6 Steps to Ransomware Recovery in a Commvault Environment

These six steps will help you better prepare and recover from cyber-attacks that have become more sophisticated with time.

Ransomware attacks are becoming more frequent and sophisticated as time goes on, so it is important to know the actions to recovery. “70% of ransomware attacks involved the threat to leak exfiltrated data”.1

It is the worst-case scenario constantly re-defined. It costs companies hundreds of thousands of dollars to pay the ransom, typically. “The average ransomware payment is $154,108”.1

The recovery process is important because organizations want to focus on getting back to business. It is hard to understand the process unless you or your organization have experienced it. These steps will help you understand what ransomware recovery entails and how to approach it.

  1. Contact Customer support
  2. Update and deploy antivirus and ransomware protection software
  3. Recover the Commvault CommServe
  4. Recover Commvault MediaAgents
  5. Create a Client recovery priority list
  6. Initiate recoveries

The first step to ransomware recovery is contacting Commvault Customer Support. This will help determine the level of impact that the attack had and jointly establish a plan.

Step two is to update and deploy antivirus and ransomware software. This step is to prevent the re-spread of ransomware viruses.

Recovering the Commvault CommServe and disabling backup schedules is step three in the process. The company will also need to disable all backup plans and scheduled backups temporarily to keep further damage from happening.  

Step four is for recovering Commvault MediaAgents and access to libraries. It is crucial to make sure that the MediaAgents are accessible and functional.

The fifth step is the client recovery priority list. This is where your organization will generate a list of critical systems and applications and determine what is most important for getting back to business.

The final and sixth step is to initiate the recoveries. The organization must pay attention to the point-in-time to ensure it is pre-infection. This way, you are not recovering from a point-in-time that includes the ransomware files.    

It is important to emphasize starting your preparation today because every little bit will help. Within Commvault Command CenterTM, there are valuable tools and dashboards to understand your data and your data protection and recovery capabilities. A great resource is the Commvault Recovery Readiness Report to evaluate your RPO and RTO service levels.

These six steps will help you better prepare and recover from cyber-attacks that have become more sophisticated with time.

Sources

1 Coveware Quarterly Ransomware Report, Feb 1, 2021

More related posts

Protecting Your Organization from Ransomware Attacks: Three Key Takeaways from Cybersecurity Experts
Ransomware

Protecting Your Organization from Ransomware Attacks: Three Key Takeaways from Cybersecurity Experts

Mar 9, 2023
View Protecting Your Organization from Ransomware Attacks: Three Key Takeaways from Cybersecurity Experts
Data Security through Zero Trust and a Ransomware Strategy
Data Security

Data Security through Zero Trust and a Ransomware Strategy

Feb 2, 2023
View Data Security through Zero Trust and a Ransomware Strategy
Partner and Customer IT and Data Protection Priorities for 2023
Data Protection

Partner and Customer IT and Data Protection Priorities for 2023

Jan 18, 2023
View Partner and Customer IT and Data Protection Priorities for 2023