Databarracks has announced that law firm Magrath LLP has adopted its Cyber-DRaaS product. Databarracks first showed Cyber-DRaaS at the European Legal Security Conference in June before releasing in July. Cyber-DRaaS is positioned as a solution to ransomware attacks.
According to Nick Doughty, Head of IT, Magrath LLP: “Cyber-DRaaS was a no-brainer for us. It’s always difficult to speak with any certainty about cyber threats – software-based security solutions can’t guarantee that anyone is 100% protected, so we have to take all of the necessary steps to prepare and protect ourselves.
“From a technical standpoint, Cyber-DRaaS means we have 2 different scanning engines, and because we are scanning offline, we can do so far more aggressively that we can do on our production systems. To recover from a ransomware attack without Cyber-DRaaS would take an uncomfortable length of time, so by using the service I know we’re protecting ourselves and our clients in the best possible way.”
Combining disaster recovery with cybersecurity
What Databarracks Cyber-DRaaS offers is a combination of disaster recovery services and cybersecurity from Trend Micro. Customers replicate their systems to the Databarracks data centres using Zerto. The backup is recovered to a temporary environment and then scanned with Trend Micro Deep Security. The backup is only stored as a recovery point once it passes this test.
What makes this interesting is that any malware discovery forces the system to scan the last 72 hours of backups. This provides customers with a proven clean point from which they can then restore. As malware signatures and indicators of compromise are updated, so is the protection. It removes the problem of restoring a system only to find it going back down again a few hours later.
This is a major step forward for most companies when it comes to protecting themselves. For companies hit by ransomware it should ensure that they are able to reliably restore their main systems. It is not a magic bullet. It won’t be long before malware authors work out how to defeat the system. Databarracks is scanning back 72 hours but may have to go back further if malware lies dormant for a short period.
There are also questions as to whether it would be possible to recover some data from partially infected systems. This would be useful for many customers. This would reduce the amount of data lost when they have to roll back several backups.
It will be interesting to see how quickly other industry sectors take up this service. For a legal company where there is significant compliance issues this is an interesting solution. Doughty certainly likes the system saying: “Good backup and disaster recovery practices are not just about the obvious matter of protecting the firm’s clients. That remains our priority, however we’ve also got to stay competitive within the changing legal landscape, where customers are starting to expect a mature disaster recovery function as standard.
“As regulations become more prescriptive and introduce tighter controls, customer expectations also begin to rise through a kind of osmosis. They expect the firms they work with to employ and attain certain certifications, standards and processes. Operationally, you’re only ever as strong as your weakest link, and using a supplier necessarily means broadening that risk, particularly for DR.”