Blog

Platform

Proactive Data Protection Strategies in a World of Ransomware

Ransomware is one of many cybersecurity threats we face in our modern and more connected world. Ransomware earns headlines across the globe, not only for the systems targeted and organizations initiating attacks but also for the cost of remediation and lost revenue. In 2019, the City of Baltimore attributed over $18 million in costs associated with remediation of ransomware while the City of New Orleans reported over $3 million (which overran their current insurance policy limit). Data protection plays an important role in the detection and more importantly recovery during a ransomware outbreak. Here are 3 Proactive Data Protection Strategies enterprises should use to avoid becoming a victim in the first place.

Data Protection Strategy #1 – Use an easy to deploy and manage solution so compromises aren’t made in recovery time and recovery points.
In my professional past, I experienced first-hand the crisis of losing access to critical data due to ransomware. After a nearly 5-billion-dollar merger, my team was tasked to align compliance across the companies and enforce a common standard for data protection. We chose a ‘snap and replicate’ solution. It wasn’t long before the limits of snap and replicate were exposed when several large, infrequently accessed volumes were transformed into an unusable mess due to ransomware. Retention point is the leading driver of cost for snapshot based backups – the more you retain, the more your price goes up. While snapshots can offer a quick recovery, the cost prohibited us from architecting retention beyond 14 days and thus we could not produce an uninfected copy of data. We went through extensive remediation costing in excess of $1 million dollars, enlisting cybersecurity specialists to reverse the encryption and later track the source of attack to nation-state sponsored hackers. Ransomware is known to incubate for 30 days or more. If your backup product forces you to make a compromise on retention due to cost containment, it’s time to look for a new solution. Clumio’s virtually unlimited, on-demand capacity protects VMware workloads with no cost for retention or frequency of backup. Clumio provides all components that constitute a data protection platform in a simple SaaS model, making management a breeze too. Another benefit of Clumio – there are no egress charges!

Data Protection Strategy #2 – Don’t rely on expensive hardware to solve a software problem.
Many data protection vendors claim recovery from ransomware as a benefit, but the difference in HOW between them is tremendous. Legacy backup vendors will require 3 physical appliances or more to replicate and ‘air-gap’ your backups. On top of that, the ‘air-gap’ is often a manual script that must be modified any time a new server or application is added. With no room for error, this can turn into a management nightmare. Clumio’s authentic SaaS backup solution leverages the cloud to dynamically scale your protection with near-limitless capacity and no concept of paying for the storage. With Clumio, your price for VM protection is flat, regardless of the size of VM, frequency of backup, or retention you require so you no longer have to choose between a successful backup tonight or compliance due to lack of capacity. Clumio’s always on, always enforced protection validates data before committing it to your vault, ensuring integrity at write so restorations are successful. Clumio SaaS is stateless in your environment, providing air-gap protection for your backup vault in multiple data centers. In cases where ransomware encrypts the backup, Clumio is architected as immutable storage – a Kryptonite against cyberattack!

Data Protection Strategy #3: Use a scalable architecture that can outwork the bad guy.
When faced with a ransomware attack, scalability of traditional backup appliances are put to the test. Limited compute resources available in the appliance often come up short which leads to paying a ransom and hoping decrypt in place will get your data back. In contrast, Clumio recovers your data with a microservices architecture that enables unlimited parallel streams for expedient, large scale restores – all with no egress! This means Clumio will scale out immediately and on demand to perform the task you need regardless of the request. Clumio SaaS evolves and improves in real-time to address security risk and change in your data.

Not all organizations can fully recover from data loss. Take the first step and check out the simple, secure, and scalable data protection solution delivered as authentic SaaS in Clumio. We keep security and data recovery top of mind so that you can avoid becoming a victim in the first place. Let Clumio SaaS do the work for you.

Charles Goforth

by Charles Goforth

Cloud SE

paper airplane icon