It is no secret that ransomware has been gaining momentum. According to Cybersecurity Ventures, attacks are occurring every 11 seconds and in 2021, ransomware not only became more complex and frequent, but it cost the world $20 billion in damages. This was 57x more than it was in 2015. Thanks to the rise of Ransomware-as-a-Service (RaaS), ransomware has become mainstream because practically anyone can launch an attack. According to Gartner’s Emerging Risks Monitor Report, the threat of emerging ransomware models was the top concern facing executives in the third quarter of 2021.
IT executives at a global pharmaceutical company acutely felt this concern a few years ago when the company was hit by ransomware. The attack took down most of the organization’s network infrastructure, but luckily, the team managed to restore 95% of the network within two days. Ultimately the attack highlighted the vulnerability of storing data on-premises, as well as the complexity of the company’s backup environment.
Replacing legacy backup architectures with a single solution
Because it grew by acquisition, the global pharmaceutical company’s IT team had to manage a disparate environment that included seven on-premises Microsoft Exchange servers across the globe. And, each server was backed up with a different on-premises solution — including Microsoft Data Protection Manager (DPM), Veeam, Veritas Backup Exec, and Backupify.
But, legacy on-premises backup architectures have vulnerabilities. For example, during a ransomware attack, the operating system (OS) of the backup infrastructure servers are vulnerable and can be compromised, resulting in impaired backup systems. This is a huge concern because, with emerging ransomware strains like Conti, cybercriminals are encrypting, corrupting, and deleting backups before compromising as much production data as possible, which makes recovery a grueling challenge.
The ransomware attack was a wake-up call, and, as a result, the company increased investment in migrating data to the cloud. The IT team wanted to support the move by choosing one consistent software-as-a-service (SaaS) backup solution to protect the company’s data. Enter the Druva Data Resiliency Cloud.
“We reviewed different solutions but were surprised that the Druva Data Resiliency Cloud was the only one that natively supports a multi-geo environment for Microsoft 365,” a senior IT leader said. “That made us eager to evaluate Druva.”
And with Druva storing backups in Amazon Web Services (AWS) — fully separate from the company’s primary Microsoft Azure environment — the IT leader knew using it would help protect against ransomware. “I could tell straight away that Druva would make it fast and easy for my team to restore data at a granular level. Plus, it would be simple to prove compliance with regulations to clients and governments,” said the IT leader.
Cyber resilience, centralized management, and peace of mind for SaaS, hybrid, and AWS workloads
The pharmaceutical services provider now protects its most important customer and business data using Druva — including Microsoft 365 (Exchange, OneDrive, SharePoint, and Teams) for 3,800 users, and Oracle databases running in Amazon EC2. The team prioritized deploying Druva to protect those critical databases first, since each stores pharmacovigilance information related to adverse medical events.
The Druva Data Resiliency Cloud delivers isolated, long-term backups on the AWS platform that are protected against ransomware attacks and are fully separate from the company’s primary Microsoft Azure environment. With Druva, the team now has multiple restore options to recover data at a granular level (any level, point in time, single file, or an entire site). And, cloud-native backup and recovery for Microsoft 365 data and AWS workloads means no legacy hardware, minimal administration, and the flexibility to scale infrastructure on demand.
Equally important to the senior IT leader is peace of mind. The IT team is finally confident that the company will recover easily if data is compromised again. “When ransomware hits, we know our data in the Druva Data Resiliency Cloud is completely detached from Microsoft Active Directory,” the senior IT leader said. “That allows us to simply log into it using non-Active Directory credentials on a system that’s not tied to our domain so we can immediately start restoring data.”
What’s next?
Read the case study to learn how this organization achieves 5x faster file recovery and spends 50% less time managing backups with the Druva Data Resiliency Cloud.