Select Page

Protect your servers from ransomware attacks with backup & DR

Ransomware attacks grow sophisticated with each attack. The usual “ enterprise data protection” practices aren’t sufficient enough. So, we recommend backup and DR as a means to effectively ransomware-proof your critical servers. In this blog, we’ll explore why conventional methods aren’t good enough and what makes backup & DR the best way to resist ransomware attacks.

Conventional practices used to make servers ransomware-proof

Ransomware is no longer a buzzword and organizations accept that. Which is why most are already increasing their cyber-security budgets and investing in methods that they think will help them fend off ransomware attacks. Unfortunately, clever marketing leads to bad executive decisions and contributes to the high success rate of ransomware attacks. In other words, most conventional practices aren’t effective enough against ransomware.

If you’re wondering, “why aren’t conventional practices effective?” We’ll answer that question in each of the following sections as we briefly discuss these practices.

 

Offsite data storage

Protect your servers from ransomware attacks with backup & DR
“If I don’t have it on my production environment, it’s safe”

That’s typically the trail of thought that leads organizations to rely on offsite servers or secondary servers to store copies of critical volumes. However, this isn’t as safe as it may sound like because of how ransomware spreads.

We’ve talked about how ransomware spreads in detail previously read here 

 

Protect your servers from ransomware attacks with backup & DR
Anti-ransomware and antivirus software are a good first line of defense against cybersecurity threats like ransomware. They attempt to pre-emptively identify any unusual behavior and files so that it’s stopped before any data is encrypted, lost or compromised.

The “catch” with such software is that ransomware attacks grow sophisticated and evolve faster – so much so that the software can’t keep up.

While anti-ransomware software can protect your servers from known threats, it may not be able to protect your server from every new ransomware threat. Which is why relying solely on an anti-ransomware and/or antivirus software is not a good strategy and will not effectively ransomware-proof your servers.

Tape Archives

Protect your servers from ransomware attacks with backup & DR
Tape storage has been a trusted partner of data owners and storage infrastructure for decades. Typically, organizations thinking: “If it’s unplugged and offline, no ransomware attack will ever get to it” – use tape archives to “put away” their data hoping that it stays safe from ransomware attacks. However, this too isn’t safe because of how ransomware spreads .

Ransomware attacks have gotten more effective over the last few years and unless proper backup & disaster recovery (DR) solutions are set up beforehand, there’s the risk of being infected, losing critical data, and downtime.

Now that we’ve established that conventional practices just aren’t enough, let’s look at why backup & DR solutions are the best way to make your servers ransomware-proof.

Why backup & DR solutions are the best way to make your servers ransomware-proof

Before we discuss why backup & DR solutions are the best way to deal with ransomware attacks, we need to clearly define what we mean by backup & DR solutions; it’s not the typical definition that you might think.

How we define “backup & DR solutions”

At StoneFly, Inc. we define backup and DR solutions a bit differently than the traditional concepts. We strongly advocate that a backup and DR solution has to be turnkey, simple-to-use, and should have the following components:

  • Continuous data protection (CDP) – shorter RTOs and RPOs
  • Ability to recover instantly with features like direct VM spin up, instant and/or full VM recovery, etc.
  • Secure target storage repositories (on-premises & in the cloud) – using air-gap, WORM storage for file and S3 object data, & other similar features

In other words, we don’t accept the following as effective backup and DR:

  • Snapshot-based “backups” only
  • Syncing or mirroring servers
  • Offsite data storage

This is one of the reasons why we’ve paired up with Veeam software to develop a Veeam-ready backup & DR solution that embodies our understanding of backup and DR, but that’s a topic for another time. If you’d like to learn more about our hper-integrated Veeam-ready backup & DR appliance, click here.

There are more than one way to set up effective backup and DR, so let’s go over what kind of setups you can have to make your mission-critical servers ransomware-proof.

 

Different ways to setup backup & DR for your critical servers

Protect your servers from ransomware attacks with backup & DR
This goes without saying that there is no “perfect” setup or a cure all. Depending on your industry and work environment, what may work for others may not work for you. So, if you’re at a point where you’re looking into backup and DR, it’s important that you understand what your infrastructure, business model, and data cycle needs first.

To protect your servers from ransomware attacks, you can look into the following ways to setup backup and DR:

On-premises backup & DR appliances

Protect your servers from ransomware attacks with backup & DR
On-premises backup and DR appliances are exactly what they sound like: purpose-built servers with an enterprise backup software; usually complemented with an industry standard hypervisor like VMware, Hyper-V, KVM, or Citrix.

Traditional backup servers don’t come with any storage capabilities, so you have to purchase and configure storage arrays separately.

In other words, because they aren’t turnkey or easy-to-use, we don’t accept traditional backup servers as effective backup and DR. As a solution, we offer complete backup and DR appliances that have integrated file, block, and object storage, and everything preinstalled, tested, and ready for use.

Take our DR365V Veeam-ready backup & DR appliances for example. They come preconfigured with Veeam availability suite v10, user’s choice of hypervisor (VMware, Hyper-V, KVM, Citrix, or StoneFly Persepolis), and advanced data services like snapshots, air-gap, WORM, encryption, and more to secure Veeam backup data & provide the complete experience. (learn more)

Cloud backup & DR

Protect your servers from ransomware attacks with backup & DR
Another way to set up backup and DR is using a combination of backup software, installed on your server, and cloud storage repositories to store your backup data.

This sort of setup can be seamless or quite complex depending on which backup software you choose and the type of cloud support it has.

For example, you can opt to purchase Veeam software and integrate Azure, AWS, other S3 clouds, or StoneFly private cloud to get a highly secure, compliant, and affordable cloud backup and DR setup. If you purchase it from StoneFly, we make the integration and set up seamless and easy so that you can have it up and running in a few hours. (learn more)

Hybrid backup & DR (on-premises + cloud)

Protect your servers from ransomware attacks with backup & DR
Hybrid backup and DR, as the name suggests, uses both on-premises backup servers and cloud storage repositories. This setup can be configured in two ways: 

  1. On-premises backup server with enough storage for hot volumes and cloud storage for cold backup data and archiving
  2. On-premises backup server with integrated storage and cloud repositories to store redundant copies of hot and cold data with archiving

Hybrid backup and DR is highly secure and fit for all kinds of organizations regardless of the industry (healthcare, finance, corporate, etc.) and size (SMBs, SMEs, & large organizations).

A few examples of hybrid backup & DR solutions include StoneFly DR365V, DR365, DR365Z, and DR365U.

Most effective backup & DR: 3-2-1 rule

Protect your servers from ransomware attacks with backup & DR
Setting up the right backup and DR solution is similar to buying the “right tool”. However, we all know that buying the right tool is one part but using it the right way makes the real difference. The 3-2-1 rule describes the best way to use your backup and DR solution.

The 3-2-1 rule recommends creating three copies of your data, storing your data on two storage media, with at least one copy offsite.

The easiest way to set up the 3-2-1 rule is to use a hybrid backup & DR solution to do it as it has all the necessary components.

Conclusion

Ransomware attacks have gotten clever and sophisticated. Conventional practices such as offsite data storage, anti-ransomware or antivirus software, and tape archiving are not enough to make your servers ransomware-proof.

In order to make your business-critical servers ransomware-proof, you need to use backup and DR; and set it up in accordance to the 3-2-1 rule.

Related Products

On-Premises & hybrid backup & DR appliances

  1. StoneFly Veeam-ready backup & DR appliance (DR365V)
  2. StoneFly “DR Site in a box” appliance (DR365)
  3. StoneFly backup & DR appliance for Zerto (DR365Z)
  4. StoneFly Universal backup & DR appliance (DR365U)
  5. StoneFly Backup Server Plus+™

Cloud backup & DR:

  1. Veeam cloud connect to Azure
  2. Veeam cloud connect to AWS
  3. Veeam cloud connect to StoneFly Private Cloud
  4. CDR365 – server backup software

Connect with us on other social media

To learn more about ransomware and how to protect your infrastructure, connect with us on our social media channels:

Twitter:                https://www.twitter.com/stoneflyinc

Facebook:           https://www.facebook.com/stoneflyinc

Linkedin:             https://www.linkedin.com/company/c/stonefly-networks/

Youtube:             https://www.youtube.com/stoneflyinc

The Spear Phishing Survival Guide

The Spear Phishing Survival Guide

Spear phishing stands as the favored gateway for ransomware delivery and infiltrating corporate networks. Shockingly, 36% of data breaches in 2022 involved phishing, with 25% utilizing email as the ransomware attack vector. Guarding against cyber threats and...

Understanding Detection and Response: EDR vs MDR vs XDR vs NDR

Understanding Detection and Response: EDR vs MDR vs XDR vs NDR

In a digitally transformed landscape fraught with ever-evolving cyber threats, the acronyms EDR (Endpoint Detection and Response), XDR (Extended Detection and Response), MDR (Managed Detection and Response), and NDR (Network Detection and Response) have become...

Trigona Ransomware: What is it and How to Defend Against it

Trigona Ransomware: What is it and How to Defend Against it

In an ever-evolving digital landscape, the specter of ransomware looms large, and Trigona stands as a significant player in the realm of cyber threats. This blog delves into the multifaceted world of Trigona ransomware, unraveling its origins, unique characteristics,...

Lockbit Ransomware: Inside the Cyberthreat and Defense Strategies

Lockbit Ransomware: Inside the Cyberthreat and Defense Strategies

In the constantly evolving arena of cybersecurity, the digital landscape is fraught with adversaries lurking in the shadows, ready to exploit vulnerabilities and disrupt the operations of organizations. Among these threats, LockBit ransomware has emerged as a...

What Defending Against Ransomware-as-a-Service (RaaS) Entails

What Defending Against Ransomware-as-a-Service (RaaS) Entails

Ransomware has evolved, becoming a thriving business model for cybercriminals. Ransomware-as-a-Service (RaaS) exemplifies this transformation—a lethal alliance between the creators and distributors of ransomware. It’s no longer a threat relegated to tech...

You May Also Like

WordPress PopUp Plugin

Subscribe To Our Newsletter

Join our mailing list to receive the latest news, updates, and promotions from StoneFly.

Please Confirm your subscription from the email