Ad Image

Beat Ransomware with Data Protection and Recovery

Security provider Barracuda recently completed a survey of professionals in the IT space who are focused on data protection and recovery. This couldn’t come at a better time given the recent uptick in the popularity of ransomware. According to the vendor, the results were “alarming.”


Ransomware makes headlines on a regular basis these days and some would say it has become an epidemic. It’s expected to cost over $5 billion in 2017 alone and is considered dangerous because it not only means that a system is unavailable, but it can also make data unusable and that has the potential to be a business’s worst nightmare.

Ransomware has already caused major issues for healthcare institutions, governments, law enforcement agencies and other businesses across the globe.

“If you’ve fallen victim to a ransomware attack, there are only two ways to get your data back without paying the ransom: get a free decryptor from a service like this one, or fall back on your data protection strategy and recover your data,” Barracuda reported.

Unfortunately, some organizations don’t have a choice and have to pay ransom or risk losing their data. However, even if it’s a small amount that has to be paid, Barracuda says there are several problems with handing over the cash, including that the cybercriminals you’re dealing with are more likely to target you again if you pay up once. Plus, there is no assurance that you’ll actually get your data back after you pay, and decryption may not work properly anyway. And finally, law enforcement agencies do not encourage rewarding criminals by paying ransom.

Data Protection and Recovery

There are various definitions for “data protection,” out there, but most of them include running a backup, Barracuda reported.

“Proper data protection is included in the security planning: it includes business continuity and disaster recovery planning, as well as the many security practices involved in preventing unauthorized access,” the company explained.

When it comes to availability and accessibility, there are several differences there. Availability refers to the data that is stored as a backup, while accessibility is referring to how simple it is to access data for recovery if necessary.

When asked about the importance of both terms, 70.3 percent of respondents said that one term wasn’t more important than the other.

“This indicates that our respondents understand the value of the data as well as the value of recovering the data quickly, possibly from a remote location or even a mobile device,” Barracuda reported.

Protecting Multiple Locations

Barracuda said participants valued accessibility as highly as availability because 53.4 percent of respondents were in charge of data recovery in more than one spot. Meaning that most of the respondents are working remotely for part of their work week, so their data recovery systems have to be accessible from more than one place.

Of those surveyed, 50.6 percent said that their backups were cloud-based and 76 percent reported that they replicate their data backups in the cloud. According to Barracuda, those numbers suggest that the 77.4 percent who said they had a disaster recovery plan in place are using the cloud for accessibility and redundancy.

Now there is some bad news. Barracuda reported that there are two data points that are worrying; 81.2 percent of those surveyed do not test their data protection strategies more than once a year and approximately half don’t perform tests at all.

Barracuda warns against skipping tests and said, “data recovery may be the only way to avoid paying a ransom that may or may not result in the decryption of data.”

Testing should be done on a regular basis in order to avoid issues in the future.

Another piece of troubling information came out of the survey: about 66 percent of Office 365 admins are using their Recycling Bin for backup. Only one-third of participants reported using a data protection solution to protect their Office 365 deployments.

“The Microsoft Recycle Bin is a nice feature, but it’s job is to help the organization safeguard against accidental data loss,” Barracuda stated. “It’s not meant to be a data recovery solution. It doesn’t offer the features necessary to protect Exchange, Sharepoint, OneDrive, and the other services. Default retention times are not standard across services, so administrators may not even have the minimal protection that they expected. Data is non-recoverable once it is deleted or ages out of the Recycle Bin.”

One key takeaway from all of this is that if you work in a place where data protection and security are separated, consider bringing the two functions together. And there’s never been a better time given the growing popularity of ransomware.

Download Link to Data Protection Vendor Map

Share This

Related Posts