One-Click Restore, Next-Gen Recovery
One common problem when fighting malware is removal. Many endpoint security products scour a system to try and find all the remnants of a malware program. However, it can be difficult to locate and reverse all the activities that malware did on a computer. To make matters worse, many malware programs go undetected for some period of time before they are discovered. This is where One-Click Restore comes in.
NeuShield’s One-Click Restore technology takes a different approach by creating regular snapshots of the computer’s operating system, allowing users to restore the computer back quickly and easily to one of these snapshots. One-Click Restore can be used to remove malware, such as ransomware, adware or trojans, or even to remove a bad Microsoft patch.
As part of the snapshot One-Click Restore includes files, registry keys, drivers, services, scheduled tasks, settings, user accounts, installed applications and other items needed to restore the system back to the previous state. User files, such as documents, picture and videos are not restored as part of One-Click Restore, meaning that One-Click Restore can be run without losing user data.
What an average ransomware outbreak looks like
When a system is hit with ransomware and files become encrypted it means that the ransomware has already bypassed existing security mechanisms. However, many ransomware authors don’t stop after hitting one system. It is not uncommon for an attack to hit 20% of a corporation’s computers or more. When an attack like this occurs, unless the corporation decides to pay the ransom, the normal remedy is to restore data from a backup.
However, restoring from a backup after a ransomware attack is not ideal. The first task that needs to be done is to remove the ransomware. Since the ransomware bypassed all security measures, the typical way to remove the ransomware is to reimage the system. Once a new image is on the system, they can begin setting up email and other settings unique to that user and restoring the user’s data. Restoring data itself can be quite time consuming, especially if there are many computers that need to be restored all at once.
On average, it takes a corporation between 4 to 8 hours per system and 16 days total to recover from a ransomware attack. But many ransomware attackers also target the backup files. If the backup files are network accessible, such as in the cloud or on a network drive, then there are many techniques that attackers can use to access and ultimately corrupt those backups.
During a ransomware outbreak, IT staff commonly work overtime, evenings, weekends and, in many cases, even throughout the night. IT teams are not usually staffed to recover a large volume of computers all at once. Because of this, some companies have gone as far as purchasing new equipment for their employees who were impacted.
This is where NeuShield comes in. NeuShield’s One-Click Restore was designed to allow recovery of impacted systems with just a few clicks. And, as it becomes more and more common for employees to work remotely, One-Click Restore can be triggered remotely so there is no need for IT to have physical access to the computers. This frees up IT and security staff to focus on more pressing issues.
When there is an incident, speed of recovery is paramount. There are several things that NeuShield Data Sentinel does to help reduce the recovery time. First, since One-Click Restore is just returning the computer back to a previously known good state all the user’s previous settings, applications and documents are maintained during the process so there is no need for the IT staff to re-setup the device after recovery.
Secondly, since NeuShield stores One-Click Restore snapshots locally it can recovery the system without requiring network access or any external data repository. This speeds up the recovery process and allows IT staff to recover many computers in parallel without worrying about flooding the network.
Cost is another important factor. There are many ways that NeuShield saves a corporation time and money. There are savings in reduced downtime (meaning reduced loss of revenue), reduced IT costs and even reduced premium costs of cyber security insurance. But maybe the best thing that NeuShield can give a corporation is peace of mind knowing that their data is safe, and their computers can be recovered quickly in case of an attack.