104 1/2 W 9th Ave Suite 500
Winfield, KS 67156
Mon - Thurs 8 am - 5 pm CT
Fri 8 am - 4 pm CT
Winfield, KS 67156
Fri 8 am - 4 pm CT
Winfield, KS 67156
Fri 8 am - 4 pm CT
Winfield, KS 67156
Fri 8 am - 4 pm CT
Disaster Recovery is a difficult but necessary element of any successful business. Though disasters are unpleasant to consider, they are an unfortunate reality of the Internet Age. Think of technological disasters as the inevitable downside to the substantial benefits of managing your business online.
Disaster recovery is the ability to continue work after a catastrophic event. This includes a crippling computer virus, hardware malfunction or even a natural disaster such as a fire or a flood. Disaster Recovery differs from Data Backup – simply having a copy of your data is insufficient to get your business back up and running should something happen.
The odds of something happening to your data are high. The costs of restoring your system are even higher. According to the National Computer Security Association, without having an adequate backup solution in place it takes:
Hopefully you will never need to use a disaster recovery plan, but if you do, you’ll be glad you planned ahead. Custom Internet Services has developed a class to help your business develop a plan to protect your data. For more information on this class click here.
A comprehensive backup and disaster recovery solution is your number one defense against ransomware. Be sure to practice restore processes and know that your actual data can easily be retrieved. Read the FBI’s outlook and recommendations on ransomware prevention–featuring detailed reports tailored to the separate interests of CEOs and CISOs.
Disconnect from the network immediately, so ransomware cannot spread to shared drives and connected systems.
Resetting the BIOS clock back to a time before the ransom expiration window is up might help delay the expiration deadline. But the programmers are getting smarter, so this tactic may only work with certain strains of ransomware.
Often you’ve been infected for weeks before the ransomware message appears. Before you can restore your clean files from backup, you need to know how far to go back to ensure a clean restore.
Ensure that all employees are aware that a ransomware attack is in process and direct them to the processes and procedures needed to protect their data and provide a timeframe for restoration of affected systems.
Enable System Restore on your Windows machine, as you might be able to take your system back to a known clean state. Also, see if your anti-virus solution offers free decryption tools that can help decrypt files.
Determine the point in time when ransomware infected your data. Restore the most recent clean files from a backup just prior to the infection date.
If a production database or mission-critical application has been infected, leverage a DRaaS solution to spin up an image or virtual machine in minutes–ensuring your users stay productive.
It pays to keep up with ransomware developments. Some ransomware strains have been cracked, but these are with limited successes. Ransomware, like all malware, will continue to evolve. The more informed you are, the better equipped you are to protect your data and systems. A comprehensive backup and disaster recovery solution is your number one defense against ransomware. Be sure to practice restore processes and know that your actual data can easily be retrieved.
In March, Microsoft released a security update which addresses the vulnerability that was exploited by the WannaCry ransomware. Those who have Windows Update enabled are protected against attacks on this vulnerability. For those organizations that have not yet applied the security update, download Microsoft Security Bulletin MS17-010 immediately.
Resetting the BIOS clock back to a time before the ransom expiration window is up might help delay the expiration deadline. But the programmers are getting smarter, so this tactic may only work with certain strains of ransomware.
Keeping applications like Adobe Reader, Java, and other plugins up to date greatly reduces security vulnerabilities that may bypass your antimalware defenses. Ad and pop-up blockers also greatly reduce user error, stopping users from inadvertently clicking fake dialogs that download ransomware.
Even though you’ve just been infected by ransomware, it’s still a best practice to update your antivirus software to ensure you don’t get re-infected down the road. To maintain the highest level of protection, configure your antivirus software to check for updates as often as it will allow. Keeping the signatures up to date doesn’t guarantee a new virus will never slip through, but it does make it far less likely.
It takes one bad decision by a user to unleash the spread of a costly ransomware attack. Ransomware is often let in through a phishing email. Prevention isn’t possible 100% of the time, but in many cases attacks can be stopped if users are educated about what to look for. If attacked, ensure that all employees are aware that a ransomware attack is in process and direct them to the procedures needed to protect their data and provide a time frame for restoration of affected systems.
Enable System Restore on your Windows machine, as you might be able to take your system back to a known clean state. Also, see if your anti-virus solution offers free decryption tools that can help decrypt files.
Determine the point in time when ransomware infected your data. Restore the most recent clean files from a backup just prior to the infection date.
It’s quite possible your backups and VMs may have also been corrupted during the attack. With DRaaS, admins can more quickly browse a disk image to quickly determine if hte files contained in the image have been encrypted. General speaking, if the VM boots up, you have a clean ransomware-free image; it is doesn’t, the VM is probably infected.
If a production database or mission-critical application has been infected, leverage a DRaaS solution to spin up an image or virtual machine in minutes–ensuring your users stay productive.
If you’re using a DRaaS solution, the failback process is critical. You must consider how to move data back to production as quickly as possible. During the actual failback, data is re-synchronized–halting I/O and application activity once again–before operations are restored to the original location.