Bringing Sexy Back: Is Backup Now Attractive in Ransomware Situations?

Ransomware: Best Practices in Leveraging Backup Solutions 

Not a day passes without another article about an organization being held hostage with an encryption-based ransom, or ransomware.  I am sure the irony of it is not lost on many IT folks: the same tool that is supposed to help secure your data is now used against you in a criminal endeavor. Adding insult to injury, there’s no real way out and you’d better have a Bitcoin account ready to pay up.

Here’s the good news: while it’s not perfect, you already have a great solution in place in your environment to help you out; good old backup. Yes, the unsexy backup function is becoming quite attractive. However, there are some ‘gotchas’ and best practices one must adhere to. Remember, your backup server is a target too.

Many customers have used our solution, Arcserve UDP, to successfully recover affected systems and save their businesses from succumbing to encryption extortionists.. With Arcserve UDP, you can recover a system from scratch and minimize your data loss. Of course, you’d have to get rid of the infected systems and stop the virus from spreading first. However with regular backups, you can significantly reduce the amount of exposure and have the confidence you can recreate a “clean” system. After all, this is a “logical” incident. You would do the same thing if somehow you had corrupted a system and its data; the big difference is the source of the problem.

After discussions with our technical experts, we’ve developed best practices to help you stay out of the ransomware headlines, and keep your business running as usual.

Protect the Source Machine

  1. Take precautions to prevent infection in the first place, such as training users to not click on links within emails, downloading attachments from unknown sources and updating software on a timely basis.
  2. Perform regular backups, which may include rethinking your service level agreements to ensure critical business data is backed up more frequently.
  3. Follow the 3-2-1 strategy for backup: one of the copies should be offline, andat least one of the copies should be offsite.
  4. Make sure your chosen backup solution includes virtual standby for critical systems so that you can get back on your feet very quickly.

Protect the Protector (The Backup Data)

If your backup server gets infected or if your backup data is on a shared network share that is accessible from an infected machine, ransomware can encrypt backup data as well. It sounds obvious, but it’s important to remember!

  1. Replicate data to offsite / cloud
  2. Periodically, copy recovery points to offline media, such as USB disks
  3. Consider leveraging tape as a backup medium for critical data (yes tape!). This oldie but goodie comes in handy to send periodic recovery points offline.

There is no magic bullet or perfect answer, but it’s important to remember that with an advanced backup solution (such as Arcserve UDP), you have a great tool to help in your fight against ransomware. It starts by educating end users and applying best practices to protect your environment.

Are you ready to crush the competition with UDP V6?  Let’s go get them!

arcserve logo

It is almost here! UDP V6, Project “Tungsten”, will be generally available on February. This new version will further establish UDP as the most modern and the leading solution in the market today. With UDP V6, we are squarely focused on going up-market and have added many new capabilities that allow us to leapfrog our competition. This is a very exciting time for Arcserve as we enter our final quarter of the Fiscal Year. Our new version includes many enhancements:

Improved Tape Unification and Ease of Setup with wizards, direct management from the management console and a new unified product installer.

Faster, More Flexible Recovery Options with new enterprise storage array snapshot support to enable high performance, and low-impact snapshots of virtual and physical production servers, new Instant VM for fast recovery and new Instant Bare Metal Restore (BMR) and support for VMware vSphere® version 6.

Windows Platform Enhancements and with support for Windows 10, Exchange 2016,  new Exchange granular recovery support, new reboot-less Agent for fast deployment, and RPS File Copy to a public/private cloud for archiving or storage cost reduction.

Many Linux Platform Enhancements such as support for RHEL & CENTOS v7, Oracle Linux (RHEL compatible) and SLES 12File/folder level recovery of Linux VMs backed up via agentless, host-based backups on vSphere and Hyper-V hosts,  source-side backup and replication to RPS, Infinite incremental backup, RPS to RPS replication, BMR of UEFI systems, archive to tape from RPS , “Sudo” authentication for backup source (improves security).

Management Enhancements and Third Party Integration with role-based administration, WAN management, reboot-less Agent deployment, a new Command Line Interface (CLI), and enhanced Agent and Console v2.0 APIs and DB Schema documentation.

The product marketing and product management teams will host training sessions and by attending, you will learn more about the new release, how to explain and position its new features, and we’ll review updated tools to help you sell.


Tuesday, January 19th at 9:30 AM CT/3:30 PM GMT

Register here.

Crazy. I Love Crazy.


Arcserve award

The picture for this post is the Arcserve team holding the award that they just won at VMworld 2015. Two things stand out for me:

1. IT IS A FANTASTIC ACHIEVEMENT. Arcserve is just 1 year out of their old CA parents. in that time, they basically had to rebuild their business process back end. New ERP, new CRM, new everything. At the same time, they enhanced the product to such an extent that it has won this award against some pretty well-entrenched VMware aligned solutions.

We are achieving ridiculously good results. De-duplication and compression of 12TB to 199GB is an example. This performance and richness of features that allows a single solution to perform simple backup, right through to application High Availability and at a price point that makes other solutions weep is seriously compelling for service providers, mid-market and enterprise customers.

2. THEY ARE CRAZY. These guys do things differently. They add fun into the equation and they make you want to deal with them. Just take this picture of them holding their award. They are doing it in front of their largest competitor’s stand and posting it all over social media. At VMworld Europe last year, they had a “silent club” where people put headphones on in a dark booth with a proper DJ and strobe lighting and danced away and a few months ago, they drove around the UK with a massive green inflatable elephant, pumped it up in their partners’ offices and spoke about the “elephant in the room” and how they can help partners make more money and build better businesses.

You may have read my post “When Crazy Becomes The New Normal“, if not, go read it. Arcserve is Crazy. We love Crazy. We support Crazy. We love Arcserve. You should try some Crazy!