Showing posts with label backup. Show all posts
Showing posts with label backup. Show all posts

Tuesday, December 20, 2016

What do I do when I’m hit with Ransomware? (Level 2)


What do I do when I’m hit with Ransomware?

You might have noticed that I used the term ‘when’ and not ‘if’.  Kaspersky’s research showed that in 2016, one in five businesses worldwide suffered and IT incident involving Ransomware.  There’s a 20% chance you were hit last year.  What are the odds for 2017?
So, what do you do when you’re hit?  Don’t panic.  First step is to call in your Chief Security Officer/Director of IT/or your trusted Managed Services Provider (that’s Preferred Business Solutions, right?)  There are decryption tools for some of the Ransomware families.  Don’t pay the ransom. The Dutch National High Tech Crime Unit advises not to pay the ransom: You’ll become a bigger target,
the criminals have zero motivation to release your data (unless…), your next ransom will be higher, and you’re encouraging the criminals.  Remember that Ransomware is a criminal offence, so report the incident.

2016-12-20
MDux
Posted by at No comments:
Labels: , , , ,

Monday, December 19, 2016

How do I mitigate the risk of Ransomware? (Level 1)


How do I mitigate the risk of Ransomware?

The lifeblood of most businesses is data. Make sure you backup data regularly, and move the backup off the network.  Some Ransomware looks at your network and encrypts everything.  If you data is backed up on a network share or Networks Attached Storage (NAS), that data may be encrypted as well.  Off network backups or archives.   Spend some time thinking about your backup policy and how long you can afford to be down and without access.  Separate your critical business data and restrict access. Backup everything.
Always.

 If you’re unsure, consult with an expert.  Call me, ‘I know a guy’.

2016-12-19
MDux
Posted by at No comments:
Labels: , , ,

Thursday, October 13, 2016

It's official - Winter is coming.


As the first storm rolls into the Pacific Northwest, this is a great reminder to us to check our Disaster Recovery / Business Continuity Plans.

When is the last time the plan was revised?
When is the last time the plan was tested?
Do you know how many hours/days’ worth of data you have at risk?
Do you know how long it takes to recover data?
Do you know the cost per day of disruption?
Are you storing data on multiple media formats?
Are you taking backups of site, either physically or digitally?
                           
Key Terms to know:
RPO - Recovery Point Objective
How much data can be lost - worst case scenario.
i.e. If you perform a full back up on Thursday night, and an incremental on Tuesday night: If a disaster happens right before the backup on Tuesday, all data from Friday, Monday and Tuesday is at risk. Alternatively, if a disaster happens right before the full on Thursday, all data from Wednesday and Thursday is at risk. The RPO in this scenario is 3 or 2 days.
RTO - Recovery Time Objective
How long does it take to actually recover the data? Remember that recovering from an incremental might include a recovery from the last full AND the incremental.

MTPoD - Maximum Tolerable Period of Disruption
Adding the longest RPO and RTO is your MTPoD.  Hopefully, this would be the longest period of time that business would be at a dead stop.
             

I say if you have it, you won't need it, but if you don't have it, you'll need it.


2016-10-13
MDux
Posted by at No comments:
Labels: , , , , ,
Subscribe to: Posts (Atom)