Ransomware and disaster recovery plans
Disaster recovery is a basic element of good continuity planning. Business continuity planning–in the case of schools, the better term might be organisational continuity planning– refers to the broad range of plans created so that a institution can continue to be operational no matter what negative event might occur. Business continuity planning addresses severe, catastrophic events, loss of the top leader or other principals in the organization, severe natural disasters that incapacitate a physical location, etc. Disaster recovery planning is one piece of this broad planning. Specifically, disaster recovery plans refer to how to quickly recover from some event that compromises your IT infrastructure.
In general, smaller schools – which often have limited IT support staff – will utilize the services of a managed service provider to develop disaster recovery plans. One piece of your disaster recovery planning needs to address how the business can protect its data from a ransomware attack. Unike more well known viruses, ransomware doesn’t just access your data, it locks it down so it is unusable. The business model behind this approach is simple: They are betting you will have no segregated backups and will be willing to buy back access to your data.
The only real defense against a ransomware attack is offensive. Just routinely making backups of your data may not necessarily protect it from being held hostage. Talk to your managed service provider about the design of your backups and how they are structured so that you will always have a “clean” copy of your data. If you want to defeat the designers of ransomware, your only real solution is to have uninfected backups. As long as you have these, you can simply refuse to pay the ransom. In the case of this virus, offense is the only defense that will keep your data safe.