​DRaaS: The Faster Solution for Battling Ransomware

September 1, 2017
Data Protection, Disaster Recovery

For years, a lot of companies have pushed disaster recovery (DR) planning to the back burner. Sure, they’d do periodic backups and maybe update their antivirus software. But a comprehensive DR solution was not deemed a priority; after all, disasters only happen to someone else.  Even the uptick in data centers outages and their associated costs in recent years — well publicized across media channels — has not pushed many organizations to take action.

However, one trend is causing more companies to rethink their approach to DR — and making a strong case for Disaster Recovery as a Service (DRaaS) solutions.  It’s ransomware, a type of malware that covertly enters a user’s system, silently encrypts the user’s data and then demands payment to decrypt it. 

According to the Internet Security Threat Report released in April 2017, there were 1,271 ransomware attacks detected a day in 2016, up 36% from 2015. And in its Ransomware Damage Report, 2017, CyberSecurity Ventures predicts that global ransomware damage costs could exceed $5 billion in 2017. The frequency of ransomware attacks, as well as the downtime and associated costs, are strong motivators for urging companies to put a DR plan in place.

The Need for DR

A company that falls prey to ransomware could just pay the ransom and be done with it. That’s typically not recommended, however. There’s no guarantee the cybercriminals will follow through with a decryption key. And, once a company pays a ransom, it opens itself up to more attacks because it sets itself up as a company that is willing to pay. That’s not to mention what it does to the company’s reputation.

A DR plan that enables a company to restore a clean copy of its data offers a much more cost-effective, secure approach. First, the DR plan puts a process in place for regularly backing up data and applications. If ransomware attacks, you don’t have to worry about decrypting data, whether by paying for a decryption key from the cyber-criminals or trying to use some form of decryption software. You have your backups to use.

The DR plan also details how to restore the data, and includes steps for testing the entire sequence of processes. After all, a DR plan does no good if it doesn’t work.  And, you won’t know if it works unless you test it.

Cloud Backups vs. DRaaS

Time is one of the main reasons that DRaaS is a preferred DR option in the fight against ransomware. The faster a ransomware attack can be identified, the more time there is do whatever it takes to restore data.

With cloud backups, you can restore data, but it can take hours. You must download the application files from the cloud based on your most recent backup, rebuild, and then compile the data or application. If the application runs, you know you have restored a clean copy.  If not, you must go back to the next recent backup and go through the process again.

With a DRaaS solution, you can quickly stand up and failover to a DR environment. Then with a few clicks you can fail back. Data can be restored in minutes. If you consider the cost of downtime for SMBs — approximately $10,000 per hour according to many estimates, it’s easy to see why you’d want your data restored as quickly as possible. (The costs can run even higher for enterprises.)

Of course, some companies may be able to tolerate a little more downtime than others — at least for some kinds of data or applications. Some DRaaS solutions offer “tiers,” which allow you to select the service level that works best for your budget and needs based on recovery point and recovery time objectives (RPO/RTO).

DRaaS solutions also make it much easier and quicker to make sure your backup does not contain ransomware. With a cloud backup process, you must manually inspect the individual files and folders for each backup; find the date when file names started to get encrypted; and then restore the files from a clean backup. The more files that have been infected, the longer the process takes. It’s far quicker and simpler with a DRaaS solution. Just quickly browse a disk image to determine if the files it contains have been encrypted.

Another advantage of a DRaaS solution is that it’s managed by a third-party provider. That frees your internal IT team from the responsibility. If a disaster strikes, whether it’s a ransomware attack or some other kind of disaster, the service provider immediately puts the DRaaS solution into action and restores your IT systems quickly and seamlessly.

Learn More

To learn more about putting a DRaaS solution in place to help your company combat the effects of a ransomware attack or other potential disasters, talk to a US Signal expert.  Call 866.2. SIGNAL or email [email protected]

You will also want to take advantage of this free resource from US Signal: Enemy at the Gate: A Guide to Keeping Ransomware Out.