cloud backupcloud complianceDRaaS

Disaster Recovery – Your Insurance Policy for Ransomware

ByMarch 24, 2017
RansomwareYears ago, in a time called 1996, a gentleman by the name of James Clark became frustrated with the patient care experience. He lamented the fact that his patient information from one doctor was often not available to another.

He realized, in that bygone time, his information could be networked and shared to reduce both time and errors, as well as costs for patients, insurance companies, healthcare providers and processors. He took his idea and began building what we know today as Web MD.

Webinar –  Watch On Demand now

As records became more and more digitized, the benefits slowly started to appear. Costs were able to be monitored and reduced, billing was tracked with more efficiency, and even more importantly— the time patients spent searching for and gathering records had diminished. The networking of systems combined with the consolidation of data and information allowed healthcare organizations to embrace a new digitized world!

Then, in 2012, the very first incident of a ransomware infecting a healthcare entity occurred. Surprisingly, it hardly even made a ripple. It was so anomalous that industry professionals thought it must be a fluke. Then it happened again. And it happened again, and yet again. By the end of 2015, if you were in healthcare IT and not actively thinking about and mitigating for ransomware you were behind the curve.

What makes the ransomware threat worse is it’s not just the fact that the infection occurred on what was supposed to be a controlled environment— but that it LOUDLY INSISTS that you pay attention to it. The encryption of files, VMs, and even entire environments, coupled with an aggressively prominent window demanding bitcoins to remove it became something even worse— a public relations fiasco. So, to add insult to injury, you now have an environment that is infected, encrypted with keys you don’t own, displaying a notice on infected machines to all staff— and worse still, you have to report a breach, all the while trying to figure out if you should pay this ransom.

Don’t. Don’t pay the ransom!

I know that is a simple statement and seems flippant, but instead of paying, take the time to ensure you are resilient beforehand! Regulations around healthcare stipulate that backups should be maintained…but have you ever tried to restore from backups when the whole server environment is down? Backups are great for audits and holding data that should be in cold storage. But, the reality of our times is that backups are not going to achieve any meaningful Recovery Point Objective (RPO) or Recovery Time Objective (RTO). Since backups are snapshots of time, you may end up with a very large pool of lost transactional data.

Solutions need to be faster. This is where using Disaster Recovery as a Service (DRaaS) comes into play. With DRaaS and a cloud failover, you are not only replicating in real time but snapshotting your entire environment along the way. If you find that your primary site has become infected, you can quickly failover to your hot DR site (all the while ensuring your compliance! Sorry to interject, it is my job). If you happened to have introduced the ransomware into your DR environment, you can revert it back to the point where the infection was not active and take steps to remediate.

Disaster Recovery is not just your failover for operations— it has become your insurance policy for surviving a ransomware attack. It reduces the loss in time, efforts by IT to restore your systems, publicity of an attack, and helps mitigate any breach that may occur.

Now, I get to work for one of the most advanced cloud companies in the world that specializes in healthcare customers. We engineer and design to HIPAA and HITRUST standards, and those are baked in to our Disaster Recovery offering using Zerto. What that means is you not only can insure that you remain compliant when you fail over, but you fail over quickly. How quickly? Quickly.

At the end of the day, what it comes down to is this: don’t bet on backups. Review your continuity and disaster recovery plan’s RTO and RPOs and test to see if you can achieve them restoring from backup. Then, give some thought to iland’s Disaster Recovery.

Watch the webinar to see how we can help mitigate the threat of ransomware!
Frank Krieger

Frank Krieger

With a career in IT spanning 16 years and over 10 years of ITIL and compliance background, Frank Krieger manages the iland compliance office in the company’s Houston headquarters. Frank received his degree in Computer Information Systems from Northern Michigan University and has an extensive background in enterprise ITIL and compliance including managing service organizations for Fortune 10 companies. Frank has held ITIL Practitioner status and is currently a certificated ITIL Expert. These achievements represent not only an in-depth understanding of process and service management, but also extensive compliance knowledge. When not busy pouring over frameworks and audit requirements, he spends time traveling with his wife, Jacque, playing with his corgi and is an avid Minecraft player.