Ransomware is a critical challenge to business security today. I don’t need to tell you how horrifying it is when you find out that your systems have been infected with a strain of malware designed to knock you offline or make you pay some exorbitant extortion fee to free your data from being encrypted. Why are these attacks so effective? Because businesses can’t be offline. When your business isn’t selling to customers you are losing money. The malware writers know that. They attack in the hopes that paying off the gang is less money than you will lose if you can’t satisfy your customer base.
Recently, I was able to be a part of Commvault Shift as a remote live blogger. I watched as the company outlined the way they handle data protection and business continuity in the modern world. I found it interested that the three concepts they outlined for continuous business, namely Cost, Complexity, and Control, could also apply to reasoning behind why attackers succeed in taking a business offline:
- Cost: Does anyone know what it costs today to bring a business back from a ransomware infection? I’m not talking about the downtime either. How about the hours spent restoring data and provisioning services? The idea of shutting everything off and trying to turn it back on again gives many organizations cold sweats.
- Complexity: Don’t forget the extra troubleshooting that has to happen when your old technical debt doesn’t play well with your new projects. You may have built your organization on the latest cloud-first platforms but there’s no guarantee that some old software program isn’t going to cause a problem when it fails to connect to an obsoleted API. All of that means more time for your people to sort out the glitches, which adds to your outage.
- Control: Who is really in charge here? You? Or the attackers? If they have inroads into your organization you could find yourself facing wave after wave of attacks even after a successful restoration. Something as simple as creating a backdoor account in Active Directory before knocking it offline could mask a foothold that gives them access to wreak havoc in the future.
Thankfully, Commvault knows how hard these issues are to solve in the world of restoration. Even when you’re not fighting against an adversarial group you have to figure out how to make the best use of your resources before getting everyone back to a known-good state. You need expertise. You need technology designed to meet your modern needs. And you need it to work even if your people are busy doing other things.
Go Back to Go Forward
That’s why Cloud Rewind was so exciting to me. Formerly known as Appranix before being acquired back in April 2024, Cloud Rewind does all the things that backup and restore vendors have been promising for years. Yes, it does back up the data in your cloud environment. But it also maps out cloud services dependencies and looks for configurations that have drifted away from your standards. Because it is aware of the platform configuration it will not only restore the data but the state of the system when it was backed up. No more guessing about how the system was configured in the first place. Cloud Rewind just restores it all.
You can configure Cloud Rewind to take backups of the system as often as every five minutes. And with enough storage you can create a repository that allows you to go back as far as possible within the limits of physics. These frequent backups mean that you can find the perfect balance between the need to retain data and the possible dwell time of your attackers. The scariest part of restoring the data isn’t when you find out you’ve been breached. It’s figuring out how long they were in the system before you found them, or before they attacked you. Combined with the other great security features in the Commvault suite you can be assured that the data being restored by Cloud Reward is secure and uninfected.
The best part? You can download Cloud Reward directly from the AWS Marketplace today and start using it. Use costs are per instance per hour but the peace of mind that you get from knowing your data isn’t going to be encrypted or sold to someone else is well worth the investment. The cloud isn’t some magical platform that keeps everything forever. You need to have a solution that can get you back in business. Don’t count on old technology doing that in a world of cloud complexity. Use a tool like Commvault Cloud Rewind and leave your worries for the other hard stuff.