The Complete Ransomware Recovery Guide

2 Easy Steps for Proactive Prevention

In a recent report, Ransomware and Disaster Recovery During COVID-19, IT leaders and other respondents reported a rampant rise in ransomware. All of their companies had experienced a ransomware attack in the last 12 months. About 69% estimated attack costs to be more than $100,000, including ransomware payment, downtime, and lost business.

As attacks keep rising and prevention tools don’t work effectively, how can businesses protect themselves?

In this blog series, we’ll cover proven strategies and step-by-step instructions that we have developed and implemented to help our customers recover from ransomware – in many cases instantly, and in every case without having to pay a ransom. We’ll summarize each section of the new Complete Ransomware Recovery Guide. You’ll learn how to prepare and initiate a quick recovery after an attack, and how to create a backup and retention policy for low RPO (Recovery Point Objective).

The guide includes best practices for your DR strategy, and it doesn’t require that you use a specific backup or DR tool. We highly recommend a modern, cloud-native, integrated DR and backup solution like Datrium Disaster Recovery as a Service (DRaaS) with VMware Cloud on AWS. It will save you the extended downtime typically caused by overly complex, unreliable, and expensive legacy DR solutions.

Proactive Prevention: Ready for Recovery

Why does it take so long to recover after a ransomware attack?  Not having a robust backup and DR solution will delay your recovery efforts, but it’s equally important to have your password management policies and a comprehensive Protection Group (PG) infrastructure to ensure your recovery efforts aren’t delayed by hours or even days.

To thwart the attackers, you need to take preventive measures to protect and manage your passwords and PGs for all critical systems.

Bottom line: when you’re trying to recover, the last thing you want to do is call every server or virtual machine (VM) administrator to recover passwords for all your critical systems. If even one of those admins is unavailable, your entire recovery effort can come to a grinding halt.

In a nutshell, we recommend that you:

  • Isolate your password manager
  • Create a 3-tiered approach for your PGs to help recover your most critical systems first, including NTP and DNS servers

In our next blog post, we’ll cover backup and retention policies to keep your RPO low and within your SLAs.

Can’t wait? Get more details about isolating your password manager and organizing PGs. Download the free guide now.