Validated Backups are so Important
Long Island - Really, school districts too? There is no place of business that is not susceptible to being held Ransom from your own data. You just go about your everyday business and all of a sudden you can't access your data... getting an error on your PC about disconnected drives, email's aren't coming in, cant access your application.. you ask someone near you and they say the same thing, you than overhear someone saying, call the IT company. IT company comes and lets you know that you are being held for ransom and here is the note. The note says pay me $15,000 in bitcoin for your decryption key. You say to the IT company, well lets just restore from the backups... and they agree. Two hours go by and your servers are still not up and running.. you call the company asking they "whats up?" and they tell you.. "The Hackers went in and deleted the on-site backups, everyone one of them".. You say WOW but that's ok because we have off-site backups that you guys actually store for us. IT company agrees to restore the servers from the off-site. Four hours go by and your servers are still not up and running.. you call the company a little more verbal asking "What's up".. this is where it gets scary. IT company tells you that there is no good backup, we tried the last 7 days and all would not restore properly. Looks like we are going to have to scrub the servers and do a reload or pay the ransom, which is no guarantee you will receive the correct decrypt key. Reload takes average 5 business days and that's working late every night and most likely a bill you are going to have to pay. Decryption would take an average of 2 days and also a bill you are going to have to pay. Summary of the story: Restores should be validated monthly and if you can get to their office to witness the process of picking a server of yours with the date and actually watch the restore process, that would at least give you a little piece of mind from security breaches. If you can't make the office visit, ask for a restore validation report monthly to be sent to you. How long would a valid backup be to restore a server? average 30 minutes or less. Can you be down for days? Validate your backups!