Mitigating Ransomware Risk: What You Need to Know

Tintri and Entara Share Practical Insight on Ransomware Attacks and How to Recover

CHATSWORTH, Calif. – May 5, 2022 – In 2021, the number of ransomware attacks rose 105% worldwide, crippling supply chains, causing system downtime and economic loss.1 It is imperative that all companies – large and small – are prepared for the inevitable ransomware attack, as data is any business’s most valuable asset. Tintri®, a DDN® subsidiary and the leading provider of auto-adaptive, workload intelligent platforms, and Entara, delivering exceptional, security-focused IT solutions for its clients, have teamed up for a three-part webinar series to share insights about what ransomware is and how to proactively limit exposure to future cyber threats, as well as hold an open Q&A session where attendees can ask the experts for practical advice.

Understanding Ransomware

In the first session of Tintri’s Talk In Thought Leadership Series, Michael Brunetti, director of professional services at Entara, joined Steve Phillips, principal systems engineer at Tintri and shared what happens when a company is attacked. Over the past three years, Entara’s professional services team has completed over 100 projects and nearly 40,000 hours of work helping companies of all sizes recover from a ransomware attack. From this experience, Brunetti shared, “Ransomware will affect an entire organization. It will move from one person to a workstation to an administrator and disable security tools in place. It has the ability to map out an organization’s entire infrastructure and attack very quickly.”

Attacks generally stem from human error, not technology inefficiencies. Traditionally, ransomware attacks start with a phishing campaign and an employee clicking on a malicious email.

Attackers will disable backup data, then delete any backup systems and snapshots of data in storage arrays to ensure the business is immobilized. “Once inside a company’s infrastructure, the attackers will encrypt anything they have access to, forcing the organization to talk to them,” said Brunetti. “Without access to backups or snapshots of data, the organization has to make a decision to either has to pay the ransom or rebuild from what is remaining.”

Taking Preventative Measures

In the second session, Brunetti and Phillips discussed various ways to recover from a ransomware attack, focusing on restoring data from backup storage resources to rebuild a company’s infrastructure and ensure business continuity. Citing real-world customer examples, Brunetti shared the pros and cons of restoration using traditional storage versus a storage system with snapshots enabled.

“If you have to move 50 or 100TB of data from backup storage to your production SAN, everything is limited by the performance of your backup storage system,” said Brunetti. “Once your core infrastructure is rebuilt, you can be literally just twiddling your thumbs waiting for data to migrate back to your SAN.”

However, businesses that leverage storage level snapshots, like those available with Tintri VMstore solutions, have the best chance of restoring their network infrastructures quickly. Brunetti recalled, “Entara was deployed to recover a large, 450 server environment that had about 50% of its LUNs backed up with snapshots. The customer was able to operate it’s most critical, revenue driving business applications in a few days because they had partial snaps. We spent the next few weeks restoring the remaining high priority systems used for functions like monthly batch reporting.

“The whole project took no more than one month, while the customer with traditional storage and no snapshot capabilities took 3-4 months.”

During this session, Phillips gave a hands-on demonstration showing how Tintri Global Center (TGC) can be configured to classify different VMs based on priority, and group them to follow the same policies and snapshot schedule.

“VMstore is a powerful product that any business can rely on for effective and efficient data recovery,” said Phillips. “In addition to its unparalleled data recovery capabilities, it provides remarkable VM-level visibility and control that afford unprecedented insights into all virtual applications. VMstore goes far beyond the faculties of traditional storage.”

“There’s definitely a reason we partner with Tintri. Their technology is truly unique in that if you back up your entire infrastructure on VMstore, you won’t need to talk to us for your server infrastructure,” said Brunetti.

Your Personal Ransomware Consultants – Open Q & A Session

Tintri’s Talk In Thought Leadership Series continues with its third session, “Ask the Experts” on May 19 at 9am PT / 12pm ET / 5pm GMT.

Steve Phillips and Michael Brunetti received many astute questions during the first two sessions and will answer those and more during “Ask the Experts.” Questions such as what is the ROI of ransomware protection, what are remediation insurance requirements, and what company resources are needed for protection versus recovery will be addressed.

All registrants that submit a question to Phillips and Brunetti will have the opportunity to win a $500 Amazon Gift Card, courtesy of Tintri and Entara. Click here to register and submit your questions. The winner will be announced during the webinar.

About Entara

Entara sets the standard as the world’s first eXtended Service Provider (XSP). We deliver exceptional, security-focused IT solutions for our clients, including IT managed services, security integration services, and incident response services. We’re built from the ground up to provide the strategic vision, platforms, processes, and people to travel with our clients on the path to their best IT future.

Entara was recognized on the CRN 2022 MSP 500 list in the Security 100 category. We have also has been formally recognized as one of Chicago’s Best and Brightest Companies to Work For® each year from 2017-2021, and we’re consistently ranked by MSPmentor as a Top 200 Global IT Managed Services provider and Top 100 Global IT Security Managed Services Provider. For more information, please visit https://www.entaracorp.com/.

About Tintri

Tintri, a wholly owned subsidiary of DataDirect Networks (DDN), delivers unique outcomes in Enterprise data centers. Tintri’s AI-enabled intelligent infrastructure learns your environment to drive automation. Analytical insights help you simplify and accelerate your operations and empower data-driven business insights. Thousands of Tintri customers have saved millions of management hours using Tintri.

Tintri VMstore provides powerful VM-level tools for protecting, cloning, replicating, and restoring individual VMs based on VMstore’s snapshot technology. Offering features like SyncVM™ and ReplicateVM™, Tintri makes it easy for IT administrators to ensure the recovery point objective (RPO) is as low as possible to speed up the restoration process. Learn more about the Tintri portfolio of solutions at https://www.tintri.com/products.

©2022 All rights reserved. DDN, Tintri and VMstore are trademarks or registered trademarks owned by DataDirect Networks. All other trademarks are the property of their respective owners.

Amiah Taylor. “There’s a huge surge in hackers holding data for ransom, and experts want everyone to take these steps.” Fortune, Feb. 17, 2022

Scroll to Top