By: Autumn Salama, Solutions Management of Cloud at Zayo
Part III : When Malware Attacks
For the final installment of our series, 3 Times Disaster Recovery Saved the Day, we hear from an IT firm that was able to prevent a malicious trojan from taking down a Chicago-based transportation and logistics company, as well as the dangerous consequences that could result from not fully implementing a DR strategy.
For a crash course in all things DR, be sure to attend the live webinar this week – December 9.
Chad Holstead is the owner of Business Knowledge Systems, an Information Technology and Management Consulting firm. He’s seen his share of disaster recovery success stories, but one that sticks out involves the CryptoLocker Trojan. With a combination of managed services, monitoring and backup strategies, BKS Systems was able to identify the virus on the network and take steps to lock it down without loss of data:
“BKS Systems has a large international transportation and logistics company that hosts a file server for all users in their corporate headquarters in Chicago. We were notified around 10AM on a Monday that many of their files were not opening and were displaying garbage characters. We knew within minutes of connecting to the server that there was a Crypto virus on their system.
Because the systems are fully virtual, we immediately removed the network from the file server to stop any further damage to the files. Then we isolated the infected users before reconnecting the servers to the network again. One of the folders that were locked was an accounting folder that only six users had security rights to.
After reviewing each of those six computers, we found the virus and removed that computer from the network. Before we allowed full server access again, we kept the file shares locked down and opened only a few folders with miscellaneous documents. We allowed all users to connect to those shares for a few hours. None of the files became locked, so we were confident that we found the virus and that we had stopped the damage.
Now that the damage was contained, we had to go about restoring the data. This is exactly why we work with clients on their disaster recovery plan. First, we reviewed all the files that needed to be restored or rebuilt. Then we reviewed the two levels of backup for this site and recovered what we could from the volume snapshot. Some of the files there had errors, so we were able to restore those from the online data backup service that runs periodically throughout the day.
All in all, we did not lose any data, the customer was working again within hours of the initial notification and the client was fully restored within one business day. The client also sent a message to the staff about opening unknown email files, which is how we assume this virus got into the system.”
“[With Disaster Recovery] all in all, we did not lose any data. The customer was working again within hours of the initial notification and the client was fully restored within one business day.”
What Happens If You Don’t Have a Plan?
Jaspreet Singh, Founder and CEO of Druva (@druvainc), pays close attention to what happens when companies don’t take the right precautions to protect their data against disaster or breach. For example, he points out that on average, 12,000 laptops are lost at United States airports — per week. What happens when all of that data isn’t encrypted?
You can look at the case of a Seattle area sheriff’s office. Early last year, a thief stole a laptop from an undercover detective’s truck. Inside was a cyber criminal’s gold mine. Not only did the laptop contain Social Security numbers and driver’s license numbers for over 2,000 individuals, but it also contained sensitive criminal justice information, including information about crime victims, witnesses, suspects and police officers.
To the department’s credit, at the time of the laptop theft, the sheriff’s office had undergone an effort to encrypt all machines. Unfortunately, they had only completed about 60% of the project by the time they lost the laptop, which was not secured.
“Data exposure could have been prevented if the data on the laptop had been encrypted,” says Singh. He also emphasizes the importance of backing up laptops and other workstations, in order to fail over to a second device in case of a data loss. This prevents loss not only of the actual data, but also of productivity.
The Value of Disaster Recovery as a Service (DRaaS)
Careful disaster recovery planning can spare your company the worst outcomes of any crisis, from security breaches to natural disasters. But there’s a lot that goes into the process, from conducting a business impact analysis to testing your disaster recovery plan, and sometimes you don’t have the necessary expertise or bandwidth on hand. That’s where disaster recovery as a service (DRaaS) comes in handy.
With disaster recovery as a service, you can customize a disaster recovery solution to specs, leveraging the dedicated expertise of your IT services provider. Zayo combines cloud services with virtualized servers, all operating on a secure nationwide data center and hosting platform, into a seamless DRaaS solution. From simple offsite data backup to near-instantaneous continuous availability, we’ll help you design a plan that meets your business’ individual disaster recovery needs.