By Commvault Customers
IT Central Station
Ransomware can wreak havoc on a business or public sector organization. In an instant, data of incalculable value is encrypted and rendered useless by a malicious actor who demands a ransom for its decryption. Faced with operational paralysis, many victims elect to pay rather than deal with weeks of costly remediation. Even then, however, there is the risk that the attacker has embedded implants that can reprise the attack at a later date or cause unknown damage down the line.
Backup and restore operations offer a workable solution. When data, as well as critical systemic elements, are backed up and available for rapid restore, it is relatively simple to recover from a ransomware attack—without paying off the perpetrator. In this article, professionals who have written Commvault backup and recovery reviews discuss their experiences handling the ransomware threat.
“We have helped many clients to recover from ransomware using Commvault,” said Sivashanmugam N., CTO of Greenware Technologies LLC, a tech services company. He added, “For one of our clients, we were able to get them back into production in one week. That was an environment with 200 servers and 1,400 user backups. Without Commvault it would have taken some months.” For this user, one of the most valuable features of the solution is the encryption, which helps save an organization from ransomware. As he explained, “Because the data is already encrypted, it cannot be encrypted again.”
According to Amin I., a Senior Systems Consultant at eSky IT, another tech services company, “Sometimes our users are attacked by ransomware or by a virus or trojan, and their data is encrypted or deleted. Commvault has helped us in these scenarios. It has always been successful in restoring the backup.” Vladan K., a Head of Information Technology Group at the Ministry of Environmental Protection, a government agency, also found Commvault’s protection against ransomware to be an important feature. He explained, “If an employee gets a virus on their computer, we will not worry about it, or if their computer is hit by ransomware, their data will be protected in the backup. That feature is very nice.”
One IT Central Station member shared an experience that captures how the right backup and recovery solution can help an organization overcome even a severe ransomware crisis. Filip H., who now works as a Backup Engineer at a pharma/biotech company with over 10,000 employees, previously worked at a business that suffered a massive ransomware attack. As he put it, “The company lost its whole Windows infrastructure, so it didn’t have Active Directory. Commvault was on Windows as well and the Knowledge Base which ran on Linux was authenticated with AD. Everyone lost their workstations.”
This seemingly irredeemable situation was resolved however, through Commvault’s functionality and service structure. Filip H. described how, in the recovery process, they got the database from Commvault. As he revealed, “Part of raising cases includes the ability to upload databases to Commvault. The Windows team found a backup of the main controller and the most important thing was to start communications and for everyone to have Active Directory. With Commvault’s support, we were also able to develop a process which recovered Volume C, and that was sufficient to fix the images.”
Working this way, they were able to recover the whole infrastructure from scratch. He noted, “Without Commvault, or with another solution based on Windows, I don’t think the recovery would have been possible. I had never seen this kind of disaster. Nobody expects to lose everything. You think about losing the primary location or a remote office location, but no one thinks about losing the whole platform.”