5 Steps for Recovery Without Bitcoin: Code42 Weighs In on Gartner’s Best Practices

In light of the massive ransomware attack afflicting organizations worldwide today, we are republishing this blog post on ransomware recovery. We wish all organizations affected by this cyberattack a swift and seamless recovery.

Gartner’s June 2016 article, “Use These Five Backup and Recovery Best Practices to Protect Against Ransomware,” outlines five steps for mitigating the threat and/or risk of being hit with ransomware. I will spare you the market stats and dollar figures intended to scare you into taking action now. If you have an affinity for ransomware horror stories, click herehere, or even here.

Or let’s spend time looking at Gartner’s best practices to determine if you believe we are a legit provider of ransomware protection.  Heads-up: when it comes to ransomware, one-third of our customers recover from ransomware using our endpoint backup + restore software, so Code42 customers represent.
Code42 customers recover from ransomware

Gartner Step 1: Form a single crisis management team

Typically, a crisis management team consists of only the customer’s employees, but Code42 does have a virtual seat at this table. Each and every day Code42 system engineers, IT staff, product managers, developers, professional services and customer support staff meet to discuss and address issues raised by our customers. This response team works together to solve customer problems so customers can effectively conduct internal risk assessments and respond to incidents that threaten the health of their endpoint data.

Gartner Step 2: Implement endpoint backup

This IS our responsibility, and we are the best at it, so say our customers. Including one senior IT manager who said, “Code42 gives me immense confidence as an IT manager. Case in point: an executive was traveling to Switzerland for a big presentation and had his laptop stolen en route. He was able to go to an Apple store, purchase a new machine, install Code42 CrashPlan, sign in and restore his files in time for the presentation. And we won the business. I was able to talk him through this on a five-minute phone call. It does not get better than that.” (If you’re a Gartner member, click here to read the entire review.*) Or instead of reading through all the reviews and case studies, we can cut to the chase and simply answer the question: Why are we the best?  Because we deliver what matters most to enterprise customers—from end users to admins to executives.

  1. It just works. Code42 works continuously to back up your data no matter the device, no matter the network. In fact, 7/10 IT admins consider themselves more productive after deploying Code42, which translates to more time focused on projects that are more strategic and rewarding.
  2. It scales bigger and faster than any other enterprise endpoint backup solution.
  3. Service and support is “stellar,” according to our customers. But don’t take our word for that, take theirs.

Gartner Step 3: Identify network storage locations and servers vulnerable to ransomware encryption

Yes, you need to protect your servers, but let’s get to the point: or rather, let’s start at the endpoint where 95% of ransomware attacks originate. Server backup wasn’t designed to restore data to endpoints.

Gartner Step 4: Develop appropriate RPOs and backup cadences for network storage and servers

We choose to focus on the source of attack where we are the best at meeting recovery point objectives (RPO) and backup cadences.  Our backup frequency is 15 minutes by default, configurable down to one minute; whereas our competitor’s default backup frequency is every four hours, configurable down to five minutes. The more frequent the backup cadence, the better the protection against data loss. Gartner’s “Five Backup and Recovery Best Practices to Protect Against Ransomware,” advises, “The primary goal is to leverage newer backup methodologies to achieve more frequent recovery points…The goal here is backing up more often.”  This is not just a server and network-storage best practice, it’s an endpoint best practice too.

Gartner Step 5: Create reporting notifications for change volume anomalies

Step five centers on endpoint backup reporting capabilities. Here, Code42 is resoundingly on point. In the first half of 2016, in the 5 series release of Code42 CrashPlan, a reporting web app that makes it easy to assess when users are not backing up frequently enough—putting your RPO in jeopardy. In addition, the ability to securely index and search user data archives helps security and IT teams find and identify malicious files through MD5 hash, keyword or metadata searches. Combine indexing and searching capabilities with web reporting capabilities to identify anomalies at the individual, department or group-level.

Is ransomware the perfect crime? Not if you’re prepared.

Ransomware roadmap

*Gartner Peer Insights reviews constitute the subjective opinions of individual end-users based on their own experiences, and do not represent the views of Gartner or its affiliates.

2 responses to “5 Steps for Recovery Without Bitcoin: Code42 Weighs In on Gartner’s Best Practices

  1. So what happens if a file is encrypted by ransom-ware and backed up? Is there a recoverable backup? Is the backup versioned or snap-shot so that it can be rolled back to a time before the ransom-ware attack?

    1. Hi Clint! Yes, Code42 CrashPlan allows you to go back to a time before the ransomware virus hit when all of your data was intact. Because we track changes to the file (and back up when a change has occurred), the user has the ability to go back to the last version, before it was hit by the ransomware. The frequency of our backups is every 15 minutes, or more frequent if you choose, so you get a very recent version of the file. You can restore from that point.

Leave a Reply

Your email address will not be published. Required fields are marked *