BLOG

Make ERP Disaster Recovery Plans Before Ransomware Attacks

John Schmidt | Director of Managed Services and Infrastructure

Ransomware attacks are ever-present. This makes planning ahead for ERP disaster recovery a critical step for every organization. Take 2020, when attacks ticked up as businesses became ever-more reliant on remote work. Q1 2020 saw a 25% increase in overall attacks, 1 while the average ransom payment rose 33% from Q4 2019 to $111, 605. From governments to law firms to global manufacturers like Honda, no one is immune.

If you think $111,605 is a lot of money to pay an attacker, you’d be right. That is why it is better to plan NOW to avoid these scenarios. For a fraction of the cost, you could be well-prepared and protected. Unfortunately, too many businesses either don’t prepare or worse yet, think they are prepared until they experience a ransomware attack and ERP disaster recovery becomes nearly impossible.

A Cautionary Ransomware Tale

Such was the case with a manufacturing customer we worked with. In this case, the ransomware attack compromised all company systems and took out company backups that were on the same network. Data loss was severe, and the business was closed for a few weeks to get everything sorted. That’s when they came to us for help.

Our team jumped into action, using an old backup on a thumb drive to restore what systems we could. We took over hosting, rebuilt their environment, and got as much data back online as we could using their last backup. We got their QAD production environment online so they could open their doors and get back to doing work.

It was a full team disaster recovery effort from our MSERV “managed services” team, to Strategic Consulting, and even the sales team got involved to upgrade some EDI systems that needed refreshing. Overall, we got the work done in two weeks for this customer; other customers have been both faster and slower since so much depends on the advanced planning each company undertakes.

ERP Disaster Recovery Done Right

So, what is the “right way” to plan in advance to handle ransomware? It starts with employee training. Over 90% of data breaches are caused by human error,2 making cybersecurity training an absolute must. There are great online programs to make sure the training is done right and that employees truly understand it. Some systems even send fake phishing emails to test employees after their training and enroll them in remedial training if they fail. That is a deterrent enough to make staff take online security seriously and recognize it as a personal duty each employee shares.

Beyond upfront training, it is essential that your ERP systems are set up, hosted, and monitored in ways that protect you from the worst should a ransomware attack happen. We counsel our clients to maintain offline, offsite backups so that if ransomware attacks, they can initiate recovery without data loss. Remember that old thumb drive? We can do MUCH better.

If you’re worried about your on-premise environment, talk to us about getting a system Health Check. It is the best way to identify weaknesses and get a proposal for what changes are needed to protect your company should the worst strike. I would recommend doing that soon because if life tells us anything, the worst happens when you least expect it.

The ransomware attack compromised all company systems and took out company backups that were on the same network. Data loss was severe, and the business was closed for a few weeks to get everything sorted. That’s when they came to us for help.

SOURCES:
1. Ransomware Has A New And Very Valuable Hostage In Sight: https://www.forbes.com/sites/bobzukis/2020/06/18/ransomware-has-a-new-and-very-valuable-hostage-in-sight/?sh=4035c0a0170f
2. The Importance of Training: Cybersecurity Awareness like a Human Firewall: https://www.entrepreneur.com/article/340838

Contact Us

For more information or to discuss your disaster recovery strategy, contact our Strategic Experts.

Let's Chat