There are various ways of keeping ransomware at bay, but in case it does slip through your defences some fairly simple precautions can make it easier to recover.
Data protection vendor Veritas Technologies is running a "five steps" campaign to encourage organisations to protect themselves from ransomware, global general manager Simon Jelley told iTWire.
Australia, he noted, has a relatively high exposure to ransomware (11% of all ransomware infections, according to Symantec). It can be a particular problem for SMEs that are unlikely to have a staff member dedicated to IT security issues.
The five steps for avoiding the worst effects of ransomware are: make copies, isolate them, set appropriate retention periods, apply the 3-2-1 rule, and run fire drills.
{loadposition stephen08}The first step is pretty obvious. If ransomware encrypts the only copy of a file, there's a good chance you won't get it back. This also applies to hardware failure, theft, fire, floods and other disasters.
Isolation is especially relevant to ransomware. It's a small step from encrypting files on the start-up drive to going after those on external drives, network shares and so on. Back-ups can be isolated by using (for example) tape or read-only cloud storage, Jelley suggested. While tape is still popular, he expects a significant move to cloud services such as Glacier, largely because of their better economics but also because SMEs are moving away from owning their own infrastructure.
Retention periods are part of data lifecycle management. A first step is to move older back-ups to cheaper (and probably slower) storage such as tape or cloud, as they are less likely to be needed urgently. There's also the issue of aging-out old and unwanted data to avoid the cost of storing it indefinitely. Organisations should also consider how many copies of particular files should be retained and where, he said. A master catalog — such as the Information Map add-on for NetBackup — helps you keep track of what you've got, where it is, and who owns it.
Don't recognise the 3-2-1 rule? Keep at least three copies of data, on at least two devices, with at least one copy offsite.
Fire drills are about making sure you really can recover data when you need. This can be as complex as checking that a secondary site really will go live if the primary falls over, or as simple as recovering an arbitrary file to a PC and checking that it is still identical to the original.
Veritas' intention is to protect data wherever it lives, be that on physical, virtual or cloud infrastructure. One Veritas back-up system and one licence covers the lot,Jelley said, whether that is NetBackup for enterprises or Backup Exec for mid-market and SMEs.
The software provides efficient image or snapshot based back-up, with the ability to recover an entire image or specific files. Furthermore, the recovery process brings back exactly what's needed, without having to fetch the last full back-up and then apply subsequent incremental back-ups to reach a certain point in time.
Jelley pointed out that Backup Exec 16 FP2 can compress and deduplicate cloud back-ups (saving up to 90% of the storage required), makes better use of the available bandwidth, and supports additional cloud tiers, including AWS Gov Cloud and specific regions. It also provides enhanced integration with VMware and Hyper-V.
He agrees that one of the problems with using cloud storage for back-up is that the cost can be uncertain – for example, there may be extra charges for recovering data from otherwise cheap storage. But "we're trying to help customers" by providing a platform-agnostic back-up system to help avoid lock-in to any one cloud operator, offering around 30 connectors for public and private cloud storage, and supporting movement between different providers or different tiers (eg S3 and Glacier) on the same service.
Veritas also supports back-up of popular NAS devices, while the CloudPoint add-on for NetBackup and Backup Exec service covers public, private and hybrid clouds (including AWS, Azure, Google Cloud, HDS G-Series and HP 3Par).
In closing, it's always encouraging to hear stories about vendors eating their own dog food: just before Jelley set off on his current trip, a colleague spilled coffee on his laptop. But it had been backed up just three hours earlier, so he could easily recover what was needed.