Disaster recovery (DR) is the only real defense against ransomware attacks. However, a recent survey of 150 technical and business decision makers from organizations with more than 150 employees, conducted by cloud hosting services provider iland, suggests most organizations are not especially good at it.
Nearly three quarters (73 percent) said they have experienced a failure at some point, with almost two-thirds reporting they experienced an outage within the last 12 months and nearly half noting it occurred in the last six months. Just over half of respondents (54 percent) said they have an actual documented, company-wide DR plan in place.
Furthermore, only 50 percent said they test those DR plans once a year or more frequently, with 7 percent admitting those plans have never actually been tested. Most concerning of all, no respondent said their DR test was completely or moderately successful.
Of the problems encountered, 67 percent of respondents cited networking issues and service unavailability as two of the most prevalent issues, with 50 percent of those surveyed each selecting data integrity problems, application performance issues, and missing critical workloads. According to the survey, 62 percent of respondents also reported networking issues as the cause of frequently encountered problems with failback to original sites.
Ransomware taking advantage of disaster recovery limitations
Cybercriminals are clearly betting on the fact that organizations will not be able to recover a pristine copy of their data. The iland survey explains why so many cybercriminals are making audacious ransomware demands. Eventually, however, organizations do respond to negative stimuli.
A recent report published by Research Dive suggest that demand for disaster recover-as-a-service solutions that can be employed to thwart ransomware attacks is expected to sharply increase. DRaaS platforms are forecasted to generate $57.1 billion in revenue by 2026, representing a compound annual growth rate of 43 percent beginning in 2019.
There are a lot of reasons why organizations might want to invest in DRaaS, but ransomware attacks are now at the top of the list. Gartner defines DRaaS as service encompassing server image and production data replication to the cloud, disaster recovery runbook creation, automated server recovery within the cloud, automated server failback from the cloud, and any network element and functionality configuration, as needed. Source servers supported must include a combination of both virtual and physical servers with the context of a service level agreement (SLA), according to Gartner.
MSPs must be ready to meet DRaaS expectations
Technical specifications aside, the end customer expects an MSPs to be able to hit specific recovery point and time objectives. Missing those objectives will result in financial pain under the terms of the SLA. The issue MSPs need to come to terms with is the degree to which they expect to be able to live up to those customer expectations, especially in the event of a ransomware attack. The folks that sign those SLAs are counting on MSPs to save them from having the worst day of their career.
The good news is that MSPs that can make good on that promise, should expect to make a lot more profitable revenue than an MSP that only provides access to a comparatively simple backup and recovery service. After all, in most cases where a DRaaS platform is required, time is of the essence.
In an ideal world, of course, there would be no ransomware attacks. However, until that day should arrive the next best thing for most organizations is an MSP that provides a DRaaS platform they know they can count on whenever needed. They may not always appreciate having to pay for that service but it’s a lot better than caving into random extortion demands that in all probability will only increase as cybercriminals keep coming back for more.
Photo: Pla2na / Shutterstock