Partner Spotlight – ShalevSoft
ShalevSoft is your trusted source for business software
In last week’s blog post, we asked if your business could survive the Zombie Apocalypse. Sure, we know that companies aren’t going to be taken down by one of pop culture’s most beloved monsters in a classic end-of-the-world-as-we-know-it scenario. But then just 3 days after we published that post on offsite vaulting and disaster recovery, more than 300,000 computers in organizations in at least 150 countries were attacked by an equally terrifying yet very real monster.
The WannaCry Ransomware has now forced their victims to either pay the ransom or walk away with no way to recover their data. As stated in our last blog post, protecting your critical data against hackers should always be part of a fail-safe disaster recovery plan. This is especially true now that hackers are developing even more savvy Trojan horses that don’t need to rely on human error to breach the perimeter.
Cybersecurity specialist, Craig Williams, says that the WannaCry attacks are particularly malicious because hackers designed the ransomware code to infect computers without human prompting. “You could just walk up to your computer, and it’s infected even if you didn’t even touch it,” Williams told NPR’s London correspondent, Frank Langfitt, in an interview on the day of the attacks.
That’s why technology experts are now telling business owners that prevention is their best defense against cyber criminals. More specifically, backing up all data is the only way to avoid paying a ransom or losing data. However, with that comes a critical caveat: Simply backing up your data is not enough.
If you really want full protection against cyberattacks and other disasters, we recommend that your disaster recovery arsenal includes a varied stack of tools and approaches. Here are a few of our recommendations that you can modify to fit your infrastructure and business continuity needs.
This is particularly important for ransomware protection, and you have a few options depending on the backup and recovery solution you use. Cloud backups are recommended because they are not connected to the backup environment, which could be compromised entirely during an attack. But you should store your backups in multiple locations with the cloud being one of them.
No matter which offsite storage option you choose, the credentials needed to access the backup storage should be extremely secure and separate from the ones used for production environments. In other words, avoid using the same domain and usernames for backups and production, and avoid using storage connected to your Windows Domain.
While this one may not seem as obvious, it is an essential part of having a complete BDR plan. Even if nothing ever goes wrong during testing, knowing how long it takes to recover your data will help with meeting your RTO.
When protecting your data against ransomware, you can never be too careful. We cannot stress enough the importance of having a disaster recovery plan that you can rely on. If zombies do take over the earth one day, your data will be there, even if you aren’t there to recover it.