Security and ransomware are the hot topics for MSPs and their customers so it’s a no brainer that most MSPs have some sort of managed security offering in their services portfolio. The challenge, however, is that most security and ransomware solutions typically focus on discovery, prevention, and avoidance with the assumption that if enough money is invested in these areas that there will be no need to perform an actual recovery (fingers crossed). As an MSP with responsibility for keeping a customer’s infrastructure available and running, ask yourself these questions…
- “if one of my customers gets ransomed, how long will it take my organization to recover that customer to production state?”
- “how much will it cost me in technical resource hours to recover the customer?”
- “what preventative actions can I take today for my customer that would speed up a future recovery scenario?”
- and finally, “will they still be a customer when the dust finally settles?”
Scary stuff, and as a leader in your MSP organization, I bet that these are thoughts that keep you awake at night.
Why don’t we just make the outer shell harder?
Hardening the outer shell of enterprise infrastructure is mandatory so most MSP’s focus on this angle of security by offering solutions such as next gen firewalls, endpoint protection, MFA, and identity access etc. All well and good for business but the one really big thing that most MSPs don’t talk about with their customers is the “what if” scenario. What happens IF the hacker gets inside the hardened security shell and ransoms’ the soft inside infrastructure and what steps can they take to remediate the ransomware? Critically, how quickly can they get their customers back up and running with as little disruption as possible?
In this post we will discuss a significant gap in security & ransomware services that is pervasive across the entire data protection and data security industry. We will also share how MSP’s can sleep at night knowing that they can recover their customers core mission-critical infrastructure services quickly and with minimal pain in the event of a ransomware attack on a customer’s critical infrastructure.
But my storage/backup vendor takes snapshots and protects all my data!!!
Backups and snapshots are a table stake in the IT world and it’s critical that they be configured properly and tested regularly as part of a proactive disaster recovery protocol. The big gap with storage and backup software vendors is that they typically only back up the actual application data itself. Most backup solution vendors protect system state, system volumes, reserved partitions along with personal and application files and data. Sadly, however, and while backups are a necessary data security component, none of these data protection solutions actually backup and snapshot the operating system of the physical server that is configured to your customer’s exact working configuration including application files, management tools, etc.
Backup vendors assume you recover the backups and snapshots AFTER you have completed a fresh install of that clean physical server, gotten it on the domain, configured settings properly, and installed the application software. Now multiply this by 10, 20, 50, 500 servers and you can see why data protection vendors don’t talk about core mission critical infrastructure services that need to be recovered and configured long BEFORE they instantiate their tools to bring the pre-ransomed data back into production.
The recovery ‘panic-room’ at the heart of a customer’s critical infrastructure
Nebulon TimeJump is the secret panic room at the heart of the core mission critical infrastructure that helps MSPs broaden and enhance their cyber resilience solutions to include a strong remediation and recovery capability that can drive new revenue opportunities and help MSP principals actually sleep at night. Nebulon is the first and only combined server and storage solutions architected to help MSPs recover the core mission critical infrastructure at the heart of their customers business in the time it takes to reboot the server.
Recover so you can Recover
With Nebulon TimeJump, critical enterprise data services such as encryption and snapshots are enabled via a server-embedded services processing unit (SPU) that sits in a separate security and fault domain from the server. This means that ransomware cannot encrypt or delete snapshots, nor disable the management services enabling restoration of data. Nebulon TimeJump solves the ransomware paradox for management infrastructure where management tools and VMs are needed for OS recovery, but the OS is unavailable to run the management VMs. Nebulon places the control plane in the cloud, so it sits outside of the infected domain and can easily direct the SPUs to recover the OS and management VMs, making recovery simple and fast.
What to do if you are an MSP with a managed security practice?
If you are an MSP that has a managed security practice, it is time to expand your discovery, prevention, and avoidance-based solution to include important customer conversations around the “what if” scenario around ransomware recovery and what it takes to get the necessary preventative infrastructure components in place. Take the opportunity to increase your service revenues with an expanded security offering that positions you as an even more trusted partner that offers higher levels of assurance to recovery your customers’ core critical infrastructure services.
To learn more about how Nebulon TimeJump is enabling MSPs to add ransomware recovery to their business models , download this Ransomware Recovery Guide and reach out to Stuart Oliver (Stuart at Nebulon.com) to have a real business growth conversation.