SecurITy in Real Life – Backup

10-6-2017 10-22-19 AM
We’ve experienced many instances where a good backup system saved the day.
Recently one of our clients, who we provide solely backup services for, was infected by a ransomware virus.
The infection happened in the early afternoon and because it was an encryption-based virus, it impacted all the file shares on the client’s server.  In total, about 1.8GB of data was affected.
We had, in place, backup retention policies for our client’s data which ensured that backups occurred every 2 hours.  This meant that between the time the client was infected with ransomware and the time the last backup occurred, only about an hour and a half’s worth of data was lost.
Once we had diagnosed the problem, the client was informed that restoring the data would take about 10 hours to complete which meant downtime for the firm.
10-6-2017 10-24-50 AM
Given that it was near the end of the day, we decided with our client to proceed with the restore.  Near midnight, when the restore was almost complete, the server unexpectedly crashed.
As a result, we decided to postpone the restore until the weekend.  This would allow us to dig deeper and really get to the heart of the problem, figure out why the restore failure had happened, and allow us buffer time to resolve it.
While this was a good idea from a technology and diagnostic standpoint, waiting until the weekend was not suitable for our client as prolonged downtime was costly to their business.  We needed to get the firm up and running before the morning.
Our solution was to use the most recent backup the firm had prior to infection from their backup device.  We configured the appliance and backup file to act as a functioning server and connected it to the firm’s network.  This allowed the firm to use the appliance as a defacto server and to work off the backup file until the restore could be complete on the weekend.
10-6-2017 10-28-57 AM
The firm was able to continue working for 2 days until the weekend when we successfully performed a restore of their data and ensured the system was fully operational. There was minimal data loss or lost production time.
Our backup solution plays a key role in how our client successfully managed to keep working despite experiencing a ransomware virus.  The device allowed them to work from backup which allowed us the time to sort out the server and restoration problem.  This was preferable to a quick fix solution which might have caused more problems if our client had experienced another ransomware or virus infection.
Further, even when running in disaster recovery mode, we continued to run backups every 2 hours.
Can your recovery solution perform this well? If not, give us a call at 647-426-1004
Charles Bennett is the Principal Consultant of Triella, a technology consulting company specializing in providing technology audits, planning advice, project management and other CIO-related services to small and medium sized firms.. Charles can be reached at or 647.426.1004 x 222. For additional articles, please visit Triella is a VMware Professional Partner, Microsoft Certified Partner, Citrix Solution Advisor – Silver, Dell Preferred Partner, Authorized Worldox Reseller and a Webroot Reseller.
© 2017 by Triella Corp. All rights reserved. Reproduction with credit is permitted

Share on facebook
Share on twitter
Share on linkedin
Share on pinterest
Follow us
Subscribe to our newsletter