What if . . .
Do you have a written disaster recovery plan to map out how you will recover from a crypto attack? Do you have Insurance and know where your data is or who is responsible for getting it all back up and running? Do you know all the passwords involved?
We can help define a written plan and implement it to be sure you are ready when the unthinkable happens, and we can help you avoid it too.
“Everyone has a plan until they get punched in the mouth.” ~ Mike Tyson
Machine transcribed:
Hey this is Pete
I want to talk a little bit about Disaster Recovery planning.
What would you do if this morning when you got in somebody
had downloaded a virus overnight and encrypted all of your
data there.
We've actually seen some scenarios where they put in a backdoor
program that will allow somebody from somebody to get in
remotely go through passwords.
And then we've actually seen them encrypt everything on the
way out to cover the the crime then use.
Our credit cards that they find on browsers and that kind
of thing.
What exactly would you do if you came in and all your data
was encrypted in your servers were down.
It's a difficult question and we probably should talk about
having a written plan because when everything blows up, nobody
knows what to do, you may not even have internet because
if it encrypted the servers and their down the the servers
are doing your DNS to get you out to the Internet, so Having
a written plan is important a couple of things here the crypto
Insurance you can get from an insurance company as part of
your business insurance and that will cover you for liability
as well.
As for some of the cost of cleaning up the crypto.
It can be expensive and this is where our IPO and RTO come
into account.
So you have a crypto you walk in at nine o'clock Monday morning
and you figure out that you've encrypted everything.
You've lost everything you need to get your data back your
recovery Point objective.
Your RPO is how far in the past you're going because you're
going to be going to a backup and that backup is maybe from
Friday night.
So the last time a backup ran was Friday night at nine o'clock.
So anything between Friday and Monday is not going to be
probably not a big thing because a lot of people aren't working
on the weekends might be for you and that's part of why you
want you need a plan.
So your recovery Point objective is the point the Is that
you're going back to and then your recovery time objective
is how long it's going to take you to get back to get back
to normal a couple of things here.
If you calculate it out.
There's a very good chance that the biggest asset.
Your company has is the data the data is value is what it
costs you to produce it, which is your payroll, you know
times however long people have been producing data further
added on to that.
If you have a disaster and you lose everything you may not
know who even owes you money, so you May lose receivables.
There may be other there may be other costs involved a lot
of them, you know trying to get back up and running getting
new servers getting it getting it fixed.
They can be very expensive and they can be very problematic.
So the best thing to do is to have a plan and that plan should
include off site because we have seen some places where they'll
get crypto code and the backups will get crypto as well if
it's on like theme or if it's not like storage craft depending
on how its set up you can actually get have a heavier BD
are getting Cryptid.
And then you don't have any backups unless you got it off
site now VM and storage graph can do off-site but you fit
that needs to be set up this one of the things we do is we
store people's off sites.
You should also be aware of anything you're going to need
in order to be back up and running.
So let's just say that you're using storage craft and the
storage craft you encrypt because you can encrypt your backup
so that they don't so somebody can't just take your backups
and take it all your data is there's going to be a password
there. You know what that password is you should know who
the point of contacts are.
You should know what the response time is going to be because
you know, if it's somebody that's in the company that set
it up and then they left the company they may not be interested
in responding at all.
If it's somebody outside of the company they could be you
know, skiing in Aspen, but you do need to know what the actual
plan is.
Who do you call who's in who's in the the line that would
that would actually fix something like this?
Further backups have a lot of moving parts and you can check
them Carl.
You need to check them often.
So it's important that you make sure that your body your
backups are viable on a semi-regular basis.
So with that said there's we can help you with this.
We do this all day every day.
It's one of one of our strengths is that we can come in we
can talk to you about what your options are find out what
the best options actually are for your particular situation.
Do you know we can provide more many levels, you know, just
the setup of it.
If you want to manage it or we can do you know manage the
whole way through we can also do assessments of where we're
at interesting side note.
We also do managed services.
So if you're looking to prevent now, nobody can prevent them
all but if you're looking to try to prevent getting cryptos,
there's a number of things.
You can do locking down the desktops scanning for viruses
on the email and web and or you know web.
Whoop scanning.
There's a lot that you can do to kind of mitigate the risk.
You still have some risk, but mitigating the risk, and then
being able to recover if there's trouble are really the two
steps there.
So, I hope this helps if we can be helpful, please call 5859
6850 1/6 or Pete at Gans Tech.com.
Thanks.
Comments