Virtualization Technology News and Information
Preparing for the Inevitable: Understanding Ransomware and How to Mitigate Risk

In 2021, the number of ransomware attacks rose 105% worldwide, crippling supply chains, causing system downtime and economic loss. It is imperative that all companies - large and small - are prepared for the inevitable ransomware attack, as data is any business's most valuable asset. Tintri and Entara have teamed up for a three-part webinar series to share insights about what ransomware is and how to proactively limit exposure to future cyber threats, as well as hold an open Q&A session where attendees can ask the experts for practical advice. 

Understanding Ransomware

In the first session of Tintri's Talk In Thought Leadership Series, Michael Brunetti, director of professional services at Entara, joined Steve Phillips, principal systems engineer at Tintri and shared what happens when a company is attacked.  Over the past three years, Entara's professional services team has completed over 100 projects and nearly 40,000 hours of work helping companies of all sizes recover from a ransomware attack. From this experience, Brunetti shared, "Ransomware will affect an entire organization. It will move from one person to a workstation to an administrator and disable security tools in place. It has the ability to map out an organization's entire infrastructure and attack very quickly."

Attacks generally stem from human error, not technology inefficiencies. Traditionally, ransomware attacks start with a phishing campaign and an employee clicking on a malicious email.

Attackers will disable backup data, then delete any backup systems and snapshots of data in storage arrays to ensure the business is immobilized. "Once inside a company's infrastructure, the attackers will encrypt anything they have access to, forcing the organization to talk to them," said Brunetti. "Without access to backups or snapshots of data, the organization has to make a decision to either has to pay the ransom or rebuild from what is remaining."

Taking Preventative Measures

In the second session, Brunetti and Phillips discussed various ways to recover from a ransomware attack, focusing on restoring data from backup storage resources to rebuild a company's infrastructure and ensure business continuity. Citing real-world customer examples, Brunetti shared the pros and cons of restoration using traditional storage versus a storage system with snapshots enabled.

"If you have to move 50 or 100TB of data from backup storage to your production SAN, everything is limited by the performance of your backup storage system," said Brunetti. "Once your core infrastructure is rebuilt, you can be literally just twiddling your thumbs waiting for data to migrate back to your SAN."

However, businesses that leverage storage level snapshots, like those available with Tintri VMstore solutions, have the best chance of restoring their network infrastructures quickly. Brunetti recalled, "Entara was deployed to recover a large, 450 server environment that had about 50% of its LUNs backed up with snapshots. The customer was able to operate it's most critical, revenue driving business applications in a few days because they had partial snaps. We spent the next few weeks restoring the remaining high priority systems used for functions like monthly batch reporting.

"The whole project took no more than one month, while the customer with traditional storage and no snapshot capabilities took 3-4 months."

During this session, Phillips gave a hands-on demonstration showing how Tintri Global Center (TGC) can be configured to classify different VMs based on priority, and group them to follow the same policies and snapshot schedule.

"VMstore is a powerful product that any business can rely on for effective and efficient data recovery," said Phillips, "In addition to its unparalleled data recovery capabilities, it provides remarkable VM-level visibility and control that afford unprecedented insights into all virtual applications. VMstore goes far beyond the faculties of traditional storage."

"There's definitely a reason we partner with Tintri. Their technology is truly unique in that if you back up your entire infrastructure on VMstore, you won't need to talk to us for your server infrastructure," said Brunetti.

Your Personal Ransomware Consultants - Open Q & A Session

Tintri's Talk In Thought Leadership Series continues with its third session, "Ask the Experts" on May 19 at 9am PT / 12pm ET / 5pm GMT.

Steve Phillips and Michael Brunetti received many astute questions during the first two sessions and will answer those and more during "Ask the Experts." Questions such as what is the ROI of ransomware protection, what are remediation insurance requirements, and what company resources are needed for protection versus recovery will be addressed.

All registrants that submit a question to Phillips and Brunetti will have the opportunity to win a $500 Amazon Gift Card, courtesy of Tintri and Entara. Click here to register and submit your questions.  The winner will be announced during the webinar.

Published Thursday, May 05, 2022 10:35 AM by David Marshall
Filed under:
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
<May 2022>