Recovery Failure: Spotting What Went Wrong

Everyone knows that backup is critical to a business’ operations to ensure that everything keeps going in a case of an unforeseen disaster. However, many businesses do not have backups until a disaster strikes, and for those who do have their backups, they can sometimes fall into a false sense of security.

One good example of this would be from a customer of Unitrends, large entertainment complex’s IT department (name is withheld for the reputation of the client).

Background

The IT division was responsible for multiple critical business operations which include the SQL Server databases, file shares, and customer loyalty systems. All of which were based on an on-premise data center. They ensured that they used best practices to protect the apps and data while also ensuring they had security up such as firewalls and a virus scanner. They also made sure to keep employees who had access to the corporate network aware of risky actions on the internet through training.

They were using Veeam to back up their primary data center while storing their backups locally and replicating to a remote site on a separate building on the property. All of this done through the corporate WAN. They also made sure to backup and test regularly to ensure that they could recover in the case of an unforeseen disaster.

However, even with all this precautions in place, there came a day when departments across the organizations contacted them saying that they could not access their applications. They could not find the problem until they saw that ransomware had started popping up on their screens.

No matter how much you train someone, as humans we are prone to errors. Someone clicked a link and infected the network. What made the situation worse, the ransomware actively sought the backup and immediately infected it as well.

Avoiding this scenario

So, what can you do to ensure that your backup stays safe?  Below are a few suggestions that can help your company prepare:

Phishing simulation – You must continuously educate your employees that they and the business is constantly under attack. Many companies are turning to products to educate employees by conducting simulated phishing attacks and security awareness training. Consider a product such as Bullphish ID by ID Agent.

Deploy Linux-based backup appliances – To avoid this and other Windows ransomware issues Unitrends backup and recovery appliances are delivered in hardened Linux.

Utilize cloud storage – Get your backups way offsite and physically disconnected from your production environment with Unitrends Cloud.

To learn more about Data Protection or Unitrends Solutions, you can contact us at 8893-9515 and we would be happy to answer your inquiries!