Healthcare is a prime target for cybercriminals, with ransomware recently dominating headlines and becoming a regular occurrence. Kansas Heart Hospital is the latest ransomware victim to publicly state that it paid the demand. However after paying the first ransom, the attackers boldly demanded a second ransom to decrypt data. Other recent headlines highlighted attacks at Chino Valley Medical Center and Desert Valley Hospital of Victorville, and Hollywood Presbyterian.
For the most part, healthcare organizations are not prepared to defend against and recover from cybersecurity threats. However, the fastest way to regain access to your critical files following a ransomware attack is to have a backup of your data. Without a comprehensive and modernized backup strategy, consequences can be serious. With an effective backup solution, healthcare organizations can avoid business disruption. Proof of this is Methodist Hospital in Henderson, Ky. It was able to regain control of its data following an attack because the hospital had an effective backup system in place.
With the growing number of threats, coupled with the evolving sophistication of attacks, healthcare organizations need to clearly understand the cybersecurity cost tradeoffs of investing in a strong backup and recovery solution to guard against loss of access to critical data and the resulting impact on patient care.
Commvault and Data Protection
By enabling users to backup data stored on laptops, desktops and other devices, Commvault software can help reduce the harmful impact of ransomware attacks and allow users to recover backup data copies anytime and anywhere, without the need to pay ransom demands to decrypt data from production servers. With the extraordinary amount of Protected Health Information (PHI) being created and stored in electronic healthcare records (EHR), healthcare organizations are using Commvault solutions to augment or replace legacy data protection solutions to capture, protect and backup EHR data.
The easiest targets for ransomware are laptops, desktops and mobile devices, as users do not always have the connectivity to backup files and data to your corporate server. By maintaining a secure, regularly scheduled backup of your organization’s laptop computers, you can more easily recover from a ransomware attack. In March, we talked about Commvault’s Endpoint Data Protection as insurance in the event that all of your other endpoint security tools have failed. Without a secure copy, your only other option is to pay the criminal’s ransom price and pray they’re honest enough to provide you the keys to get your data back.
With Endpoint Data Protection, Commvault enables data created and stored on laptops, desktops and more, to be accessible anytime, anywhere — with a self-service recovery portal accessible from any web browser or mobile device. If a system is impacted by ransomware, it can easily be wiped clean and rebuilt to minimize damage. Commvault delivers an integrated, automated data protection approach that provides a single, complete view of all your stored data no matter where it is—on premise or in the cloud.
It is critical to have external copies of the data, beyond just snaps or versions maintained on the source system. Simply relying on local snaps can leave you exposed, as hackers may find and delete them. Maintaining versions from prior recovery points that are preserved in protected locations are very important. Having copy separation, different MA’s, different sites and the old standby offline media is one way you can reduce the risk associated with typical ransomware attacks.
Guarding information from ransomware attacks should be a top priority for healthcare organizations to avoid the loss of availability to critical information and systems. Commvault provides the flexibility to protect and recover your data in multiple ways to help remediate the impact of these attacks, and to best meet regulatory and governance requirements, SLA’s and business needs.