Ransomware today is one of the biggest threats to data safety, and it shows no sign of going away. Widespread and vicious attacks such as SamSam demonstrate that ransomware is now particularly nefarious and has increasingly large-scale impacts including costs and damage to data and the businesses that own it. No doubt, the continued rise of modern threat vectors like ransomware has IT on high alert – and looking for answers.
Business continuity disaster recovery (BCDR) is a best practice for ransomware recovery. BCDR offerings can garner premium price points with clients. Yet many MSPs worry that appliance-based BCDR is out-of-reach, or do not know the features to look for to efficiently manage the business.
Get the Terms Straight
Many customers, and indeed the occasional MSP, are unclear on what exactly BCDR is and how it differs from plain old backup.
Backup, an old term, is simply the replication of data. BCDR, on the other hand, is the entire plan for recovery. This includes a plan for how to recover the data, how to give the people who need access to it, such as where will they sit? How will they VPN in? What phones will they use? BCDR takes all aspects of that process and policies that drive it.
It’s important to note that while BCDR is a premium service that MSPs can offer clients, it doesn’t have to cost significantly more than plain old backup to deliver if you use the right solutions.
Consider some findings from a recent Webroot study. Based on the results, this Kaseya security partner finds that the best offense is a good defense. It recommends MSPs and IT shops:
- Educate users about the threats
- Use a behavior-based A/V and A/M
- Patch, patch, patch
- Back up. The best offense is really a good defense – you gotta back up
Antimalware, other security layers, backups, BCDR and training offer the greatest efficacy in terms of defense.
MSPs also need to explain the most common causes of data loss. Ransomware may be the most visible, but user error, hardware and software errors, breaches, and all forms of malware also kick in.
This all makes data loss and recovery a huge issue. With MSPs, the biggest request they get around BCDR is to recover lost files for users.
Hence, you must demonstrate how your BCDR can recover files easily and efficiently.
Different causes of data loss call for different solutions, so your client or prospect should understand the multiple threats and how true BCDR prepares for each. For instance, a cloud-only backup solution is designed to handle the least likely event where all of the data and the infrastructure is gone. And the cloud is slow, so should be a last ditch effort — 1TB of data takes one day over a 100 Mb/s pipe to restore.
Show that it Works
It is critical a BCDR solution give its users the ability to easily see that all of their backups were successful and to make it easy to address failures quickly.
Testing is the lynchpin of your BCDR plan. It is the only way to know if your plan works.
Like their IT counterparts, many MSPs do not test or only test once a year. Testing is hard, expensive, time consuming.
Why Kaseya Unified Backup Ransomware Detection
When backups are performed using Kaseya Unified Backup (KUB) appliances, the predictive analytics engine analyzes the data stream and uses a probabilistic methodology to identify anomalies to match the activity a system would present if infected with ransomware.
An alert is then generated and sent to the MSP or the organization’s IT team to signal that significantly higher than average unique data has been detected and that the conditions are cues of a probable ransomware attack.
An additional instrument to assist in detection or ransomware is KUB’s Recovery Assurance, which provides backup testing and verification, ensuring your backup data can restore your system as planned. A component of that testing includes the ability to run a security check for ransomware.
Get your KUB demo here.