Mike Chen, Synology Manager
Interview

Backup, your last line of defense against Ransomware

Synology’s all-in-one backup solution is the last line of defense in data protection.

[EC] Please describe Synology’s role in protecting against ransomware.

Synology is known as a leading global brand of network-attached (NAS) storage that enables both businesses and individuals to organise, share, and protect their data. To date, there are over eight million Synology deployments worldwide. Synology has helped numerous SMEs simplifying their IT infrastructure by offering a comprehensive data management solution. Meanwhile, as the world began to adapt to the New Normal, we also observe a cyber pandemic phenomenon surging globally.

The world itself has changed in year 2020, speeding up the shifts from offline to online. This trend is not slowing down and we can expect more people and devices connecting to the Internet. If you are connected to the Internet, regardless it’s from home or from work, you are putting yourself at risk with cyberattacks. My years with our Technical Support team we have received several reports of attacks worldwide.

Just this year, In UAE alone, we have seen a 250% increase in cyberattacks with the rising tide of phishing and ransomware incidents. This is the exact reason why we encourage people to protect their data, not just from device failures but more importantly, the unexpected visits of ransomware.

When it comes to data protection, this is where Synology has a profoundly important role to play. Synology’s backup solutions help keep business’ data safe and secure across multiple platforms in the company’s IT infrastructure.

So don’t wait, start making your backups today, multiple backups. With the cost per TB coming down plus our rich backup solutions, you can have peace of mind knowing your precious data is well protected.


If you are interested to learn more about Synology’s total backup solution, we welcome everyone to join the “Backup, Your Last Line of Defense Against Ransomware” on March 24 to learn more about how Synology helps protect your business against Encryption-Based ransomware.


[EC] What are the essentials that make up a good backup strategy according to Synology?

Synology has spent years surveying the industry to find out all the challenges for data backup in business environments. I believe you would agree with me when I say there are always multiple devices running with different OS and software applications in a company, and how to centralised their backup it’s always a massive challenge. We attack this challenge with 3 simple, but yet careful, steps,

The first step is to re-examine the environment. With more and more organisations going cloud or virtual, business workloads are distributed and it becomes troublesome for IT to manage backup. Therefore, before drawing up a backup strategy, it is important to take inventory of the workload that needs backup and identify the environment it lies in. Server, PC, and laptop are the most commonly seen entities from the physical environment; Whereas, SaaS platforms, virtual machines are from the virtual environments. Most importantly, it is critical to accurately record the quantity of these entities.

The next step is to prioritise. Prioritise the data that are needed most to maintain business operation, and pinpoint which data are key entities that come first. For example, the file servers used for core business operation, ERP system, HR system, and PCs of high-level managers are commonly seen as key entities that needed to prioritise. Once identified, build a Disaster Recovery plan with corresponding RTO, Recovery Time Objective, and RPO, Recovery Point Objective, according to your priorities.

Finally, categorise the workload to “hot” or “cold” data which is defined by whether or not the data is frequently accessed. For example, ERP systems, mail servers, and file servers are commonly defined as “hot data” because they are accessed daily and the content changes constantly. Whereas, security footages are seen as “cold data” because they are backed up daily yet accessed rarely unless a unique event occurs.

Once you complete the data inventory by identifying the source platforms, key entities, and level of importance, you can easily customise your backup strategy based on the backup frequency, the number of copies, and backup destinations.

Prevent ransomware with Synology’s all-in-one backup solution.Prevent ransomware with Synology’s all-in-one backup solution.

[EC] What happens if the on-premises data backup fails? And what is the recommended recovery strategy?

This is a good question as it leads us to the golden rule of backup, the Backup 3-2-1 rule. Simply put, this is 3 copies of your data, across 2 different mediums, with 1 copy offsite. An example of this could be storing your data on an on-premise server, with two backups, one on-site and another located on the cloud or at a remote site.

For protecting against ransomware, I personally would like to recommend to take advantage of multi-version backup – a robust backup solution allowing you to restore previous versions of the infected files. Create a multi-version backup and store in an offsite location adds another layer of protection.

Other than having a multi-version backup in different locations, it is important to run regular upfront disaster recovery practices and conduct staff training to validate your business can recover quickly. For instance, in the event of malware attack and all the key data are deleted, which is your go-to destination to retrieve your backup copies? Are these copies safely intact? If you cannot answer these questions on top of your head, it is highly recommended to do regular disaster recovery trainings to make sure that all your digital assets are safely protected in an unfortunate event.


If you have any question please feel free to submit your inquiry via this form, one of the Synology experts will get back to you.


In conclusion, to ensure business continuity, businesses must remain agile to prevent the ever-evolving malware threats. I hope my messages in the above has reached you in several ways, and if I may, let me quickly summarise it again for you.

First, make sure that you take a full data inventory and get the priorities straight.

Next, make sure you follow the Backup 3-2-1 rule to customise a backup and recovery strategy for your business.

Lastly, validate your backup strategy by taking regular disaster recovery training to make sure that your business is fully prepared in an event of ransomware attacks.

[EC] Please describe Synology’s, regional go to market strategy to take this ransomware solution to the channel partners and end customers?

Synology offers ‘one solution for all your backup needs’. Recapping from my message earlier, there is no solution in the market today that can backup multiple OS and cloud services (SaaS). We can! And not to mention our backup solutions come without additional license fee. At the same time, I also would like to share the news that we now have our own hard drives, greatly enhancing our system reliability and stability.

Allow me to go in a little more detail on our all-in-one backup solution. The integrated solution allows businesses to protect the physical server, virtual machines, and personal PC devices all at once. The comprehensive total solution comes with easy centralised management, maximised efficiency, fast recovery, and no additional license fees needed. Different from Purpose-Built Backup Appliance (PBBA) vendors which come with limited product offerings, Active Backup for Business is supported by more than 86 Synology NAS models. We understand businesses from different industries have different requirements in terms of hardware performance and data storage needs. Our portfolio of NAS enables anyone to organise, share, and protect their data as they see fit, regardless of scale, infrastructure, or expertise.

Going forward, Synology will continue to offer cutting-edge and innovative solutions with one core philosophy “Transforming the way businesses manage their data, elegantly simple, secure, and reliable”. So that you as our precious users will always have a peace of mind over your data.

[EC] The industry is increasingly seeing storage vendors building in solutions to prevent ransomware attacks into their portfolio. Does this not overlap with the efforts by cybersecurity vendors? How do two solutions coexist, from storage vendors such as Synology and cyber security vendors?

This is a very good question, and no, I personally don’t see any overlapping. More layer of protection is always good setup against attack. We could further elaborate this question with the Cybersecurity Framework proposed by The National Institute of Standards and Technology of the United States. The framework is widely recognised by the information security community. It defines the cybersecurity into five steps: Identify, Protect, Detect, Respond, and Recover.

Information security vendors’ solutions can cover many aspects, from identifying potential risks before an incident occurs, protect and block external threats, or to detect the abnormal conditions on the internal network, etc.

On the other hand, what Synology offers, backup, is more about the “recover” step, which is also the most basic and last line of defence to ensure the data is safe when the enterprise is really attacked.

From our point of view, these two should be highly complementary and indispensable.


If you are interested in partnering with Synology, please submit your inquiry here, our regional representative will get back to you as soon as possible. Thank you!