Cloud Backups, Your Best Defense Against Ransomware

Cloud Backups, Your Best Defense Against Ransomware

July 24

StorageCraft partners aren’t strangers to ransomware. In fact, a number of them have successfully thwarted ransomware like CryptoLocker without much trouble. They did so by restoring ShadowProtect cloud backups of affected systems; a pretty simple process. The problem is that ransomware isn’t just a trending thing—it’s becoming a serious criminal enterprise.

defending against ransomware with cloud backups

Recent statistics show that the total cost of ransomware may have risen to $1 billion in 2016. And the damage to businesses is real, manifesting in lost productivity, lost revenue and reputation risks. As you likely know, one of the best defenses against a ransomware attack is to have solid backups, both onsite and offsite.

Local Backups First, Cloud Second

The first lesson here is to ask yourself if you’ve got local backups for ransomware attacks. If you don’t have them, get them. The cloud is a great place for secondary backups and to provide lightning-quick emergency failover. But it’s not the only place you should be storing your data. Local first, cloud second. Worried about storage costs? Converged storage providers such as Exablox can offer brilliant solutions for both storage and easy data management and access, at an incredible price.

The second lesson is that you should ask your cloud vendor a few questions about access and security. We’ll talk about each one of these questions in detail and see how you can make sure your cloud provider keeps you safe from cyberattacks, looking at StorageCraft Cloud Services.

How do you back up data?

Once users of StorageCraft Cloud Services have a locally saved backup, if they choose not to directly upload the image, they can send a seed drive of their backup image chain to our Cloud Services facility. At the same time, you replicate incremental backups of that same system to the same location. Once the seed drive arrives, the full backup is married with the incrementals. The user gets one current incremental chain, complete with all their recovery points. They are ready for instant recovery.

If you wish, you can even mirror the data stored in our cloud to a secondary data center. This way you have another layer of protection for extra-critical data.

Is it possible for a cyber-criminal to access backups with ransomware and delete them?

We take the utmost care in ensuring that systems are impenetrable. To date, we’ve never had an instance of successful cyber-attack or data breach. Our data center security is topnotch and features everything from biometric access controls to twenty-four-hour surveillance. And while we do all we can on our end to make sure nobody can access our systems or your cloud backups, there’s still one obvious way a hacker can get in: discovering your passwords.

Keep in mind you need two passwords before you can even access your StorageCraft Cloud backups. One password gets you into our MSP portal and one encrypts each backup chain. Also bear in mind that all backups you wish to send to StorageCraft Cloud Services can’t be replicated unless they’re encrypted. As with anything you’d like to keep secure, using iron-strong passwords is an absolute must.

How would you get the cloud vendor to initiate a restore?

Luckily, StorageCraft Cloud Services users have the control to spin up backups as virtual machines (VMs) whenever you need them, which will tide you over while we overnight your bare metal recovery (BMR) drive for a full restore. This is great for you because many vendors require you to contact them before you can spin up a VM. With us you can do it the instant you need to.

Has [the cloud vendor] tested a restore?

As with the last question, users of StorageCraft Cloud Services can test a restore on their own by spinning up a VM using the most recent backup. Additionally, you can request a test BMR drive for a nominal fee (BMR drive fees are not charged in true recovery scenarios, only testing scenarios). We recommend testing your backup chains regularly in order to verify their integrity.

If a cyber-criminal deleted your current data, would those deletes be immediately replicated to the backups?

If your network is entirely cloud based, you likely won’t be using StorageCraft solutions at all. As we noted, our cloud backup solutions are secondary to local backups. However, if you were replicating backups to our cloud and a hacker did enter your network and began deleting things, these changes would be recorded in any incremental backups that happen after the deletion. Luckily, the past recovery points already stored in the cloud will still contain any of the data the hacker deleted, whether it’s a file, folder, or something even more important. This is why it’s important to set retention policies wide enough to cover you if a hacker penetrates your systems.

Do you back up server configurations, or just data?

Another great benefit of StorageCraft solutions is that the ShadowProtect SPX backup software takes an entire volume image. Your OS, settings, files, folders, and anything on the system are stored in their current state, which can then be stored locally and replicated to StorageCraft Cloud Services, if you so desire. This is useful because it covers you beyond simple file and folder backups, and allows you to recover an entire system locally or spin it up as a VM from the cloud in a matter of minutes.

StorageCraft also has the option for a file and folder backup if you use the File Backup and Recovery with Backup Analyzer. This is an enterprise-grade solution for laptops and desktops where you only need data backup. This is a solution that offers significant cost reduction as it uses a smart data analytics engine to pinpoint and back up only important data.