Security Market Segment LS
Thursday, 10 August 2017 17:35

Five steps to avoiding ransomware hell


There are various ways of keeping ransomware at bay, but in case it does slip through your defences some fairly simple precautions can make it easier to recover.

Data protection vendor Veritas Technologies is running a "five steps" campaign to encourage organisations to protect themselves from ransomware, global general manager Simon Jelley told iTWire.

Australia, he noted, has a relatively high exposure to ransomware (11% of all ransomware infections, according to Symantec). It can be a particular problem for SMEs that are unlikely to have a staff member dedicated to IT security issues.

The five steps for avoiding the worst effects of ransomware are: make copies, isolate them, set appropriate retention periods, apply the 3-2-1 rule, and run fire drills.

The first step is pretty obvious. If ransomware encrypts the only copy of a file, there's a good chance you won't get it back. This also applies to hardware failure, theft, fire, floods and other disasters.

Isolation is especially relevant to ransomware. It's a small step from encrypting files on the start-up drive to going after those on external drives, network shares and so on. Back-ups can be isolated by using (for example) tape or read-only cloud storage, Jelley suggested. While tape is still popular, he expects a significant move to cloud services such as Glacier, largely because of their better economics but also because SMEs are moving away from owning their own infrastructure.

Retention periods are part of data lifecycle management. A first step is to move older back-ups to cheaper (and probably slower) storage such as tape or cloud, as they are less likely to be needed urgently. There's also the issue of aging-out old and unwanted data to avoid the cost of storing it indefinitely. Organisations should also consider how many copies of particular files should be retained and where, he said. A master catalog — such as the Information Map add-on for NetBackup — helps you keep track of what you've got, where it is, and who owns it.

Don't recognise the 3-2-1 rule? Keep at least three copies of data, on at least two devices, with at least one copy offsite.

Fire drills are about making sure you really can recover data when you need. This can be as complex as checking that a secondary site really will go live if the primary falls over, or as simple as recovering an arbitrary file to a PC and checking that it is still identical to the original.

Veritas ransomware

Veritas' intention is to protect data wherever it lives, be that on physical, virtual or cloud infrastructure. One Veritas back-up system and one licence covers the lot,Jelley said, whether that is NetBackup for enterprises or Backup Exec for mid-market and SMEs.

The software provides efficient image or snapshot based back-up, with the ability to recover an entire image or specific files. Furthermore, the recovery process brings back exactly what's needed, without having to fetch the last full back-up and then apply subsequent incremental back-ups to reach a certain point in time.

Jelley pointed out that Backup Exec 16 FP2 can compress and deduplicate cloud back-ups (saving up to 90% of the storage required), makes better use of the available bandwidth, and supports additional cloud tiers, including AWS Gov Cloud and specific regions. It also provides enhanced integration with VMware and Hyper-V.

He agrees that one of the problems with using cloud storage for back-up is that the cost can be uncertain – for example, there may be extra charges for recovering data from otherwise cheap storage. But "we're trying to help customers" by providing a platform-agnostic back-up system to help avoid lock-in to any one cloud operator, offering around 30 connectors for public and private cloud storage, and supporting movement between different providers or different tiers (eg S3 and Glacier) on the same service.

Veritas also supports back-up of popular NAS devices, while the CloudPoint add-on for NetBackup and Backup Exec service covers public, private and hybrid clouds (including AWS, Azure, Google Cloud, HDS G-Series and HP 3Par).

In closing, it's always encouraging to hear stories about vendors eating their own dog food: just before Jelley set off on his current trip, a colleague spilled coffee on his laptop. But it had been backed up just three hours earlier, so he could easily recover what was needed.


Recently iTWire remodelled and relaunched how we approach "Sponsored Content" and this is now referred to as "Promotional News and Content”.

This repositioning of our promotional stories has come about due to customer focus groups and their feedback from PR firms, bloggers and advertising firms.

Your Promotional story will be prominently displayed on the Home Page.

We will also provide you with a second post that will be displayed on every page on the right hand side for at least 6 weeks and also it will appear for 4 weeks in the newsletter every day that goes to 75,000 readers twice daily.



Some of the most important records are paper-based documents that are slow to issue, easy to fake and expensive to verify.

Digital licenses and certificates, identity documents and private citizen immunity passports can help you deliver security and mobility for citizens’ information.

Join our webinar: Thursday 4th June 12 midday East Australian time


Stephen Withers

joomla visitors

Stephen Withers is one of Australia¹s most experienced IT journalists, having begun his career in the days of 8-bit 'microcomputers'. He covers the gamut from gadgets to enterprise systems. In previous lives he has been an academic, a systems programmer, an IT support manager, and an online services manager. Stephen holds an honours degree in Management Sciences and a PhD in Industrial and Business Studies.



Recent Comments