Understandably, when Ransomware attacks occur on a large scale like they have done recently to our public authorities, it leaves many of us asking, “Is my business truly protected?”

Although we don’t have all the details yet on this historic attack, we know ransomware invasions often originate through endpoints, including things like desktop computers, laptops, smartphones, tablets or fringe computing resources. For one reason or another, though, these may not maintain the same rigour of security updates and control as the rest of your organisation.

This event certainly solidifies the reality of the world in which we live. Once attacked, you only have two options: pay up (might as well make Bitcoin a line-item in your budget) or implement your data recovery plan - and do it fast. Having a data recovery plan has always been a must, but what was once good enough may now leave you exposed in this new reality. In today's world, the scope and complexity of ransomware attacks continue to escalate.

For many organisations, probably some very similar to yours, this complexity is compounded by the fact that many of your key business applications might be running on older, sometimes unsupported and unpatchable operating systems, which lack the necessary security updates to stop the spread of potential attacks. Because of this, you need a data protection platform that not only covers your core enterprise, private and public cloud environments, but also one that can extend to Endpoint Protection. One that can store immutable, up-to-date copies of all these environments to ensure the ability to recover rapidly - should disaster strike.

Building on experiences working with companies around the world, a list of best practices to protect and recover from ransomware attacks have been developed:

1. Develop a program that covers all of your data needs: You must identify where your critical data is stored, determine your workflows and systems used to handle data, assess data risks, apply security controls, and plan for evolving threats. If it is not protected, it cannot be recovered.
2. Use proven data protection technologies: You need solutions that detect and notify of potential attacks, leverage external CERT groups, identify and prevent infection, maintain a 'GOLD' image of systems and configurations, maintain a comprehensive backup strategy and provide a means to monitor effectiveness.
3. Employ Backup and Data Recovery (DR) processes: Don’t rely solely on snapshots or replica backup. Your backup process data could just as easily be encrypted and corrupted if it is not stored in a secure way where a ransomware attack cannot get to it. If your process or vendors don’t offer ransomware protection that addresses the proper way to store your data, then your backup plan is at major risk!
4. Educate employees on the dangers of ransomware and how to secure endpoints:Train your staff on all DR and data security best practices to get endpoint data protected within your Information Security Program. Most breaches are from good people making simple mistakes.

Evaluating your current ransomware threat readiness and applying these key steps will make sure that your organisation is doing everything possible to avoid turning the long-term consequences of ransomware attacks from potential to reality. The goal, if affected, is to minimise the consequences and get your data back, and your business up and running quickly.

You need endpoint data protection to reduce your risk of data loss, preferably through one simple solution that includes your hybrid IT environment and your many endpoints. The best solutions cover your end-users with data protection, security and added visibility into all of their corporate data – whether stored on laptops, desktops or cloud-based file-sharing services. It’s all about maintaining control with comprehensive backup and search capabilities of files and folders – even those outside of your data centre – and help with protecting against data loss from malware and ransomware attacks like we’ve seen this week.

Please see the following Whitepaper for more information: 4 Ways to Protect and Recover from Ransomware Attacks

If you use Commvault today, you can also read our previously published article:How to use Commvault V11 SP6 to Detect, Protect, Alert and Recover from Ransomware Attacks

At COOLSPIRiT we have the UK’s leading team of data protection experts, who have the experience to help and advise on what precautions you can take, to ensure you can recover quickly, which is the most important procedure in any DR situation. Whether its hardware solutions offering secure copies of data for our customers to consider deploying or software to help manage the recovery process, we are here to offer advice.

Being the Commvault European Platinum Partner of the Year, COOLSPIRiT believe and trust in Commvault’s market leading software platrform to become your primary protection point, for any DR situation.

For any advice, please contact our team on 01246 454222 today.