BCDR Beats Back Ransomware and other Malware Mischief

MSP, MSP Tips, Security
Thunderstorm in midwest plains

Ransomware today is one of the biggest threats to data safety, and it shows no sign of going away. Widespread and vicious attacks such as SamSam demonstrate that ransomware is now particularly nefarious and has increasingly large-scale impacts including costs and damage to data and the businesses that own it. No doubt, the continued rise of modern threat vectors like ransomware has IT on high alert – and looking for answers.

Business continuity disaster recovery (BCDR) is a best practice for ransomware recovery. BCDR offerings can garner premium price points with clients. Yet many MSPs worry that appliance-based BCDR is out-of-reach, or do not know the features to look for to efficiently manage the business.

Get the Terms Straight

Many customers, and indeed the occasional MSP, are unclear on what exactly BCDR is and how it differs from plain old backup.

Backup, an old term, is simply the replication of data. BCDR, on the other hand, is the entire plan for recovery. This includes a plan for how to recover the data, how to give the people who need access to it, such as where will they sit? How will they VPN in? What phones will they use? BCDR takes all aspects of that process and policies that drive it.

It’s important to note that while BCDR is a premium service that MSPs can offer clients, it doesn’t have to cost significantly more than plain old backup to deliver if you use the right solutions.

Consider some findings from a recent Webroot study. Based on the results, this Kaseya security partner finds that the best offense is a good defense. It recommends MSPs and IT shops:

  1. Educate users about the threats
  2. Use a behavior-based A/V and A/M
  3. Patch, patch, patch
  4. Back up. The best offense is really a good defense – you gotta back up

Antimalware, other security layers, backups, BCDR and training offer the greatest efficacy in terms of defense.

MSPs also need to explain the most common causes of data loss. Ransomware may be the most visible, but user error, hardware and software errors, breaches, and all forms of malware also kick in.

This all makes data loss and recovery a huge issue. With MSPs, the biggest request they get around BCDR is to recover lost files for users.

Hence, you must demonstrate how your BCDR can recover files easily and efficiently.

Different causes of data loss call for different solutions, so your client or prospect should understand the multiple threats and how true BCDR prepares for each. For instance, a cloud-only backup solution is designed to handle the least likely event where all of the data and the infrastructure is gone. And the cloud is slow, so should be a last ditch effort — 1TB of data takes one day over a 100 Mb/s pipe to restore.

Show that it Works

It is critical a BCDR solution give its users the ability to easily see that all of their backups were successful and to make it easy to address failures quickly.

Testing is the lynchpin of your BCDR plan. It is the only way to know if your plan works.

Like their IT counterparts, many MSPs do not test or only test once a year. Testing is hard, expensive, time consuming.

Why Kaseya Unified Backup Ransomware Detection

When backups are performed using Kaseya Unified Backup (KUB) appliances, the predictive analytics engine analyzes the data stream and uses a probabilistic methodology to identify anomalies to match the activity a system would present if infected with ransomware.

An alert is then generated and sent to the MSP or the organization’s IT team to signal that significantly higher than average unique data has been detected and that the conditions are cues of a probable ransomware attack.

An additional instrument to assist in detection or ransomware is KUB’s Recovery Assurance, which provides backup testing and verification, ensuring your backup data can restore your system as planned. A component of that testing includes the ability to run a security check for ransomware.

Get your KUB demo here.

Posted by Doug Barney
Doug Barney was the founding editor of Redmond Magazine, Redmond Channel Partner, Redmond Developer News and Virtualization Review. Doug also served as Executive Editor of Network World, Editor in Chief of AmigaWorld, and Editor in Chief of Network Computing.
security patch management

Reduce the Risk of Vulnerabilities by Automating Security Patch Management

Managing software updates is one of the challenging and resource-intensive tasks the IT team undertakes on a daily basis. It is alsoRead More

Old clock sitting on wooden table

Take Back Lost Tech Time With These Omni MSP Workflows

Time is undoubtedly the most important resource your MSP business has. No matter how you slice it, there are onlyRead More

Scare Up New Business: Make Your Customers Afraid of the Dark

The Dark Web is the seamy underbelly of the internet. It is where bad actors lurk and do business withRead More

Bluekeep patch vulnerability

NSA Urges Legacy Windows Users to Patch BlueKeep Vulnerability

The National Security Agency (NSA) has jumped into the fray recently with an advisory urging Microsoft Windows administrators and usersRead More

Connect IT Asia-Pacific - Don't Miss the Premier IT Management Event of the Year - Join Us in Sydney 1-3 October 2019 - Register Now

Archives

Categories