cancel
Showing results for 
Search instead for 
Did you mean: 
How Controlling IT Complexity is the Key to Ransomware Resiliency

Complexity is the enemy of IT. And for many organizations, that enemy is getting stronger.

The demands of any enterprise require IT departments to ensure that applications, workloads, and data are always available across physical, virtual, and cloud environments. It is critical for business leaders to have granular insights into the data to ensure business-critical information is always protected and recoverable, and meets compliance requirements. If an enterprise is hit by a ransomware attack, IT must be able to ensure it can get the data back quickly, minimizing business disruption, cost and mitigating any impact to its reputation.

Yet complexity threatens to prevent enterprises from reaching these goals.

Many enterprises today still have mainframes for bulk data processing or applications, running alongside client/server systems and virtualization. They’re also adding new technologies like open-source, serverless computing, and hyperconvergence and are becoming increasingly reliant on containers and Kubernetes to accelerate software releases.

An expanding threat surface

It’s no wonder that given the increasingly heterogeneous environments and adoption of hybrid multi-cloud architectures many enterprises aren’t confident about their ability to mitigate ransomware threats.

Veritas’ 2020 Ransomware Resiliency Report had a few startling findings. Respondents who said their company was attacked by ransomware and paid the full ransom were using a mean of 14 cloud services (IaaS, PaaS, and SaaS). Those paying part of the ransom had a mean of 12.6 cloud services. Those not paying any of the ransom had a mean of 7.2 cloud services.

Respondents whose enterprises were using more than 20 cloud services were less confident in their ability to recover their data than those using fewer than five.

The explanation is straightforward: increased multi-cloud adoption is expanding the IT threat surface and enterprises are less able to detect malicious activity or recover their data to meet recovery time objective targets. Ransomware attacks rarely impact just a single system: often, one device infected with malware can snowball into an entire data center impacted. This effect complicates data recovery.

We’ve talked about best practices in recovering from a ransomware attack and having a zero-security mindset. But getting an organizations’ proverbial arms around, and reining in, IT complexity, presents a new challenge.

The concept of abstraction

Most companies can’t rip everything up and start over. They need to work with what they have. So the most effective approach to mitigating the effects of complexity can be summarized in one word: abstraction.

Abstraction isn’t a new IT concept. It’s been around for a while. Essentially, abstraction shows you what you need to see, and filters out everything else. You can distinguish signal from noise if you can view and analyze the details and patterns that matter and hide irrelevant details.

Abstraction also allows IT departments to focus on what matters: outcomes.

With effective IT infrastructure abstraction, you can ensure three things:

  • Application availability: IT needs to know not only that an application is running, but that it’s performing as expected. Abstracting an enterprise’s infrastructure across physical, virtual and cloud systems with application-aware software-defined infrastructure allows you to verify that applications are performing as the business requires. It also allows for better recovery testing so that you can get understand how quickly you can get a business service running again after a ransomware attack.
  • Data management and protection: Abstraction allows IT to protect data at scale across client/server, virtual, cloud, and serverless, including backup and recovery across storage arrays and clouds, removing the complexity associated with disparate storage solutions.
  • Better insights and data classification: Abstraction also allows IT to simplify their data landscape by correlating and analyzing data across on-premises, virtual and cloud environments, understanding the value of their data, as well as potential backup issues. For example, abstraction could allow an IT department to predict that a backup pool will fail, allowing them to take action and mitigate the threat of data loss due to ransomware or disaster.

With malicious actors spinning up new and more complex ransomware threats daily, growing complexity is a constant worry for IT leaders, who are under constant pressure to mitigate the financial and reputational risks of ransomware.

With effective abstraction, making sense of IT complexity doesn’t have to be like boiling the ocean. IT can attain increased visibility, availability, and protection of their data, giving them another critical tool in the fight against ransomware.