If you haven’t heard of the many Fortune 500 companies suffering malware attacks recently, you must have been living under a rock! These attacks are becoming more frequent and more sophisticated — and they’re not limited to the big companies blazoned across the headlines. Small and medium businesses (SMBs), government agencies at all levels, healthcare organizations, and public and educational institutions of all sizes are being targeted as well. Is your organization prepared? In this series of blog posts, I’ll explore some key things you need to know.
The real danger of malware attacks
First of all, as all the news articles make abundantly clear, malware attacks can cause an enormous amount of damage. For example, ransomware can encrypt entire file systems, and wiper malware deletes all the files from infected machines (and some of the newer variants add insult to injury by rendering the hard drive unusable afterward).
But what really causes a significant loss of revenue and tarnishes the organization’s reputation isn’t the malware attack itself; it’s the organization’s inability to promptly recover data and restore operations. The longer systems are down and data is unavailable, the more revenue you lose and the more likely customers are to leave you for your competitors. It’s bad enough that many organizations can’t get back up and running quickly, but some never manage to get back on their feet at all. In fact, research shows that 60% of SMBs that are breached go out of business within six months.
Why disaster recovery planning is essential
How can you ensure that you can recover from a malware attack in time to avoid serious damage? By developing an effective disaster recovery (DR) strategy.
The term “disaster recovery” is often used loosely, and it can mean a lot of different things to different people. After all, there is a lot to do in order to recover from a malware attack, and often many different organizations or departments are involved. It is always a very stressful time. Senior management, line of business owners and department leads are all very unhappy, and they all have different priorities for the restoration process. The phones are ringing off the hook with frustrated employees, and customer complaints are exploding on social media.
The challenges in doing DR right
Unfortunately, many organizations lack a coherent, well-tested disaster recovery plan. In particular, although both users and mission-critical business applications rely on authenticating into Active Directory in order to work, many DR plans do not prioritize AD recovery. Instead, AD admins have to wait for other departments to fix or recover resources before they can recover AD.
Of course, not all recovery scenarios are the same, and different organizations have different needs and priorities. Unfortunately, many disaster recovery solutions are rigid, which makes it harder than it needs to be to get the job done in the way that’s right for your company in a given situation. Moreover, most of them are very limited; for example, they might help you restore your on-premises environment but not all the critical data you store in the cloud. That lack of hybrid coverage can easily leave your employees unable to access vital Office 365 applications and resources, from email to SharePoint Online, and completely shut out partners, customers and other third parties.
In my next posts, I’ll explore the key steps in a truly effective disaster recovery plan and reveal where you can find a powerful, flexible software solution that will help you quickly restore your entire on-prem, cloud or hybrid environment.