BCDR Beats Back Ransomware and other Malware Mischief

MSP, MSP Tips, Security

Ransomware today is one of the biggest threats to data safety, and it shows no sign of going away. Widespread and vicious attacks such as SamSam demonstrate that ransomware is now particularly nefarious and has increasingly large-scale impacts including costs and damage to data and the businesses that own it. No doubt, the continued rise of modern threat vectors like ransomware has IT on high alert – and looking for answers.

Business continuity disaster recovery (BCDR) is a best practice for ransomware recovery. BCDR offerings can garner premium price points with clients. Yet many MSPs worry that appliance-based BCDR is out-of-reach, or do not know the features to look for to efficiently manage the business.

Get the Terms Straight

Many customers, and indeed the occasional MSP, are unclear on what exactly BCDR is and how it differs from plain old backup.

Backup, an old term, is simply the replication of data. BCDR, on the other hand, is the entire plan for recovery. This includes a plan for how to recover the data, how to give the people who need access to it, such as where will they sit? How will they VPN in? What phones will they use? BCDR takes all aspects of that process and policies that drive it.

It’s important to note that while BCDR is a premium service that MSPs can offer clients, it doesn’t have to cost significantly more than plain old backup to deliver if you use the right solutions.

Consider some findings from a recent Webroot study. Based on the results, this Kaseya security partner finds that the best offense is a good defense. It recommends MSPs and IT shops:

  1. Educate users about the threats
  2. Use a behavior-based A/V and A/M
  3. Patch, patch, patch
  4. Back up. The best offense is really a good defense – you gotta back up

Antimalware, other security layers, backups, BCDR and training offer the greatest efficacy in terms of defense.

MSPs also need to explain the most common causes of data loss. Ransomware may be the most visible, but user error, hardware and software errors, breaches, and all forms of malware also kick in.

This all makes data loss and recovery a huge issue. With MSPs, the biggest request they get around BCDR is to recover lost files for users.

Hence, you must demonstrate how your BCDR can recover files easily and efficiently.

Different causes of data loss call for different solutions, so your client or prospect should understand the multiple threats and how true BCDR prepares for each. For instance, a cloud-only backup solution is designed to handle the least likely event where all of the data and the infrastructure is gone. And the cloud is slow, so should be a last ditch effort — 1TB of data takes one day over a 100 Mb/s pipe to restore.

Show that it Works

It is critical a BCDR solution give its users the ability to easily see that all of their backups were successful and to make it easy to address failures quickly.

Testing is the lynchpin of your BCDR plan. It is the only way to know if your plan works.

Like their IT counterparts, many MSPs do not test or only test once a year. Testing is hard, expensive, time consuming.

Why Kaseya Unified Backup Ransomware Detection

When backups are performed using Kaseya Unified Backup (KUB) appliances, the predictive analytics engine analyzes the data stream and uses a probabilistic methodology to identify anomalies to match the activity a system would present if infected with ransomware.

An alert is then generated and sent to the MSP or the organization’s IT team to signal that significantly higher than average unique data has been detected and that the conditions are cues of a probable ransomware attack.

An additional instrument to assist in detection or ransomware is KUB’s Recovery Assurance, which provides backup testing and verification, ensuring your backup data can restore your system as planned. A component of that testing includes the ability to run a security check for ransomware.

Get your KUB demo here.

Posted by Doug Barney
Doug Barney was the founding editor of Redmond Magazine, Redmond Channel Partner, Redmond Developer News and Virtualization Review. Doug also served as Executive Editor of Network World, Editor in Chief of AmigaWorld, and Editor in Chief of Network Computing.

Drowning in Endpoints? Transform your Approach with Unified Endpoint Management

Today’s midmarket enterprises deal with a large number of endpoints running different operating systems and applications for numerous users withRead More

Best Practices for Secure Backup and Recovery in Healthcare

Despite great efforts and regulations, the healthcare industry remains the most vulnerable to data breaches, affecting millions of peoples’ privacyRead More

The Gift of MSP Growth: Forge Your 2019 Plan

The New Year is approaching, arguably the most popular time to set goals and make plans. This is a goodRead More

It’s a Wrap! Here are 2018’s Top 10 Stories

2018 was a year of data breaches. As the year passed on, “another day, another data breach” became the mantra.Read More

Archives

Categories