Ransomware Protection

Award-winning ransomware recovery

The NIST Cyber Security Framework

NIST Cyber Security Framework

In any ransomware attack, you have two options:
pay the ransom or recover your data.

Our approach to ransomware protection follows the NIST Cybersecurity Framework.

Fast, successful recoveries are the result of thorough preparation and diligent protection. We make sure you never have to pay the ransom.

Identify

The first stage is to create your backup policies and schedules. More frequent backups provide more recovery points but increase bandwidth and storage.

Our engineers work with you to find that balance and design the optimum policies to meet your recovery, Governance Risk and Compliance objectives.

Ransomware backup retention schedule

Protect

It is critical to protect your backups so they can’t also be infected. Our approach combines technology, network segregation and Identity & Access Management best practice and to keep your backups safe.

Detect

Modern data protection technology introduces intelligent features to go beyond recovery and help accelerate detection and response.

· Honey pot mechanisms - Hidden files commonly targeted by ransomware are monitored for signature changes

· File activity anomaly alerts - Utilises historic data and machine learning algorithms to detect unusual file system behaviour

Respond

Go immediately from Detection to Response with Actionable Alerting

Trigger API-driven workflows for post-ransomware orchestration actions like disconnecting infected devices from the network

Recover

· Automatically isolate suspected ﬁles for further investigation

· Prevent backup copies from retiring by automatically retaining the last-known good copy

· Cross-cloud and cross-hypervisor ﬂexibility to recover workloads seamlessly

What is it like dealing with a ransomware incident?

Ransomware incident response

It’s hard to overstate the magnitude of a ransomware attack. Ransomware incidents are incredibly complex. They take days, weeks and sometimes months to resolve. There is a huge additional burden on the team to co-ordinate, feed information to relevant parties and get the situation resolved.

How do we help?

Your recovery team

Your recovery will be led by your account manager who knows your environment best, but they’ll be supported by several other engineers in the team to make sure there’s no bottle neck in the recovery. When one person is solving an issue, others are recovering more systems, 24/7, though the night.

Identifying the most recent clean recovery point

Once, located, our first step is to carry out isolated, sandbox recoveries and for further scanning and confirmation before the full recovery.

Crisis Management Team updates

We host frequent Crisis Management Team calls throughout the recovery. We're here to make sure you're never on your own.

The recovery

Our engineers work in concert, on multiple fronts concurrently to accelerate the recovery.

Once recovered, we test with your IT team and we test with your users. We’re only happy when you’re recovered, and the organisation is operational again.

Protecting the recovered environment

Whether you’ve recovered in the cloud or back to on-premises systems, it’s vital that the new environment is also protected. We make sure you’re protected from the moment you start.

Failing-back

You’re likely to be working from your DR environment for several days or even weeks. Once your original production environment has been sanitised and is ready to revert to, we manage the fail-back process and get you back to Business as Usual.

We decided to contact Databarracks before making any decisions. From the minute he answered the phone, our engineer, Tom, knew exactly what to do. He was unequivocal:
‘don’t pay the ransom, we can get your data back for you.

Jonathan Levene
Head of IT and Facilities, Major Players

Our ransomware experience

Ransomware Recoveries

Recoveries in the Public Cloud or on-premises

Ransomware protection

Award-winning ransomware recovery

The NIST Cyber Security Framework

Identify