Ransomware Is a “When,” Not an “If” — Are You Prepared?

Ransomware Is a “When,” Not an “If” — Are You Prepared?

When you think of worst-case scenarios for your enterprise, you likely think of disasters with your storage environment, failing hardware, botched firmware updates, or overall downtime. If you can’t access your data, your organization likely can’t function. 

Strong passwords and a hardened firewall are not enough in today’s complex environment. Storage is designed to be the free flow of organizational intelligence — the brain of your operation. With that in mind, it should be protected with a multi-tier approach to redundancy and security.

Assume a threat is coming

When you roll out a new storage solution, there’s a honeymoon period where you can assume it’ll be reliable from a hardware perspective. Uptime will likely remain strong, and you’ll be on a well-tested firmware. It has that “new car smell,” and you’ll probably have the opportunity to think through other aspects of your network and infrastructure. 

While your attention is focused away from your storage environment, there is a silent threat that’s still lurking: Ransomware. Cybercriminals don’t care if your system is brand new, backed up, under warranty, or on the latest firmware

Ransomware is the killer that’s patiently waiting to attack, and it’s something your team has to build into a risk strategy. The problem for most storage environments is they’re designed to protect against hardware failures — not ransomware. Likewise, backup strategies are often designed against failing drives and not malware that holds the drive hostage. 

But there is a solution.

A multi-tiered approach to security includes ransomware protection

When we meet with customers to discuss infosec improvements, most of them assume we’re going to be discussing firewall improvements, implementing more robust multi-factor authentication approaches, and rotating passwords. Although these topics do come up, as they are your first line of defense against security threats, we quickly turn to the “what ifs?” of breach scenarios: 

  1. What if your storage is locked down with ransomware? 
  2. What if your backups are infected?
  3. What if everything is inaccessible for a period of time?

While hardware failures should be a consideration, having your storage locked away by ransomware should be near the very top of your list of concerns to plan for. Going back to our “what-if” scenario: What if your storage is locked down with ransomware? What are your options? 

While there are a lot of ways to prevent a ransomware attack, the best strategy to ensure your network stays intact is to assume it will be infected with ransomware. 

For forward-thinking enterprises, IBM Safeguarded Copy technology is the best way to ensure your backup contains immutable copies to allow rapid recovery in the event of a disaster. IBM Safeguarded Copy “air gaps” your backup data and keeps the primary copy disconnected from other copies, preventing your backups from infection. 

IBM’s Safeguarded Copy systematically creates isolated snapshots within the system, ensuring that unauthorized users or ransomware can’t access or alter the data. In the event of a breach, organizations can use one of the snapshots to quickly recover unaffected copies of their data, turning a downtime event from weeks into possibly just a few hours.

​​In addition, Safeguarded Copy can be integrated with IBM’s QRadar. QRadar is IBM’s purpose-built tool for monitoring activity and detecting signs of a cyberattack. When combined, QRadar can trigger Safeguarded Copy to automatically create a protected backup when it finds a threat on the network.

Protect your enterprise in 2022

As you look ahead to your cybersecurity strategy in 2022, ask yourself what a week of downtime would cost your business. For some companies, it would mean a missed payroll and lost customers — or worse.

The good news is that with a trusted technology partner, you can confidently navigate your day-to-day without the worries of “what if.” Our cybersecurity experts have decades of experience in protecting businesses against ever-evolving threats and would be more than happy to help you develop or improve upon your organization's full-scale cyber resiliency program. 

Contact us today to learn more about security training, air-gapped backups, device management, and more.

About InfoSystems

For over 25 years, InfoSystems has provided reliable IT solutions to build and maintain strong and secure systems for both SMB and enterprise organizations. Headquartered in Chattanooga, TN, our trusted team of experts specialize in traditional infrastructure, IT optimization and cybersecurity services, as well as next gen solutions such as hybrid cloud and automation, from partners such as IBM, Red Hat, Dell Technologies, Microsoft and VMware.

Leave a reply

Your email address will not be published. Required fields are marked *