery capabilities. Plus, we’ve helped numerous customers use our product and processes to recover quickly from attacks.

We’ll be talking about all of this and more in an upcoming webinar. Sign up to find out why traditional backup can’t protect enterprises against ransomware, and what you can do to prepare your organization for the worst.

Related Posts

March 26, 2024 Problem, Value, People: Why I Joined Nasuni

SVP of Business & Corporate Development Michael Sotnick shares insights about his new role and the industry’s enterprise data management problem.

, , , , , , , , , ,
March 20, 2024 5 Reasons We Rely on the Nasuni Hybrid Cloud Storage Platform

Nasuni Customer John Shaffer shares the top reasons that Greenhill relies on the Nasuni hybrid cloud storage platform and more in his guest blog post.

, , , , , , , , , , ,
March 14, 2024 10X Acceleration & GenAI Readiness with Nasuni Edge for Amazon S3

Jeff Gusky announces the general availability of Nasuni Edge for Amazon S3 storage, which accelerates data ingestion, access and delivery for edge workloads.

, , , , , , , ,