Cyber Recovery: Critical Rebuild Systems
Posted by Tony Ocampo on Aug 26, 2020 10:00:00 AM
Should the dreaded day that your organization suffers a ransomware attack arrive, the severity of the damage could vary from a simple file system encryption to a total lockout. Depending upon the misfortune your IT team is dealt with, the recovery process could possibly consist of a total wipe of the servers, storage, backups, especially critical systems, logical configurations, and property. The most difficult thing to swallow is when you thought you had everything covered in your disaster recovery or backup systems—only to find out the opposite is true.
ConvergeOne has a Cyber Recovery offering for a vaulted copy of the data center, but most importantly, we provide an Advisory Workshop that helps customers identify critical system rebuilds that cover the totality of the data center. We will advise you on the process and sequence of recovery based on the Recovery Point Objective (RPO) and Recovery Time Objective (RTO) requirements of the applications and data. We will determine the systems that will be required to be rebuilt and configured during this workshop. The items listed below will be incorporated in the runbook operations specific to the customer environment.
The two major categories that we raise awareness with customers are the data center infrastructure components and the applications/data that are in the custody of that infrastructure. Here are just some of them:
DATA CENTER INFRASTRUCTURE
- Server Hardware Configurations: Documentation, configuration exports, backups
- Network and Network Devices: Documentation, configuration exports and backups, circuit accounts, IP addresses, WAN, VLAN, wireless configurations, topology diagrams
- Network Services: Directory Services backups, DNS, DHCP, Active Directory
- Administration and Root Accounts: Documentation, permissions, roles, policies, certificates, passwords, keys, backups
- Security Devices and Processes: Documentation, configuration exports, backups
- Virtual Infrastructure Servers (Hypervisor, vCenter, infrastructure configs/databases): Install media, license keys, documentations
- Virtual Desktop Infrastructure (Hypervisor, vCenter, infrastructure configs/databases): Install media, license keys, documentations
- Storage: Documentation, SAN and Volume configurations, controller system logins, licenses
- Operating Systems: Install media, VM images and templates, license keys (Windows, Linux, etc.)
- Backup Systems: Install media, Documentation, configuration exports and backups
- Vendor Support: Account numbers, support keys, documentation, Vendor Account Team contacts
- Team Staff and Support: IT and business contact information, emergency contacts, business response notifications
APPLICATIONS AND PROCESSES – IDENTIFY BACKUPS AND CYBER RECOVERY NEEDS
- Critical Business Applications (HR, Accounting, Manufacturing, Operations applications): Install Media, licenses, documentation
- Application: Data/Database integration and dependencies
- Data: File system and file share backups, directory structure and permissions
- Database: Backups of system database and application database backups, security, roles, security, install media, and licenses
- Database Workflows: Documentation and configurations of database scripts, jobs, stored procedures
- Other Application Dependencies (emails, notifications, triggers, functions): Documentation and configuration backups
- Development Tools and Workflows: Backups, install media, licenses, documentation
- Intellectual Properties: Documentation, diagrams, bill of materials, confidential information
At a high level, this list is quite extensive. Many organizations only back up the data and applications, but you have to ask yourselves one important question: Where am I going to find all these resources in the event of a total data center lockout that requires a full wipe and complete rebuild? Wouldn’t it be a relief if you had all these resources in a central repository within a cyber-protected vault, ready for a critical system rebuild?
Think about it.
COULD YOUR ORGANIZATION RECOVER FROM A RANSOMWARE ATTACK?
ConvergeOne Cyber Recovery Services provide a combination of specialized cyber vault and indexing technologies with traditional backup platforms, giving you the ability to recover your systems and data to resume operations as quickly as possible. Register for a complimentary Cyber Recovery Workshop today to learn more about the value and importance of Cyber Recovery Services.
Topics: Data Center, Cyber Recovery