Published/updated: June 2017
By Bryan Betts
If there is one thing that the recent ransomware epidemic should do itís to focus attention on backup, and in particular on the kind of backup that was once synonymous with the term, but which has gone a bit out of fashion lately. Iím talking about the kind of backup where you take the tape out each evening. Whether itís just in the IT managerís car boot or locked in a vault inside a mountain somewhere, the key thing is that itís off-site, and is air-gapped from your systems.
Now, Iím not saying we need to go back to exactly that process Ė although if you never moved away from it, you might be feeling a bit smug now Ė but we do need something that is equally air-gapped. This matters because the cleverest modern ransomware doesnít just encrypt your primary files, it reaches out to your network shares and encrypts those too. If it can get to your cloud folders and your backups, it will try to encrypt those too. So the only backup you can rely on is one that was not online at the time of the attack.
There are exceptions: for instance, if you use a cloud storage provider they may be able to recover old versions of your files. And thereís those companies which specialise in archiving and write-once backups. This kind of technology exists in part because there are regulated industries which must be able to demonstrate that their backups have not been tampered with or rewritten, but a write-once backup could also be just what you need to recover from a ransomware infection.
And of course you need to try to keep ransomware out of your network in the first place. That might mean subscribing to an anti-phishing service, because phishing is one of the infection vectors, or using network behaviour analysis to watch for the tell-tale signs of an infection spreading. But while those might alert you to the attack, by then thereís a fair chance some systems will already have been encrypted, so youíll need backups too.
Oh, and when you restore, donít forget to scan the backup for malware. The last thing you want is to restore the ransomware for someone to activate all over again!
By Richard Edwards
By Dale Vile
By Bryan Betts and Dale Vile
Yesterdays software delivery processes are not up to dealing with todayís demands, but modernising you approach is not just about implementing Agile, even creating a DevOps culture. You need to focus on some specific, hard-core principles. ...more
By Dale Vile & Jack Vile
Cloud services are increasingly becoming part of the IT delivery mix, but a recent study of 378 senior IT professionals suggests a parallel commitment to ongoing investment in the datacentre. This in turn shines a light on the key role of modern application platforms. ...more
By Tony Lock & Dale Vile
Despite the advent to cloud computing the datacentre remains central to corporate IT. But with demands continuing to escalate, how do you ensure your infrastructure is powered robustly and efficiently? ...more
By Bryan Betts
Many are exploiting cloud computing to drive business advantage, while others are enjoying the flexibility and efficiency of DevOps. But what happens if you use both together in a coordinated manner? The answer is a significant amplification of the benefits of each. ...more