Protecting businesses from ransomware at the edge
- Published: Friday, 10 September 2021 07:57
Remote/branch office (ROBO) environments that operate at the edge of businesses are often more vulnerable to cyber attacks than other areas of the organization. In this article Richard Massey offers four tips to help organizations prevent and respond to ransomware attacks on ROBO environments.
It's rare for an enterprise to have its data meticulously organized in one data center / centre. As organizations grow, it is typical to see remote/branch office (ROBO) environments set up to support these expansions. It is challenging to keep these environments secure from ransomware because they rarely have technical staff on hand and may be far from primary data centers. So, how do organizations keep these remote offices safe from ransomware, even if an expert cannot be on-site? Here are four areas to consider:
Focus on ransomware prevention first
Just as you would for a company's headquarters, ensure that basic ransomware precautions are in place. Use firewalls, spam filters, antimalware, and antivirus tools. Keep software patched and up to date. Consider purchasing ransomware insurance or increasing coverage to account for new locations. Most importantly, make sure remote employees understand the threat of ransomware. Teach them how to spot risky emails and phishing scams resulting in a ransomware attack and what steps to take if infected.
Develop a remote backup and recovery strategy
It might not always be possible to prevent ransomware from infecting remote networks. However, a robust backup and disaster recovery strategy can get the business back on track if systems get locked down. As with any network, it is essential to start by establishing recovery objectives. Think about a particular location, understand how much data this branch can tolerate losing (recovery point objective), and how much downtime is acceptable (recovery time objective). The solutions deployed at these locations must be able to meet these objectives to protect data effectively.
Understand the essentials for ROBO data protection
Once you have set the goals, it's time to find solutions to meet them. Outside of recovery objectives, consider these three remote/branch office essentials:
- Flexible backup: the solution should back up virtual and physical machines, store those backups locally, and easily replicate them to the cloud.
- Recovery options: when it's time to recover, options are needed. It should be possible to recover locally at a remote office or from the cloud, depending on a disaster's severity. It is crucial to have flexible, fast, recovery options to meet critical objectives.
- Remote management: there might be multiple branch offices with different environments, capabilities, and recovery objectives. The solution must allow effective management of each location's unique goals. That is why the solution must have a robust set of management tools that IT pros can access from anywhere. This system should let an admin remotely deploy different policies in different locations and recover branch offices that might not have technical staff.
Use appliances for superior disaster recovery as a service (DRaaS)
Remote and branch offices may not have the resources or technical staff to manage servers or more complex environments. That is why many admins use backup appliances for remote offices, enabling them to deploy backup and disaster recovery without having to be on-site. Anyone at the branch office can plug in the device and connect it to the Internet. From there, admins can remotely protect data by setting backup schedules and retention policies. If there is a hardware failure or minor disaster, admins can use the device for instant failover. And, because you can replicate data from an appliance to the cloud, a branch office can even spin up its entire site in the cloud should a big disaster bring it down.
Preventing data loss caused by ransomware
ROBO environments are particularly vulnerable to data loss and downtime since there's rarely technical staff on-site to keep an eye on their systems. Add to that the growing threat of ransomware, and admins have their work cut out for them. Luckily, backup and disaster recovery appliances make it easy for administrators to prevent data loss caused by failure events or ransomware, even when they cannot be on-site.
Richard Massey is VP EMEA, Arcserve.