How Cyber Awareness Can Save Your Company

Cyber awareness is something that every company knows they should be doing, but the extent to which they implement it varies widely. This is great news to hackers and other malevolent actors who have the knowledge and tools to take advantage of lax policies and hole-filled – or nonexistent – cybersecurity solution deployments.

While there are many reasons to improve your company’s cyber awareness game, here are some of the most urgent to address:

Data loss and compromise. Losing data in 2020 can be an existential problem for your business. Whether it’s financial, operational, employee, customer, supplier or all of the above, protecting and backing up your data should be among your most important operational priorities.

Costs related to damages and data recovery. Beyond the operational, trust and embarrassment factors of having your data lost and/or compromised, there are the financial costs to consider. While costs vary depending on the type of data breach and how it is ultimately recovered – IF it’s recovered – they can be onerous, especially for a small or medium-sized business (SMB). One example is a ransomware attack, which is quite common according to a survey we published in April showing that close to half of SMBs have been ransomware targets. Payouts have been significant, with 43% paying in the $10,000 – $50,000 range and 13% paying more than $100,000. And that’s just one type of cybersecurity breach!

Business downtime. Downtime is a common result of a cyber attack, and one which brings serious consequences. In fact, a survey we commissioned in May reported that 37% of SMBs have lost customers and 17% have lost revenue due to downtime.

Loss of external party trust (customers/partners/suppliers). When there’s a security breach and data is lost or stolen, companies adhering to GDPR or other privacy doctrines have to alert those affected. That typically means your customers, partners and suppliers. Their immediate question: “Why didn’t you do enough to protect me?” Depending on the extent of the breach, you could find yourself with fewer of all of them. Even those who don’t immediately depart will have had their trust in your company broken. And trust is a very difficult thing to get back.

Loss of employee trust. Think about how you would feel if your personal/employee information was breached. After all, your employer has your name, address, Social Security number, salary, reviews, and other confidential and potentially compromising information. And, even if a data breach does not expose employees’ personal information, the fact that the company’s data was not sufficiently protected is a failure on the part of management and their duty to protect the company’s reputation and assets.

Loss of business viability. In conjunction with the scenarios described above is the real possibility of going out of business due to a cybersecurity breach. There are many potential ways for this to happen – with some of the most common described below – and, according to a Zogby Analytics report from October, 2019, 28% of SMBs had experienced a data breach in the previous year. Of that cohort, 37% reported a financial loss, 25% filed for bankruptcy, and 10% went out of business.

The tens of thousands, hundreds of thousands, million, billion, or even multi-billion dollar question here is: why would you not do everything you could to prevent cyber security incidents from taking place? Yet, according to a study commissioned by BullGuard, one in three SMBs use free consumer cybersecurity solutions and one in five don’t even use no endpoint security!

Threats to guard against

So, how do the undesirable scenarios manifest? It’s in hackers’ best interests to know how to exploit the most common and insufficiently protected security gaps. And, without the proper data protection solutions in place, they can exploit the vulnerabilities and do massive amounts of damage.

Some of the cyber threats SMBs in particular are facing include:

  • Phishing: Like most people, you’ve probably been the target of a phishing attack where you receive an unsolicited email promising or asking for something with a call-to-action of clicking a link that often leads to malware or ransomware, and/or providing personal information.
  • Malware: This is an all-encompassing category of threat that includes usual suspects like the ones described here. It describes any type of software built with malicious intent in mind. Sometimes it inserts a virus into your computer. Other times it’s intent is to disable, take over, or cause some other type of damage.
  • Ransomware: A growing and particularly insidious threat – to businesses and individuals – is ransomware. This type of attack involves a malevolent actor accessing your data and/or hardware and threatening to lock it, expose it or delete it unless a ransom is paid. We’ve covered ransomware from just about every angle you can imagine, including multiple surveys.
  • Infrastructure and application hacks. Beyond data loss and compromise are cyber attacks that target tech infrastructure (such as servers and other hardware) and software applications. There’s a lot of complexity involved in detailing such attacks since the variables are numerous, but suffice to say that the consequences match those described above.

To be clear, there are many more potential threats. These are among the most important for SMBs to be aware of and implement purpose-built solutions to prevent, mitigate and fix the data-related damages.

Here’s what you can do to protect your business

So, those are just some of the negative outcomes and threats your business is up against every day. At this point you might be wondering you will ever stay on ahead of them. Here is some battle-tested advice on doing just that:

Educate employees. With cyber awareness, it all starts with education. When you train your employees (and other end users, for that matter) to identify, avoid and report threats, you make it more difficult for hackers to access and compromise your data. Part of this education process includes patching and updating your software applications.

Perform a risk assessment. When was the last time you performed an in-depth cyber security risk assessment? Unless it was within the last six months, you are courting disaster. Risk assessments come in many forms and angles: internal or external, vulnerability and/or penetration testing. Specific to data protection, you need to know the Who, What, When, Where, and How:

  • Who has access to your data and what kind of access do they have?
  • What data do you have? Is it PII (personally identifiable information)? Is it subject to higher protections (e.g. health data)?
  • When was the last time a risk assessment was performed?
  • Where is your data located? (e.g., on premises, public cloud, private cloud, endpoints such as laptops and mobile devices)
  • How is the data used? How does it flow?

Create a data protection plan and stick to it. There’s a well-known aphorism attributed to Benjamin Franklin: “Failing to plan is planning to fail.” It’s certainly true in the case of data protection. Without a potent data protection plan in place, none of the cyber security tools on the market will reach their potential. The most effective plans function as a playbook that includes key elements such as backup, disaster recovery, risk assessment, education and covering the main “‘tions” such as Prevention, Detection, Mitigation and Encryption. Other important elements beyond those already listed here include tactical pieces such as firewalls, encryption for data a rest (especially PII) and to meet compliance requirements and antivirus (AV) software.

Implement a cloud backup and disaster recovery (BDR) solution for infrastructure and endpoints. The goal here is to eliminate downtime and data loss during cyber attacks or natural disasters (e.g., hurricanes, earthquakes, power outages) and recover in minutes – not hours, days, weeks, or longer. Just relying on onsite and offsite data backup is not enough. To keep your business running, the critical servers and business processes that manage your data must also be recovered. The same goes for other endpoints such as laptops, mobile phones and desktop computers. Examples of solutions that cover the BDR bases include:

Ensure that every piece of your tech stack that has to do with your data is current. In a nutshell, install all software patches as soon as they become available, update all AV definitions and application versions – including backup software.

Go global, or at least national. Keep your data distributed to protect against a disaster in one location. Even backed-up data can be lost if it’s not located in a different geography. The cloud is an effective place to back up your data. You can rely entirely on the cloud for disaster recovery, or you can keep your spin-up capabilities local and the backup only in the cloud. Also, leveraging DRaaS offerings from a managed service provider (MSP) can remove the burden of handling disaster recovery on your own.

Test, test, test. A disaster recovery plan is great only when it’s been tested consistently and any weaknesses addressed. Like any plan, no matter how good it looks on paper or in a Word doc, it’s got to be tested to be of any real worth. Conduct regular, random tests in which you simulate an event that would call for data disaster recovery and access your on-premises backup or data protection online backup. It’s important to not leave out endpoint data detection as part of your testing protocol. Solutions like Infrascale Cloud Backup (ICB) safeguard the most critical data while fulfilling backup and retention requirements.

The only way to “win” the cyber awareness game is to keep fighting

The cyber security threats to your data and business as a whole are only increasing and becoming more complex. Adding to this dynamic was the sudden, dramatic shift to working from home for businesses large and small in the wake of the COVID-19 pandemic, which expanded the security holes and lax enforcement by an order of magnitude. Hackers took note and attacked accordingly – and continue to do so in more sophisticated and covert ways.

That’s the bad news.

The good news? Despite all the bad outcomes that can manifest from a lack – or disregard – of cyber awareness, there are proven strategies, tactics and solutions available to make it a strength, and not a weakness to be exploited. Some of the best are listed in this blog post.

You can’t just rely on the Nortons and Kasperskys of the world to stop every threat and maximize your overall cyber awareness. Your business also needs a safety net of backup disaster recovery and other security tooling, too.

The last piece of advice to keep your company cyber aware and solvent: plan for the worst and take steps like those outlined above to prevent threats from happening. And when they do happen, fight them with the best possible solutions and vendors at your side.

Tactical Advice for SMBs on Data Protection, Backups and Disaster Recovery

We live in a dangerous world. Cyberattacks such as ransomware, malware, and phishing threats put your mission-critical data and devices at risk. So do disasters, whether they be human-caused (both malevolent and unintentional) or natural. Data that is not properly protected, backed up and recoverable, is a serious – and sometimes existential – problem for businesses of all sizes, not just enterprises.

When many people think about data protection, they assume hackers are involved. But hackers are not the only looming threats of a human nature. According to a 2020 Verizon data breach investigation report, 34% of data breaches involved internal actors.

Then there’s Mother Nature. Extreme weather and natural events such as earthquakes can lead to floods, power failures, and other issues that can damage and destroy computing equipment and the data within them.

Small and Medium Size Businesses Need Data Protection as Much as Enterprises Do

Specific to SMBs, a recent study from cybersecurity company Bullguard showed that 43% of U.S. and U.K. SMB owners had no cybersecurity defense plan, and one in five use no endpoint security at all. One of the growing threats, ransomware, is wreaking havoc on SMBs. An Infrascale survey from April reported that ransomware attacks have hit 46% of SMBs, and 73% of those SMBs that have been the targets of ransomware attacks actually have paid a ransom.

The above statistics are sobering, to say the least. Effective cyber attacks can cause SMBs to go out of business. Beyond the financial implications, there is the threat of data loss (or theft, as the case may be). Any size business without its critical data (e.g., customer records, financial information) can’t function properly. That’s where data backup and disaster recovery (BDR) protection come into play.

Before we go too far, however, let’s first define the key terms.

Data protection is a broad topic that encompasses everything involved with safeguarding your data from threats internal and external. These threats include data corruption, hacker and other malevolent actor attacks and data corruption.

Technologies that protect data include: backup and data recovery (BDR), encryption, malware/antivirus detection, firewall, and data classification, among others.

Let’s tackle BDR by component. The Backup piece refers to the secondary copies of your data. Depending on the backup provider, these copies may exist in the cloud, as a hybrid cloud deployment, on local servers, disk drives, flash storage, or even magnetic tape for the old school crowd.

Disaster Recovery (DR) refers to the ability to get the data – and the processes that operate on the data – up and running, as to continue business operations. DR tools and processes are designed to mitigate the downtime and data loss caused by server crashes, human error, ransomware attacks, or natural disasters. DR is a continued thought from backup, as focusing on copies of data (backup) alone is sometimes insufficient. You must also have the operations of that data restored to resume normal business productivity. Disasters of any variety – and the data loss resulting from them – are a looming threat for your business. Having the right data protection solution is imperative.

Data protection tips

Data, as the now-clichéd statement goes, is the new oil. And just think about how well a physical oil supply is protected! You should be just as diligent with protecting your data, no matter your company’s size or data volume. Here are some tips:

  • Educating your end users how to identify, avoid and report data threats is the most important opportunity an organization has to protect its data. By teaching them to identify and avoid threats – in addition to patching and updating your software applications – you are depriving malevolent actors from the opportunity to compromise your data. And you should be doing all three to give yourself the best chance of preventing threats.
  • Assess your data landscape. The first rule of data protection is to know all about the ecosystem of the data you are protecting. This involves knowing what data you have; where it is; and how it’s used, with what frequency, and by whom in your organization.
  • Take into account the fact that your data exists both inside and outside the walls of your physical business. Specifically, this means in one or more clouds and on the endpoints in use by employees – who are increasingly dispersed in light of the COVID-19 work-from-home environment. Appropriately identifying data location will enable you to understand how best to institute the appropriate protections – such as encryption, multi-factor authentication (MFA), and endpoint detection and response (EDR) – to safeguard it.
  • Enact Preventative Measures. In the case of ransomware and malware – installed via end-user actions such as clicking malicious links in spam or phishing emails or on compromised websites – this means staying ahead of the game with standard antivirus tools, firewalls, application updates, and education!
  • Reinforce with Endpoint Detection and Response. EDR is a way to supplement antivirus software (see above), which bad actors can circumvent with complex attacks. EDR solutions are purpose-built to look for behavior that is known to lead to cyberattacks and alert administrators and/or end users. This approach requires continuous monitoring and immediate responses to detected threats.

Backup and Disaster Recovery tips

Data loss IS a disaster. It leads to frustrated customers, client churn, loss of productivity, and lost sales. In fact, 40% of enterprises say that just one hour of downtime costs their business at least $1 million and as much as $5 million. And research from IBM and the Ponemon Institute’s The Cost of Insider Threats Global Report 2020 found that companies with less than 500 employees spend an average of just under $8 million per incident. SMBs are only different in the dollar amounts, not the amount of pain inflicted on the business. Here are some tips to avoid this digital type of disaster:

  • Create a backup and disaster recovery plan. A disaster recovery plan is the “playbook” of processes and activities, invoking backup and disaster recovery services and their interaction with your data and servers, that will enable you to stay up and running in the event of a disaster.
  • Establish your recovery point objective (RPO) and acceptable recovery time objective (RTO). RPO is the maximum period of time allowed in which data might be lost and unrecoverable (think time between backups). RTO is the maximum period of time allowed in a disaster recovery plan between when critical network functions cease and when they are restored (i.e., when data and data operations are recovered to acceptable operating conditions). Ensure your DR technology choices support the performance that your business responsiveness requires.
  • Ensure that your employees know that a backup and recovery plan exists! Provide details of the plan to those individuals at your organization who will need to take action on the plan. Train them. Practice.
  • Stay current and informed. Be sure to keep your data protection tech stack up-to-date (or patched) so that all systems can deflect the most common attacks. This means updating antivirus definitions, application versions, and backup software. Leveraging DR solutions that automatically verifies that your data backup is working (and reports to you when it’s broken) is critical!
  • Don’t put all your data in one place. If a natural or manmade event negatively impacts one part of your IT environment in a given geography and leads to data loss, it may have the same effect on another part of your IT environment. So, even though you have backed up your data, the backup can be lost as well. To avoid this scenario, keep your data backup in a different location from the data you’re currently using for operations. Specifically:
    • Ideally, these locations should be in two separate geographies. For example, if your business is in an earthquake zone, consider putting your data backup outside that zone.
    • The cloud is an effective place to back up your data. You can rely entirely on the cloud for disaster recovery, or you can keep your spin-up capabilities local and the backup only in the cloud. Also, leveraging cloud-based disaster-recovery-as-a-service (DRaaS) offerings from a managed service provider (MSP) can remove the burden of handling disaster recovery on your own.
  • Test your disaster recovery plan on a regular basis. This approach will help you iron out any wrinkles related to data disaster recovery. You may want to test your data protection backup and recovery strategy at various times and from different angles. To do this, conduct regular, random tests in which you simulate an event that would call for data disaster recovery and access your on-premises backup or data protection online backup.

Data protection will never go out of style

To summarize, yes – there are many, many things that can go wrong with your data.

The good news is that even as threats to data protection become ever more complex and numerous, there are solutions and strategies available today to prevent, mitigate and fight them. You can’t go wrong planning for the worst and implementing the actionable steps described in this post. Data protection is our mission – so we can say with confidence and experience that these tips are battle-tested, and they work!

 

DR 101: The Basics of Disaster Recovery

 

What is Disaster Recovery (DR)?

Disaster recovery is a way to recover from the worst outages you can imagine. Whether you are facing down earthquake, fire, tropical storm, flooding, ransomware, or even user error, the goal is to be able to recover quickly. The key is to find a way to avoid downtime and data loss by preparing your data for recovery before a disaster.

If you find yourself affected by a region prone to earthquakes or hurricanes, you will need to have a separate location that is not going to be affected by the sudden outages that can occur. In these events, you can always fail over into your secondary location, out of harm’s way. This will allow you to keep your business running and your employees working through remote (and hopefully safe) connections from their own homes.

How about a tornado? When facing winds upwards of 320+ mph, a house gets torn to shreds. Nothing is safe from being picked up, spun around, and tossed miles away from its home site. Once again, you will need a DR solution that is in a separate location –preferably not in tornado alley, to act as a secondary site for your business.

Perhaps ransomware has you in a bind. In this situation, the name of the game is sanitizing your site and then recovering from an uninfected version to get your business running again. You can do this by rolling back to an earlier version. Next, the trick is to get up and running again without re-infecting, while ensuring your business stays afloat.

The most common form of disaster, however, is user error. Maybe you patched a server before checking to see if there would be any ill effects on your server. Maybe someone deleted important data. In each of these cases, with a disaster recovery solution in place, you will be able to make that data available again. In the event of a patch issue, you can always boot the machine in question, in an isolated environment, and check how a new patch will affect your production servers.

Disaster Recovery Plan

For all situations that may result in down time, data loss, or even full on infrastructure loss, you will need a contingency plan in place. A disaster recovery plan will help your team outline steps required to get up and running and minimize impact cost to the business. For some, it is a matter of recovering files and making them available to the workforce. For others, it is getting critical servers in your infrastructure up and running at a moment’s notice as to keep the web traffic flowing and transactions coming in.

Having a laminated “Steps to Recover” plan hanging in the IT (Information Technology) department or server room with steps on who to contact, and what to do first, will go a long way with reducing downtime. But what if that is not enough?

Business Continuity versus Disaster Recovery

Business Continuity is an umbrella term that encompasses all things required for a business to keep running – not just IT – in the event of disruption. Where disaster recovery may be a specific solution for failing over your servers, business continuity is the company-wide plan, processes, and tools to avert or recover from major outages from every angle. It is a list of vendors and personnel that need to be notified (and how). Business continuity is inclusive of IT disaster recovery, when everything is preconfigured to be able to quickly recover all critical systems, remap the network, and have clients/users failover to the cloud without anyone having to do anything other than push a button to start the failover event.

For the purposes of this article, I want to focus on the DR components of business continuity where orchestration is concerned. In preparing DR run books (also called DR playbooks) we’ll start with a list of servers and create an ordered sequence in which these servers should “fail over” (or recover) in. You will also want these run books to accommodate for delays between service startups to ensure the proper services are running for any dependency servers. Finally, you will want your failover LAN segmentation to be prepared beforehand, so that you are not wasting your time configuring your new subnet, IP (Internet Protocol) range, or VPNs (Virtual Private Network) during the outage. In some disaster recovery solutions, you might get lucky and have a playbook “automated” as a programmable orchestration.

With all of this, you will want to test the full end-to-end orchestration regularly — not only will you want to ensure timing and sequencing works, but to gain the administrative “muscle memory” for doing it in a real disaster. When all is said and done, that muscle memory is a few clicks of the mouse – supported by instinct and no fear of forgetting a portal URL or the password. Finally, it is vital to be experienced with your toolset and its administrative interface, just in case recovery plans require unexpected change. For business success, business continuity and disaster recovery cannot just be plans, they must be the execution behind the plan.

Recovery Point Objective (RPO) and Recovery Time Objective (RTO)

Often overlooked items in a disaster recovery plan are the RPO and RTO. For the most effect plans, you will need to know the difference between what you must work with and what you can afford work with. Think of each backup “snapshot” as a recovery point. The Recovery Point Objective is the maximum time you can afford between snapshots – i.e. how much data loss can you manage. The more recovery points you have, the more options you have – especially against ransomware. However, the Recovery Time Objective is the maximum time desired for full recovery and restoration to be accomplished at a secondary site – when your business is back up-and-running. The RTO is generally what you must work with – in that time for boot and sequence of servers can only be parallelized so far. Thus, to have the most effective recovery plans, you will need to know, realistically, how often you can take a snapshot and how long it takes to get the secondary site functional.

Too often people assume they can create a recovery point every 15 minutes or every 30 minutes. As noted, the truth is that recovery point and recovery time depend on your underlying infrastructure. I have put together disaster recovery plans with companies that demanded 15-minute recovery time objectives on an SQL server whose resources were already fully saturated by their day to day workload. These servers had neither spare RAM nor compute resource available to add other services, let alone frequent backup processes. It was an unreasonable request because the customer refused to increase the resource allocation to the server – as it was running fine. The customer demanded that the very intensive backup job run constantly to keep up with the transaction changes. While the software was lightweight enough to do quick backups, there was insufficient resources on that server to accommodate the request.

When setting expectations for recovery point and recovery time objectives, it is important to properly understand resource allocation and to temper expectations. With better understanding in place, you will know when you can reliably get a new recover point, get it to the cloud/secondary location and have it available as an option in your greater disaster recovery plan, and eventually in your business continuity plan.

Disaster Recovery Services

Once you have your overall business continuity plan drilled down into an IT  disaster recovery plan, and have that DR plan fleshed out into your recovery point objectives and recovery time objectives, it is time to hunt for a service that appeals to your needs. At the beginning of this post, I mentioned different types of disasters. The key here is to figure out what you are susceptible to and plan accordingly. Are you in a place where you do not have to deal with many natural disasters? Does your field encounter a lot of potential ransomware schemes? How about your users and clients — are they handling your data securely? These questions are intended to probe to help you find the right service for your needs. As for DR services, there are a lot to choose from. They range from simple local backup, to offsite replication, to a combination of both, to failing over into another infrastructure. Some services provide public cloud destinations, private cloud destinations, or even vendor cloud destinations. It is important to narrow down what you need to understand what services to go with. Often, these questions are already answered for you. Do you have a governing body that your data must be managed to for privacy or compliance? Does the vendor you are looking at honestly hold regulatory compliance and attestations they claim – or is it the sales guy nodding their head to get you to bite?

If you find yourself simply needing to replicate data offsite, with little need to be fully recovered within hours, a simple replication tool may suffice. If you find yourself needing something more, perhaps a reimaging of your server, but have no need for failover, and 24 hours of downtime is acceptable, then you . For clients that need their servers up and running within 24 hours, you will need a disaster recovery solution. Preferably something that can virtualize your source bare metal or VMs on the fly.

Infrascale Resolves Disaster Recovery Challenges

Once you know the problem you are solving, the tough part becomes who to trust with your data. Infrascale has been in the business of disaster recovery since 2011. In that time, we have amassed a portfolio of products that cover every disaster recovery scenario.

Infrascale Cloud Backup provides the ability to directly replicate endpoint data to the cloud, over an encrypted tunnel, where it will land with 256-bit AES encryption at rest, in the Infrascale data center. It also offers a local backup option and ransomware detection built in. Its focus is to effortlessly replicate data off endpoints — laptops, desktops, and mobile devices, whether Windows, Mac, iOS, or Android — and store it securely in the Infrascale cloud. With robust policy management, you will be able to remotely dictate scanning, backup, and retention rules. Coupled with bandwidth throttling tools, fully-controllable reporting/alerting, and added security services, you will be able to ensure full management over your endpoint devices.

Those that have a need to protect their entire infrastructure can use Infrascale Disaster Recovery. After a brief sizing exercise, Infrascale will assign an implementation specialist who will work with you to deploy your purpose-built Cloud Failover Appliance (CFA) at your on-premises location. Unlike our competitors, Infrascale ensures that someone will be there to hold your hand for a smooth deployment. The data from your servers will aggregate onto this CFA, where it will undergo multiple levels of deduplication, culminating in customer-level, global deduplication. This global deduplication will create a global block map that we use to compare with the cloud version of your data – against its own global block map. This underlying global block map technology allows Infrascale to easily replicate data to and from the cloud, by only pushing and pulling changed blocks of data. These blocks will then, on the fly, be stitched together to create incremental images, differential images, or even synthetic full images.

These images can be mounted at a moment’s notice to recover individual files by pulling them through your browser, pushing them to other devices or making them available on a mapped network drive. They can also be booted on the local appliance or in the cloud –without a need to reach out to support for preparation of the event. Once booted, you can use a VPN (Virtual Private Network) access to reach the booted machines to keep production running.

Infrascale Cloud Application Backup, another Infrascale offering, will protect your software as a service applications — Microsoft 365 (including Exchange, Teams, OneDrive, and SharePoint), Google’s G Suite of online applications and even services like Salesforce. The goal is to create “offsite” backups from the vendor’s ecosystem to supply end customers with longer retention and granular recovery. Simply connecting to your vendor’s applications through the backup solution, Infrascale can pulled the data, encrypt it and store it for easy retrieval.

This entire suite of products is centrally managed and monitored through the Infrascale Dashboard. This portal will give access to a one-stop-shop for all your backup and recovery needs. Dashboard also connects to ConnectWise or Autotask for ease of management, ticketing and billing integration. The Infrascale Dashboard is multi-tenant, giving your clients and end users all a secure place to manage their data without getting in the way of one another or altering something when a stronger policy is put in place by their administrator.

To learn more about the Infrascale suite of backup and disaster recovery products, we encourage you to check out the links below and reach out to our team with any questions.

Infrascale Reimagines Customer Care in Data Protection Market

Launches New Customer Support Program and New Premium Support Services to Drive Success for Backup and Disaster Recovery Clients

 

Reston, Va. – September 24, 2020 – Infrascale, a cloud-based data protection company providing industry-leading backup and disaster recovery solutions, today announced a transformational overhaul of its support methodologies, including revised support practices and the launch of new premium support services to drive success for its managed service provider (MSP) customers.  These improvements follow key leadership changes and a headquarters move in 2020, laying the foundation for growth in 2021.

The Infrascale customer support framework bases its practices around customer care and success throughout a customer’s journey.  For Infrascale, this starts post-sale with an onboarding process, the continuous monitoring of services, a proactive care and outreach team, and on-demand reactive support. In addition to its standard framework, Infrascale is offering premium support and concierge services.

 

The 4Ps of Support

Infrascale is transforming its service philosophy, making it:

  • Predictable – Reliable communications and response times ensure issues are completely resolved.
  • Personal – “People powered” support treats customers as partners, not case numbers nor metrics to be achieved.
  • Proficient – The Infrascale team of experienced support pros resolves all issues to satisfaction.
  • Proactive – Onboarding and outreach teams ensure customer success and resolve issues before the customer is even aware of them.

“In a time when we are relying more and more on artificial intelligence and self-service, it’s more important than ever to take a holistic approach to supporting our customers. While technology is great and AI can help with some of the less difficult inquiries, it’s easy to lose the ‘human touch’ that makes a difference,” said Russell P. Reeder, CEO of Infrascale.  “At Infrascale, our support is powered by people, and we pride ourselves on making sure our customers know they are more than a case number. They are our partners. We treat their data just as we treat our own.”

 

Feedback Is a Gift

To put the philosophy into practice, Infrascale is acting directly to ensure that each stage of the customer journey is managed to the new philosophy.

  • Beginning with onboarding, Infrascale works side-by-side with customers so that the adoption of purchased services is smooth, seamless, and set up correctly to minimize the time for data to be securely captured in backup systems.
  • Infrascale technical support gurus take ownership of issues and see them through to completion. Customers can expect the same Infrascale support expert to help throughout the entire lifecycle of a case, minimizing delay.
  • The Infrascale outreach team is dedicated to taking the invaluable feedback customers provide and putting it into action. Internally, they advocate and champion to make positive changes for the customer’s product and service experience.

“Feedback, in any form, is a gift that someone gives freely,” said Lindsay Haun, Infrascale Vice President of Customer Success.  “In customer success, observed words and actions allow us to get better at how we serve. While I would love to turn every single customer into an evangelist, singing our praises, I’m content for each interaction to leave a customer feeling satisfied and happy to be partnered with Infrascale.”

 

Program Launch + New Premium Support Offering:  Guided Disaster Recovery Testing

The reimagined philosophy has been incubating as a managed program within the Infrascale business for leadership to seek feedback, measure impact, set hiring practices and staffing levels, and develop enhanced training for the existing support team. Now ready to be put into action, the Infrascale Support Portal serves as the gateway for this launch.

Early feedback from Infrascale customers has been extremely positive:

  • “Working with Infrascale Support has been an absolute pleasure. It is always easy to open a ticket, they are always fast to respond, and they have always provided an excellent response to any issue I bring up,” said Rafael Araya, network administrator at Pointwest Credit Union. “I am thrilled to have a team as reliable and experienced as the Infrascale Support team at my back.”
  • In addition, according to James Campbell at Franklin Computer Services Group, “Infrascale customer support is absolutely great! Their products and services are stable and reliable. Whenever an issue has arisen, I have found Infrascale Support to be very helpful, and I have always found the resolution I need.”

Infrascale has also announced the first of many new premium support offers:  Guided Disaster Recovery Testing.

As backup and disaster recovery experts, Infrascale knows loss of IT functions in a disaster often causes a business to fail. In times of uncertainty, businesses need assurance that their data is protected when disaster strikes – whether that is ransomware, hardware failure, natural disaster, or human error.  The best way to overcome disaster is not only to have a disaster recovery solution – but to test it.

With Guided Disaster Recovery Testing, Infrascale experts will guide the customer through the execution of their predefined disaster recovery plan, including configured orchestration, to ensure the plan is fully tested and operational. The key benefits of testing include reducing potential for downtime, improving customer ROI for the solution, and increasing confidence that the plan works and that customers are fully prepared.

Additional details for Guided Disaster Recovery Testing can be found on the Infrascale Support Portal:  https://infrascale.com/support.

 

About Infrascale

Founded in 2011, Infrascale provides comprehensive, cloud-based data protection by delivering industry-leading backup and disaster recovery solutions. Combining intelligent software with the power of the cloud, Infrascale removes the barriers and complexity of secure, offsite data storage and standby infrastructure for real-time disaster recovery. Trusted and recommended by leading independent industry experts, Infrascale equips its customers with the confidence to handle the unexpected by providing higher availability, better security, and less downtime when it comes to their data. Visit infrascale.com or follow us on Twitter at @Infrascale for more information.

 

Media Contact

Hannah Ruark
hannah@bospar.com
540-599-7887

 

What is SaaS backup, and how do you protect your SaaS application data?


SaaS in the world of cloud computing

Cloud computing includes a wide range of computing tools and services that people access over the Internet. Cloud technologies exploit their capabilities to instantly respond to increased demand for computing resources, shortening long development cycles and eliminating the expense of large IT infrastructure facilities.

There are three main models of cloud computing service: Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Software as a Service (SaaS).

IaaS companies, such as Google Cloud Platform (GCP), Amazon Web Services (AWS), and Digital Ocean, amongst many others, provide services including pay-as-you-go compute virtualization, storage, and networking. They offer users cloud-based alternatives to on-premises infrastructure, so businesses can avoid investing in expensive on-site resources.

The PaaS model suggests providing tooling and frameworks on top of IaaS – but with core capabilities that allow rapid development of applications. Common examples of PaaS are Heroku, OpenShift, Twilio, and the like. The Cloud Service Providers (CSPs) provide IaaS and PaaS offerings.

SaaS platforms, however, make software available to users directly. They provide applications that run over the internet, without the need to install and run software on your computer. This service model allows building management information systems without purchasing the ‘boxed’ products, installing, and managing. SaaS is generally built on top of IaaS and PaaS platforms. Today, an increasing number of organizations tend to move their IT operations to SaaS platforms like Microsoft 365, G Suite, Salesforce, Box, Dropbox, and others.

To help explain the basics of the three ‘*aaS’, models, let’s use Albert Barron’s Pizza as a Service for an example.

Diagram 1. Pizza as a Service model (Source: Albert Barron)

 

As seen in Diagram 1, SaaS is a kind of ‘exhaustive’ representative of the cloud computing service models since all its aspects are managed by the vendor. While this may be entirely what is required by the IT professionals of an organization, it also poses an inevitable question of credibility for and reliance on a SaaS provider, especially in terms of customer data protection.

To address this matter, first we need to dive into details of SaaS use, its advantages and disadvantages.

SaaS pros and cons

SaaS is ultimately a software distribution model, in which applications are hosted by a third-party provider and made accessible to users over the internet. Over time, many major business technologies have been ‘re-implemented’ as cloud services, and have SaaS applications specifically designed to streamline and improve efficiency. SaaS has been especially impactful to financial management, billing, sales management, collaboration, human resources, customer relationship management, email and productivity, and many other functions and industries.

Of great importance, SaaS eliminates the need for companies to install and manage applications on their own computers or in their own data centers. This relieves businesses and their IT departments from the burden of purchasing, provisioning and maintaining hardware, software licensing, installation, and support. Other benefits of the SaaS model include flexible payments, scalable usage, automatic updates, and accessibility.

However, despite its value, SaaS also has some downside. Businesses must rely on outside vendors to supply software, keep software up and running, monitor and report accurate billing, as well as provide a secure environment and conditions for the business data. As such, difficulties may arise from possible service disruptions, unwanted changes to service offerings, or security breach. All of these can affect the willingness of customers to use SaaS. To alleviate these possible issues proactively, businesses should thoroughly review the service terms and service-level agreements of their SaaS provider, and ensure that they are properly implemented and observed.

SaaS data protection

One of the largest, modern day concerns of SaaS is the protection of the stored customer data.

So, how do the most popular SaaS providers suggest customers handle issues related to their data residing within the SaaS infrastructure? Well… They’ve chosen to follow the Shared Responsibility Model (SRM) where management and security tasks are jointly shared between a customer and a cloud provider.

Diagram 2. Microsoft Shared Responsibility Model (Source: Microsoft)

 

Diagram 3. Amazon Shared Responsibility Model (Source: Amazon)


As we can see in the Diagram 2 and 3, SRM suggests that everything related to the customer data is the responsibility of the customer, not the cloud service provider (CSP)! Hence, CSPs (that offer SaaS) are not always inclined to “complicate” their offerings with sophisticated data backup and recovery features that they might see as “infringing” on customer responsibility. This is clearly expressed in the data retention policies implemented within popular SaaS applications. For example, Microsoft 365 allows for no more than 180 days to retain customer data after deletion. Box provides only up to 100 days for the same. Dropbox gives you 180 days to restore files and folders from when they were deleted; the same retention period applies if you want to revert the changes made to a file. Such retention policies won’t let you effectively secure your data in case it was infected or corrupted beyond those periods. Moreover, after your data has been completely removed from the deleted files, it is permanently gone, without any chances to get it back. Again, from the perspective of SRM — this is the customer’s problem, not a problem for the CSP.

Thus, SaaS application users are left on their own when dealing with backup and recovery of their cloud data in case of accidental or intentional data loss or corruption. So, you may wonder how to overcome the limitations of the native backup and recovery features of a SaaS application you use for your business operations?

SaaS backup to the rescue!

Now that cloud technologies are increasingly used for strategic and mission-critical business operations, safety and security of the stored customers’ data has come to the forefront. Unfortunately, a lot of SaaS providers offer business customers a false sense of security that their data is properly backed up and can be retrieved in case of emergency. SaaS application providers offer very limited cloud backup and restore capabilities, often not meeting the needs and desires of business customers.

When it comes to improving protection of your SaaS business data, you must involve a full-featured SaaS backup solution that will cover all the nuances of data protection that your SaaS application misses. In fact, SaaS providers themselves suggest using third-party SaaS backup software to ensure critical data is protected properly through backup, and is always available via restore. For examples, see: Salesforce, Box, and Dropbox guidance.

SaaS backup solutions are designed to store and protect data created and operated within SaaS applications. The backup data is stored either “elsewhere” (i.e., alternative data center or region) in the cloud or on-premises — so that if a SaaS application you use fails, your data is stored safely, and can be used to restore the SaaS application to a functional state.

SaaS backup solutions must integrate with the SaaS platforms they protect. Hence, not every SaaS backup service works with every SaaS product. Many SaaS backup solutions specialize in protecting specific application suites, such as Microsoft 365 or G Suite. Some are geared to integrate with more distinct applications like Box or Dropbox, or aimed at complex SaaS platforms such as Salesforce. Those aiming to cover a lot of SaaS applications at once may lack features that ‘tailored’ SaaS backup solutions provide.

What to look for in SaaS backup solutions?

As a rule, SaaS backup solutions should have a few features and options relevant to the SaaS platforms and applications they are intended to protect. For example, SaaS backup software that integrates with email systems must have the data archiving features specifically for email.

When considering SaaS backup solutions to protect your mission-critical business data, you should pay careful attention to and look for certain features that are intrinsic to a comprehensive and reliable SaaS backup software, including: tight and smooth integration with the SaaS application it is designed to protect, variety of options for storing data (in cloud or on-premises), data restoration and export features, data encryption mechanisms, detailed activity monitoring and tracking capabilities, tailored backup schedules, retention configuration, and easy-to-use yet robust control and management means.

The list of requirements for the ideal SaaS backup service is lengthy, but that’s where Infrascale Cloud Application Backup comes in, with the ability to back up and restore data from: Microsoft 365, Google G Suite, Salesforce, Box, and Dropbox.

Infrascale Cloud Application Backup provides comprehensive data protection by mitigating the risk of data loss due to human errors, malicious intent, synchronization errors, hackers, malware, ransomware, and other threats.

Ready to take your SaaS data safety and protection to a new level? Learn more about how Infrascale Cloud Application Backup can help you to protect your critical data.

Preparing for a Ransomware Attack: Prevention & Detection

What is Ransomware?

Ransomware is a type of malware that encrypts a victim’s data, blocking access until a ransom is paid.  There are multiple varieties of ransomware, however, they all share the same extortion-oriented goal: a demand for payment using digital currency, like bitcoin. Digital currencies are preferred as they are hard to track, making it difficult to find and prosecute the perpetrators.  A common feature of recent ransomware attacks is the inclusion of a countdown timer. These timers badger the victim to pay before time runs out, else the ransomware will permanently delete the data. One example of ransomware that utilizes such a timer is called Jigsaw ransomware. Once Jigsaw infects a computer, it demands payment and starts deleting files (in groups) over the next 72 hours, until they are all gone. For added incentive (or terror), Jigsaw ransomware will delete a 1,000 files if attempts are made to disrupt the deletion process, including trying to reboot the computer.

Typical Vectors of Ransomware Infection

Reported ransomware attacks grew over 365% in 2019.  A typical attack is carried out by tricking an end-user into clicking on a legitimate-looking file from a website or an e-mail attachment. Generally, for a virus or other security threat to work, they need root (or similar administrative) access to the computer. However, ransomware does not require this authority as it is only encrypting the user’s data (i.e., the user opening the attachment).  Since ransomware does not require elevated access, and security software often sees the user activity as a normal, it is almost impossible to stop every infection. The best plan is to prevent as much as you can and have a plan for recovery.

Prevention First – Patch, Update, and Educate

The first tip to prevent ransomware attacks is to keep your operating system and application software updated and patched. This might sound obvious, but endpoints (like a laptop or desktop computer) are not as sophisticated as servers when running. Further, an end-user computer will typically execute/run a multitude of applications from different vendors. To overcome the patching dilemma, Microsoft has created built-in tools to help administrators and end-users manage patches.  There are also third-party management tools (typically used by IT departments) to enforce policy around software application versioning.  Those third-party tools may also block undesirable software, like ransomware, through application whitelisting, which only allows approved applications to run. IT policy management tooling is a godsend in protecting end-user’s computers, but requires a fair bit of management overhead.   For example, when a new patch comes out, the application must be whitelisted separately each time – a burden to manage hundreds of applications and patches to make sure your users can perform their jobs.

All said, neither end-users self-updating applications nor updates driven thru IT policy management tools are enough.  Application updates must be partnered with a good, up-to-date antivirus (AV) software.

Last, but not least, is the importance of education. End-user training is required to help them determine which emails not to open, and how to identify malicious senders and suspicious attachments. Training all end-users in an organization reduces the risk of downloading malware.

Endpoint Detection and Response (EDR)

Bad actors are getting better at hiding their attacks, making it harder to detect them. They are also finding ways around antivirus detection software. This causes AV software to be silent, even when under attack. This is where Endpoint Detection and Response (EDR) can help. The goal of EDR is to look for bad behavior and alert the end-user (or administrator). Earlier warning of infection increases response time to stop the spread of the infection – and better yet – illuminate the exact timestamp of infection so that the exact recovery point is known. 

Endpoint Detection and Response operates via two key principles:

  • Continuous monitoring / anomaly detection for new and changing files
  • Immediate response to a detected threat

FYI:  both principles are managed via the Infrascale Cloud Backup (ICB) product.

Continuous monitoring implies looking at either new or changing files on a continuous basis.   When integrated with backup software, anomaly detection happens with the scanning of files as to ascertain which must be backed up for the first time (new) or to capture files that have changed since the last backup.  In either case, anomaly detection  occurs when finding non-typical backup activities, based on a statistical analysis of backup history. This approach relies on tracking the new and modified file count between the backup sessions. If a file has been moved, renamed, or newly created, systems will identify it as a “new” file.  A file is considered to be “modified” when its content has been changed since the last backup, but the path and name are the same.

Example:  Assume there are typically 10 new files per backup (known from history analysis) – and the backup software is cognizant of that “norm”. In the case of a potential ransomware attack, many precious files could be instantly encrypted and renamed. As a result of hundreds, or even thousands, of files being changed on your computer, the “new” file threshold, as compared to the “norm”, will be triggered.

Infrascale Cloud Backup provides anomaly detection for new files.  Further, in order to make the technology trustworthy and prevent false positive alarms from occurring, ICB considers probable backup irregularities by adding weights to the time intervals between backups. Additionally, ICB considers the number of observed backups – of which there should be at least five prior, successful backups — to allow ICB to positively detect backup anomalies.  

Continuous monitoring isn’t only about new – it must also be about existing files.  Thus, as ICB scans for file changes, it scans files for signatures associated with ransomware!  With this option enabled, each backup session includes scanning to compare new and changed files against the list of files types (and patterns) associated with ransomware.  The ransomware definitions leveraged for this activity are updated on a daily basis to ensure Infrascale customers are protected against new strains of malware as they are discovered.

Immediate Response.  In the scenarios above (detecting velocity of new or changing files – or detecting signatures of ransomware), the ICB software throws a red flag and generates warning notifications:   “The attributes of this file indicate that there may be ransomware on this computer.”   This red flag exists to prompt administrative action in real-time.   Warnings are presented to administrators as:

Enabling Ransomware Detection in Infrascale Cloud Backup

Enabling ransomware detection in Infrascale Cloud Backup is as easy as one, two, three. 

The administrator must:

  1. Login to the Infrascale Dashboard and navigate to Settings > Monitoring page
  2. Check the box next to one or more of the available options:
    • Enable anomaly detection for New Files
    • Enable anomaly detection for Changed Files
    • Scan backups for files associated with ransomware
  3. Save the Changes

After that, the settings will be automatically applied to all the backups of all the users.

In the case of a ransomware event, a warning will be registered in the Infrascale monitoring system. This warning is also forwarded to the admin, if email reports are enabled on the same Monitoring Settings page described above.

The administrator can configure the sensitivity of anomaly detection by setting the threshold for how they would like warnings to be triggered. The smaller the threshold, the more sensitive the system will be to send warnings. Higher thresholds allow more significant deviations from the standard before a warning is triggered. 

Ransomware is a Virus; Like a Virus, Re-infections Happen Unless You Take Precaution

What should you do when you get hit by ransomware? The easiest way to recover is having a ZTI (Zero Touch Infrastructure) in place. The goal of a ZTI is to prevent having to reinstall the OS and apps on all of the infected computers.  With Infrascale, this is accomplished with the Bare Metal Recovery option to image the endpoints – allowing administrators to boot up and recover the endpoint from a known, good backup, dated from before the attack. 

Businesses often pay the ransom to get the decrypt key without talking to an IT professional first. After paying the ransom, the business may indeed have the decrypt key. However, thirty days later the infection re-emerges and re-encrypts – with the arrival of a new ransom demand.  Victims must ensure to completely remove the ransomware, or remain in a continuous infection cycle. Using Bare Metal Recovery (BMR) is a great tool, but only effective when the copy is “offline” – not reachable, itself, by the ransomware.   Further, since many ISP’s cut Internet connectivity to prevent spread of an infection, the administrative team will need a local copy – hopefully, one that is not always connected to your PC (and also infected). This can be accomplished with an external hard drive hooked up to a system once a week for the BMR backups – and a standard file backup process for the daily file updates.  With Infrascale Cloud Backup there is no need to worry about your backups being infected.   ICB uses an agent to push the data to the cloud.  By using this agent — which uses SDK to communicate, not a file share – the backup is air-gapped from the original.  This means that the ransomware has no way to access the data in the Infrascale cloud!   The punchline: No need for cutting the internet, no need for separate backup technologies, nor a separate hard drive.

Always, Always, Always Verify That Your Backup and Recovery is Working

The last topics to cover are reporting and testing the solution. Reporting is essential, so you absolutely know the solution is backing up what you want and when you want it to be backed up. This ensures the data is available for a recovery. Infrascale Cloud Backup offers many reporting options that can be configured per partner, customer, or end-user. Infrascale has also integrated with 3rd party vendors like ConnectWise and Autotask for monitoring.  Lastly, Infrascale also offers public API, enabling you to integrate the reporting right into your systems.   The options are there – so implement at least one to verify backups are running.

However, monitoring & reporting only tells an administrator when an event has already occurred. A complete, well-rounded, and operational ransomware detection solution also requires testing the recovery plan and systems. Testing is probably the most overlooked part of having a good recovery plan, as people rarely utilize it. Once a month, you should test your monitoring, backups, AND RECOVERY to ensure that when the day comes, you are prepared for a ransomware attack.

Tips to Protect Your Organization From Ransomware — and How to React Properly If You Fall Victim

Ransomware is on the rise and shows no signs of slowing down. Global cost of damages due to ransomware attacks are predicted to reach $20 billion by the end of 2021, according to Cybersecurity Ventures.

It’s not an exaggeration to say that ransomware presents an existential threat to the livelihood of U.S. and global businesses in sectors such as education, financial, government, healthcare, law enforcement, and telecommunications. Victims of ransomware — and the citizens, customers, investors, and patients that these organizations exist to serve — have much to lose.

In the first half of 2020, businesses, institutions of higher education, and local governments dedicated nearly $145 million to placate hackers and restore data and networks following major ransomware attacks. And paying ransom didn’t — and doesn’t — guarantee that such organizations get their data back. As if paying a ransom for your own data isn’t demeaning and exhausting enough, the financial and other negative impacts of ransomware extend far beyond the ransom. Victims of ransomware also have to contend with added IT costs, lost productivity, mounting legal fees, the need for network modifications, and/or subscription fees for new credit monitoring services for employees or customers.

Fortunately, businesses can protect themselves from the ransomware threat. One of the best ways they can do that is with an effective, and safeguarded, endpoint backup and recovery solution — to bypass the ransomware event and return to an uninfected copy of their data. However, for those who do not have such a solution, there are other ways to counter the impact.

Below are a few tips on how businesses can mitigate ransomware. But, first, let’s assess the larger landscape.

Why Ransomware Attacks Are on the Rise

New digital payment options that provide criminals with a high degree of anonymity, the growing ecosystem of ransomware hackers, and the disappearance of the enterprise network perimeter (amid an increasingly distributed workforce) have all contributed to the rise in ransomware. Bitcoin and other crypto currencies have made it possible, safe and easy for cyber thieves to demand and receive payments and transfer money anonymously.

Adding fuel to the ransomware fire is the fact that it’s not just well-financed, sophisticated criminal enterprises that are exploiting ransomware. State-backed and individual hackers, looking to cash in on what they perceive as easy money, are also launching ransomware attacks.

The pandemic also has helped feed ransomware’s rise. Cyber criminals are actually leveraging the pandemic to their advantage, ramping up their attacks on organizations and individual consumers for financial and political gain.

The large increase in remote branch office and work-from-home environments, the latter recently due to COVID-19, has more workers using their own endpoints — such as laptops, desktops, and mobile devices. Home networks are not nearly as secure as enterprise networks; IT departments have a lot less control over the security and settings on remote workers’ devices and the infrastructure protecting those endpoints. Unfortunately, the bad actors know this as well, as we’ve seen almost 400% growth in ransomware over the last two years as a result.

Ransomware Comes With a Hefty Price

Businesses of all sizes and in all industry sectors are subject to ransomware attacks. A recent Infrascale survey conducted with more than 500 C-level small and medium business (SMB) executives revealed that 46% have been victims of ransomware.

Downtime is an enormous pain point for businesses, which lose time and money for every hour, minute or second they don’t have access to their critical data and other digital assets. That helps explain why nearly three-fourths (73%) of SMBs that have faced ransomware attacks shelled out their hard-earned money to pay the ransoms.

Paying a ransom can eat into an organization’s finances in a significant way. Forty-three percent of the SMBs we surveyed said that they have paid $10,000 to $50,000 to ransomware attackers. The price tags were even higher for some others — 13% of SMBs doled out more than $100,000.

According to Coveware, the average amount paid for a ransomware attack in the fourth quarter of 2019 was $84,116. This is up from an average of $6,733 just 12 months prior. The Coveware study indicates that this amount is heavily skewed by Ryuk and Sodinokibi ransomware, pushing the median payment in the fourth quarter of 2019 to $41,198. Demands from both of those actors can typically reach six or even seven figures, making even a single successful attack extremely lucrative. In June 2019, for example, Ryuk attackers extorted more than $1 million in ransom from two Florida cities in just one week. A single Sodinokibi affiliate appeared to snag $287,000 in three days.

The amount of money being funneled back to these criminals to fund future attacks is deeply troubling, and the size and quantity of ransoms being paid is causing insurance providers to raise their cyber-insurance rates as much as 25%.

In most cases, however, the cost of the ransom is trivial compared to the cost of system downtime, missed sales, and lost credibility. Thus, in the hopes of quickly restoring their systems and getting their data back, ransomware victims often pay off anonymous blackmailers.

This is likely to be a continuing trend, as Infrascale research shows that more than a quarter (26%) of the SMBs that reported they have never paid a ransom said they would consider doing so. Of that group, 60% said they would pay a ransom to get their files back quickly, and 53% said they would pay a ransom to protect their company’s public image around data protection and recovery efforts. Yet, 17% of the survey participants who paid ransoms to their ransomware attackers indicated they recovered only some of their organization’s data back in return.

Ransomware Prevention Deserves Attention — And MSPs Can Offer an Assist

Ransomware is not a threat that just arrived on the scene. This problem has been around since 1989. Yet many businesses still have not prepared themselves for ransomware attacks.

Almost a fifth (19%) of the Infrascale survey respondents said they don’t believe their businesses are adequately prepared to address and prevent unexpected downtime. That’s curious considering that more than a third (37%) have lost customers and 17% have lost revenue due to downtime.

Downtime can cost businesses a pretty penny. Roughly half (48%) of the survey group reported that their per-hour downtime cost was in the $20,000 and $50,000 range.

The adage that time is money would seem to apply here, although perhaps in a different way than you might think. Infrascale research indicates that almost a third (32%) of SMBs have limited time to research ransomware mitigation solutions. The same share said that they don’t have the proper IT resources in place to address ransomware threats. The point is that businesses that don’t take the time to adequately prepare for a ransomware attack are likely to lose a lot of money — possibly by paying the ransom but certainly due to operational challenges, a loss in business, and a hit to their reputations. Given these challenges, here’s a useful tip: Consider hiring a third-party expert, such as a managed service provider (MSP) or security professional, to assist with the heavy lifting around ransomware protection, education, implementation, and setup.

Educate Staff on the Importance of Up-To-Date Anti-Virus Software and the Phishing Threat

Organizations that want to protect themselves from ransomware should educate staff members about this threat and its vectors of entry into an organization. This means education on proper email handling and making sure that employees’ anti-virus software is up to date. This may seem obvious, but it’s often something that SMBs don’t check on until it’s too late.

Picking up on a potential attack in advance is ideal to prevent it from happening. Your IT department should check your network frequently to see what types of files are being sent and work to understand what types of computers are connecting to your network.

If something looks nefarious, it usually is. However, criminals are becoming increasingly sophisticated at making their attacks look legitimate. And during this time in which people are in search of information and answers, the public’s fake-filters are at an all-time low.

Take These Steps If Your Organization Is Comprised by Ransomware

Cybersecurity is important, but it isn’t foolproof. Chances are good you’ll fall victim to ransomware at some point. Perhaps you already have experienced such a scenario.

Here are some helpful tips your organization can use to respond to a ransomware attack:

  1. Capture the ransomware message. When your business is hit with an attack, your first impulse may be to take action. But don’t forget to take a screenshot or photograph of the ransomware message. This captured image will serve as evidence for your own use and in case you report the ransomware event to law enforcement officials.
  2. Don’t automatically pay the ransom. As Tufts University professor Josephine Wolff wrote in this piece for The New York Times, paying ransomware attackers only serves to reinforce to the hacker community that ransomware is a “business model” that pays. If there’s another way out of the situation, without risking life and limb, consider taking it. Don’t reward the bad guys.
  3. Conduct a cost-benefit analysis. This will help you to decide on the best path forward. MIT professor Larry Susskind noted that if ransomware freezes critical business operations, an organization may not be able to collect revenues, provide vital services such as water or electricity, or conclude patient procedures. Ransomware certainly creates financial risk, but it can also be a life-and-death proposition. That said, it makes sense to look before you leap.
  4. Understand whether the issue is encrypting ransomware or screen-locking ransomware. If you’re dealing with screen-locking ransomware, the situation may be more easily remedied. Try closing the affected application using a Mac Activity Monitor or Windows Task Manager; restarting the device in safe mode; and employing malware removal technology. If you’re lucky, this may help you overcome the screen-locking variety of ransomware.
  5. Move quickly to limit the threat. Ransomware can spread like wildfire, so you’ll want to contain it as soon as possible. One way you can do that is by physically disconnecting affected devices. Disable Bluetooth and Wi-Fi connections on those devices and put them in airplane mode. Also unplug Ethernet cables and connections to external devices like cameras, hard drives, and phones. Organizations also can contain ransomware via microsegmentation. This approach relies on network monitoring to detect anomalies and leverages automation to isolate devices that exhibit behaviors indicating they may have been infected.

Limit the Ransomware Pain and Stay Up-and-Running with Backup and Disaster Recovery

The risk that ransomware presents to your business decreases significantly if you employ a comprehensive, cloud-based endpoint backup and recovery solution such as Infrascale Cloud Backup (ICB). Such solutions are invaluable in the event of a ransomware attack. The ICB solution backs up critical data such as accounting files, Exchange data files, and SQL databases. The ICB direct-to-cloud backup solution protects a wide range of devices and endpoints, regardless of their location, which is important in our increasingly distributed world.  Further, it has a host of management features, including ransomware detection and alerting, to take on ransomware directly. Finally, as a cloud-based solution, working via API vs. as a network-attached drive, there is an air gap that prevents your backups from being infected too.

As all of us have become extremely aware, confronting a crisis is never fun.

But contending with ransomware in this already challenging time can be a lot less painful — and you can get through it faster and with much less disruption — if you already have good backup and disaster recovery in place. Businesses that have backup and disaster recovery strategies and solutions at the ready can restore their data and resume normal operations much more quickly.

Infrascale Primed for Growth, Relocates Headquarters to Reston, Virginia

Reston Becomes Home to C-Suite, Finance, IT, and Business Operations to Access the DC Metro’s Technology Talent

 

Reston, Va. – August 19, 2020 – Infrascale, a cloud-based data protection company providing industry-leading backup and disaster recovery solutions, today announced that it has officially moved its headquarters from Los Angeles to Reston, Virginia. The move centralizes its core leadership team and business operations to continue its ambitious growth plans, which commenced at the start of the year with key leadership changes.

The Infrascale C-suite – Russell P. Reeder, CEO; Rob Peterson, CFO; Brian Kuhn, COO; and Carolyn Kress, CPO (Chief People Officer) – are based in Reston and have commenced building out the company’s operational teams, beginning with finance and information technology.

“We set out for a year of transformation, staging for growth and scale in 2021 and beyond,” said Russell P. Reeder, CEO of Infrascale. “I’m extremely proud of the progress we’ve made to date, particularly given the challenging global climate caused by COVID-19. The formal transition to our new headquarters in Reston represents a significant milestone in our 2020 plan. Recognized as a top-two technology destination, Northern Virginia and the greater DC Metro area contain an impressive talent pool that will only grow with the continued expansion of technology innovation in the region. We are excited to build out the team here and across the US.”

Infrascale is backed by premier investment firms, Route 66 Ventures (Alexandria, Virginia) and Carrick Capital (San Francisco), which have stewarded the change in leadership and support the company’s strategic growth plans in the rapidly expanding business continuity technology sector.

“Infrascale continues to deliver flexible, secure and easy-to-use cloud data protection and recovery solutions to a growing number of top-tier customers,” said Ryan Katz, Founding Partner at Route 66 Ventures. “Their continued success is reflected in ongoing growth, and the company’s move to Reston – the home region for much of the nation’s tech talent – represents a positive and exciting development in the evolution of Infrascale as they grow into a key player in the enterprise market and continue to innovate.”

The new headquarters succeeds the previous location in Los Angeles. While the physical office will be shuttered, the Customer Support, Sales and Marketing staff remain, as remote employees, in the LA metro region.

The new Virginia headquarters, starting with Finance and HR, will ultimately include Administration, Information Technology & Information Security, Marketing, and Sales. To see current openings, visit the Infrascale Careers Page.

 

About Infrascale

Founded in 2011, Infrascale provides comprehensive, cloud-based data protection by delivering industry-leading backup and disaster recovery solutions. Combining intelligent software with the power of the cloud, Infrascale removes the barriers and complexity of secure, offsite data storage and standby infrastructure for real-time disaster recovery. Trusted and recommended by leading independent industry experts, Infrascale equips its customers with the confidence to handle the unexpected by providing higher availability, better security, and less downtime when it comes to their data. Visit infrascale.com or follow us on Twitter at @Infrascale for more information.

 

Media Contact
Hannah Ruark
hannah@bospar.com
540-599-7887

How to Use Dropbox and Box Without Putting Your Data at Risk

As software creators have increased their adoption of cloud technologies the result has been growth, proliferation, and expansion of the software-as-a-service (SaaS) market. This growth has allowed SaaS application providers such as Box and Dropbox to evolve from being elementary services for sharing files among friends, to advanced and integral business solutions. Box and Dropbox have become complex combinations of file hosting and cloud storage, data sharing and synchronization, and collaboration tools.

Though Box and Dropbox do a great job supporting business needs, they neglect one of the most crucial aspects for business operations — backup and restore functionality. Unfortunately, both Box and Dropbox provide business customers a false sense of security that their data is properly backed up and can be retrieved in case of emergency. SaaS application providers only provide very limited cloud backup and restore capabilities that do not meet the needs of many business customers.

So, you are probably wondering… How do you improve the safety and security of your critical data stored in Box or Dropbox, and preserve it from being lost or corrupted?  How can you restore the required data anytime and anywhere, so your business does not fail due to the accidental or intentional deletion of that data?

Dropbox and Box are not backup solutions

As mentioned above, both Box and Dropbox originated as file sharing and storage solutions. Like many of their SaaS application provider peers, the notion of backup and retention (beyond file version history) is foreign to their offerings.  As such, lack of the full-featured backup and restore options fail to meet critical requirements for business continuity and disaster recovery planning. For example, with Dropbox for Business provides 180 days to restore files and folders from when they were deleted; the same retention period applies if you want to revert the changes made to a file (file version history is limited). Box for Business and Box for Enterprise provide only 100 days for the same. Such retention policies won’t let you effectively secure your data in case it was infected or corrupted beyond those periods. Moreover, after your data has been completely removed from the deleted files, it is permanently gone, without any chances to get it back.

How Infrascale can help your Box and Dropbox backups

Infrascale Cloud Application Backup for Box and Infrascale Cloud Application Backup for Dropbox offer cloud backup of your SaaS application data and provide an effective way to fully control your data, risks, operations, and costs.

Always have a plan B (for backup!)

No matter how advanced and reliable your business technologies are, the good old “extra copy” of your data will never lose its value. It can save your nerves, time, efforts, and in some cases, the entire business. Remember that no one is immune to logical mistakes and human factors leading to data loss or corruption.

Infrascale Cloud Application Backup provides comprehensive protection for your frequently changing Box and Dropbox data, so it can be restored quickly and easily in the event of data loss or corruption. With flexible and easy data recovery features that include point-in-time, granular, cross-instance, and self-service restore, you can export your Box and Dropbox data to your own Amazon S3, Microsoft Azure, Google Cloud Platform, Box, or Dropbox storage.

Automate what can be automated

Backup must be automated. Only an automated scheduled backup gives us the opportunity to restore data either from this hour, yesterday, or from many months ago. The elimination of manual copy-and-paste backups will save you time, effort, and money.

Infrascale’s approach to cloud backup is expressed in a single statement: set it and forget it. Infrascale Cloud Application Backup allows setting up and configuring automated Box and Dropbox backups to be run daily, every three days, or weekly. But at the same time, it is important to perform your backups anytime you want. That is why Infrascale Cloud Application Backup allows you to back up your Box and Dropbox data on demand, alongside the scheduled automated backups.

Divide and conquer control

It’s bad practice to put all your eggs in one basket. When you operate with today’s huge volumes of data, your backups should provide both logical and physical separation from the data itself, preferably on a different cloud or physical storage. Human errors, malicious intents, outages, sync errors, hackers, or malware, could lead to the loss of data anytime and anywhere.

Infrascale Cloud Application Backup offers a reliable and completely separate cloud storage location (from your original SaaS storage), where your Box and Dropbox data is backed up automatically, and removes the need to place the data on a local device or a file share. Your data is securely archived within the United States (default), or optionally to the European Union or Australia.

Too much is never enough (when it comes to data retention)

As said above, Box and Dropbox offer limited backup data retention periods and file version history for restore. This can result in a complete nightmare if you need to get your data months and years from now.

With the long-term backup retention and unlimited file version history, Infrascale Cloud Application Backup makes sure your Box and Dropbox data files are findable and retrievable at any point in time.

Knowing is half the battle, but execution is everything

Knowing what data backup and restore is, and what backup and restore solutions are there in the market, is one thing; but to procure, to configure, and to test them adequately and efficiently is where the most benefit is.

With the assistance from Infrascale onboarding specialists and customer service, you can be sure your Box and Dropbox backup queries will be resolved in a professional and timely manner. Furthermore, if you prefer to deep dive into how Infrascale solutions are built and operate, and to take the full control over your data backup and restore solution, we encourage you to visit the Infrascale documentation hub and YouTube channel for more details.

With these simple yet effective concepts in mind, Infrascale is committed to providing the SaaS application data with protection and cloud backup that your business requires. We treat your data as if it were our own.

Ready to take your Box and Dropbox backup to a new level, thus improving your data protection and reliability? Learn more about how Infrascale Cloud Application Backup for Box and Infrascale Cloud Application Backup for Dropbox can help you to protect your critical data.

How to Protect Laptops and Desktops Using Endpoint Backup


Interviewer
– John Gilroy – Host, Federal Tech Talk Podcast from the Federal News Network 
Interviewee – Chris Bayne – Infrascale, Chief Solution Architect

A Conversation about Endpoint Backup with Chris Bayne, from Infrascale

John Gilroy, host of the Federal Tech Talk Podcast sat down with Chris Bayne, Chief Solution Architect at Infrascale to discuss how businesses should protect their laptops and desktops using an endpoint backup and recovery solution. During the interview Chris defines endpoints, describes endpoint backup, and discusses why endpoint backup is important for businesses and business risk managers – especially given the increase in remote work environments and looming threat of ransomware.

What is an Endpoint?

John Gilroy:  Hi Chris. It is a pleasure to meet you and thank you for taking time to speak with me. With the current pandemic and the increase in work-from-home employees, there has been a lot of discussion about endpoint protection. Please help me understand.  What is an endpoint?

Chris Bayne: Thank you, and that is a good question. Simply put, an endpoint is any device that is physically at the “end point” of a network – I.e. a device that communicates back and forth on the network to which it is connected. Laptops, desktops, mobile phones, tablets, servers, and virtual machines can all be considered endpoints.

With workforces becoming more mobile and users connecting to corporate networks from endpoint devices all over the world, data is everywhere. Companies need to protect this data, even when it resides outside the four walls of an office building. Due to the increase in remote work environments and the proliferation of endpoint devices, any endpoint represents a vector for cybercriminals, where attackers could execute code and exploit the vulnerability of whatever protection the endpoint may or may not have.  In addition, the data on these endpoint devices such as Android and iOS phones/tablets, Windows and MAC desktops/laptops, or/and Windows servers, must adhere to more stringent corporate retention requirements.  

What is Endpoint Backup?

John Gilroy:  Thank you for defining endpoints.  Now help me understand what endpoint backup is?

Chris Bayne: The SANS Institute, the most trusted and largest source of information security training and certification in the world, recently found that 44% of respondents admitted that one or more of their endpoints had been compromised in the past 2 years. The risk associated with the rapid rise in connected endpoint devices has highlighted the critical need to protect important endpoint data.  Forward thinking organizations are adopting solutions to address this risk, such as deploying an endpoint backup solution.

Endpoint backup solutions enable the transmission of data from an endpoint — whether Android and iOS phones/tablets, Windows and MAC desktops/laptops, or Windows servers — to the cloud for safekeeping. These solutions then provide restoration of that data to help protect businesses against lost information due to malicious or accidental deletion, solve for insufficient device data retention policies, detect, and/or prevent cybersecurity threats including ransomware attacks.

Why is Endpoint Backup Important?

John Gilroy:  Why is endpoint backup so important and what is driving the increased interest in endpoint backup?

Chris Bayne:  Let’s start with two givens: 

  1. Data is Mobile, Data is Everywhere: With workforces becoming more mobile and users connecting to corporate networks from endpoint devices all over the world, data is everywhere. Companies need to protect this data, even when it resides outside the four walls of an office building.
  2. Backup is Good: Why?  Backing up data is just good sense to combat accidental or malicious deletions, hard drive crashes, lost/stolen laptops, and retention requirements.

With a given of data proliferation, the ugly trend is:  bad guys are paying attention and using new vectors of attack on endpoints and remote workers – via malware and ransomware.

By all indications it appears that remote work is here to stay, and it’s not a passing trend that will go away when society reopens. It is a new way of life for businesses and their employees, and it is, therefore, very important that they have a secure, easy to configure, and easy to manage endpoint protection solution in place.  The pandemic has certainly brought that all to light.

The large increase in work-from-home environments and increased use of BYOD (bring-your-own-device) in corporate work has had a significant impact on IT departments. IT departments have a lot less security control over off-site devices, and the infrastructure protecting those endpoints. Unfortunately, the bad actors know this, as seen by the almost 400% growth in ransomware over the last two years. During a ransomware attack, malware encrypts a victim’s files, and then payment is demanded to restore access to the victim’s data. Research shows that every 14 seconds a business falls victim to a ransomware attack, and that 60% of SMBs close within six months of being a victim of a cybersecurity breach.

Endpoint Backup: A Ransomware Case Study

John Gilroy:  These trends are very interesting. Can you provide an example of a business that was impacted by ransomware, and how they responded?  

Chris Bayne: Absolutely. One of our MSP partners provides a point-of-sale solution to their end customers. Five of their customers were impacted by ransomware attacks within a couple of months of each other. Of those five customers, three had deployed the Infrascale Cloud Backup (ICB) endpoint backup solution, and two were running a competitor’s solution. From the Infrascale backups, the three ICB customers were able to restore their data very quickly from backups taken prior to infection, and their business was back to full, pre-infected productivity within hours! The customers that were not running the Infrascale solution were down and unable to process credit card transactions for several days! This downtime resulted in significant lost revenue. Based on a recent Infrascale survey, conducted with over 500 C-level SMB executives, the average per hour downtime cost for an SMB customers is between $20,000 and $50,000.  Thus, each ICB customer saved an estimated $320,000 to $800,000 in potential costs by deploying an effective and reliable endpoint backup solution.

What is Infrascale Cloud Backup (ICB)?

John Gilroy:  Please tell me more about your Infrascale solution for endpoint backup and recovery

Chris Bayne: Infrascale Cloud Backup (ICB) is our direct-to-cloud endpoint backup solution that protects business devices including laptops and desktops – as well as servers such as Microsoft Exchange and SQL databases. ICB provides simple backup, fast restore, and protection (detection and mitigation) from ransomware for their endpoints. Optionally, it can also support Windows bare metal systems on virtual and physical machines. There are three foundational elements that sets ICB apart as a cloud endpoint backup solution:

  • Ease of Use
  • Security
  • Ease of Management

Our goal is to arm IT administrators with robust ransomware detection, monitoring, and management tools — while still providing end-customers with an easy-to-use and robust backup solution. With just a few clicks, it can be up and running on a Windows, Mac, IOS, or Android device.  ICB protects the most critical data, including files and folders, SQL databases, Exchange data files, and QuickBooks and other accounting files. Equally as important, it makes recovery and the restoration of the critical data and business processes fast and easy – both for end users and for administrators.

The ICB ransomware detection capabilities identify when an attack occurs, so you know the optimal recovery point. In addition, Infrascale Cloud Backup keeps an unlimited number of versions of the files that we are protecting. Therefore, if a data corruption occurs, you will be able to quickly restore your data. The ICB management tools are designed to help administrators and IT managers. A single pane-of-glass management interface enables customers to remotely manage, remotely restore data, build polices and deployment rules, as well as manage reporting and alerting to monitor backup operations. ICB also provides granular monitoring and automated reporting – as well as integration with Remote Monitoring and Management (RMM)/Professional Services Automation (PSA). 

How can I find out more about Infrascale Cloud Backup?

John Gilroy: Chris, this interview has been great, and I really appreciate your time. How do I find out more about Infrascale Cloud Backup?

Chris Bayne: The best place to get more information about Infrascale Cloud Backup is from the Infrascale Cloud Backup product page.  I also recommend watching our live-streamed video recording from Cloud Field Day 8 and/or a visit our YouTube channel. Lastly, the Infrascale documentation portal provides a wealth of information on our endpoint backup solution – or you can contact a Infrascale sales representative for more information and to schedule a demo.