This post was originally published here by Anurag Kahol.
The recent ransomware attacks that ravaged organizations around the globe last week have brought sudden attention to a longstanding problem. Few enterprises today are prepared for a ransomware attack and while most discussions focus on detection capabilities, disaster recovery is often overlooked. Disaster recovery strategies have always focused on server side failures – datacenters going offline, corrupted databases, and the like – not on mass disablement of clients (laptops and desktops).
Some ransomware variants, like last week’s Petya-related ransomware, are able to corrupt all managed devices in an instant, crippling the organization. An example – one of our Fortune 100 customers was hit hard by the Petya ransomware. Unfortunately, they weren’t making use of our advanced threat protection. Within hours, tens of thousands of devices were infected and rendered useless. This type of disaster is incredibly hard to recover from as restoring devices at scale can take weeks, if not months.
Fortunately for our customer, they were already set up to allow secure access to Office 365 via Bitglass from unmanaged personal devices. Once their internal systems were restored, users could use personal laptops to access email, work on documents, and more, all while IT worked to restore the infected managed devices. Importantly, our customer was able to grant secure access from any device, owing to Bitglass’ unique agentless architecture while maintaining full visibility and control.
Without Bitglass’ CASB controls, an organization exposed to ransomware that affected managed endpoints would have had two terrible options: either stay paralyzed for an extended period, or allow unsecured access to Office 365 from personal devices. Most organizations would opt to allow unsecured access, opening themselves to a new attack vector with potentially worse consequences than the original attack.
Disaster recovery may not be the first thing that comes to mind when you think of ransomware or CASBs, but your organization’s health may depend on it.
Photo:IT helpdesk
