We are quickly approaching the end of 2017, and for organisations around the globe, this year hasn’t been without its challenges as ransomware continues to be a dark cloud overhead that isn’t going to clear anytime soon.
Ransomware has been around for decades but is increasingly becoming more aggressive and frequent. Cybercriminals are getting smarter and more targeted with their attacks, impacting organisations in Asia across the financial, government, travel and telecommunications sectors - leaving a trail of significant destruction in its wake.
The question is no longer if we are going to get hit, it’s when. In 2017 ransomware took many organisations by surprise, but hopefully in 2018 organisations will head into the year stronger than ever before, with their eyes wide open. If you were hit tomorrow, how well would your organisation be equipped to handle it? Will your data be protected and will your customers be impacted?
Our 2016 research which surveyed 400 enterprises in Asia Pacific revealed that more than two thirds of organisations have implemented or are planning to implement a formal disaster recovery plan and almost half (45%) say that disaster recovery is the top data centre spending priority.
Larger organisations can also make for bigger targets. The more complex the IT and business environment, the more diverse the platforms on which IT systems sit, the more staff members, the more ways cybercriminals can find to infiltrate the business.
Knowing what to do if you get hit - so you can act quickly
Security strategies and products protecting the organisation against ransomware are vital; working with IT security vendors to ensure the right solutions and systems are in place should be the first point of call.
The second consideration for IT leaders is how to minimise the damage when the organisation does get hit, and making sure the business can be back up and running as soon as possible. A comprehensive approach, particularly in the fight against ransomware, involves considering IT security as a three-legged stool; the detection of attacks, prevention of intrusion, and fast recovery of critical data and applications to ensure uninterrupted business operations.
This combination ensures organisations are prepared and not just three steps ahead of malicious intent, but building IT resilience that allows the business to thrive in the face of attack.
It’s also important to recognise that many traditional disaster recovery technologies pre-date modern IT environments and were not created to protect virtual environments or protect against ransomware.
Putting your DR strategy under the microscope
Part of a well-rounded IT and security investment strategy includes integrating a robust DR plan that can stand the test of time. To protect ourselves against ransomware and its potentially disastrous technological and financial consequences, it’s critical to understand what’s needed to shield IT from the initial infection and how to recover as quickly as possible.
It’s important to identify on a regular basis the key applications and data that is at risk and making sure they are protected. Gather as many data points as you can before making a decision, but with a critical eye towards what the cost of downtime means and what you would personally consider acceptable as an end consumer.
To keep pace, an organisations’ disaster recovery plan must be easily implemented, and regularly tested with consistent success in order to prove its worth. The DR infrastructure must also be able to accommodate any changes in the IT environment over time, to protect against new holes and vulnerabilities created by IT updates.
There are four areas that IT leaders should consider when taking a close look at their DR strategy:
- Speed: Can you recover (i.e. “rewind”) back to a point in time just seconds before a ransomware attack or IT outage occurs, being able to get critical data, applications, websites, and individual files operational within minutes?
- Agility: Are you able to successfully and quickly run DR tests with a high degree of automation, or does such activity require long lead times, a large support team, expensive consultant resources, and result test outcome uncertainty?
- Flexibility: Does your existing infrastructure and DR technology stack give you the flexibility to achieve continuous data protection with block level replication? Does your organisation currently experience vendor lock-in, making it restrictive to use other technologies that may better fit the company’s business needs?
- Scalability: If you grow - can you trust that your IT systems will keep up? Is it time for an upgrade?
With so many tools and solutions available, there is no excuse for not protecting your organisation’s data and safeguarding company information and finances. Organisations that are caught short in the event of outage of any nature, can find customers very unforgiving and risk reputational and cost damages. In our experience, the cost of investing in a truly resilient disaster recovery platform is exponentially less than the cost of having to fix the situation after the fact. So how prepared is your organisation to cope with the next attack?