From technology to healthcare to governments, ransomware is disrupting business like never before. Security teams are reevaluating their overall security posture and taking additional measures to secure their data. During this process, they are discovering that they don’t know if their organization’s data is fully secure and whether it will be available when they need it.

Sad fact: cyberattacks continue to grow in volume and sophistication. Plus, ransomware doesn't hit like a bomb–it’s often more like a Trojan Horse, where many organizations don't realize they are under attack until it's too late. Despite investments in infrastructure security tools deployed at the endpoint, perimeter, and network, bad actors are still getting through to hold data for ransom.

A common mistake made in responding to ransomware is rushing through a recovery only to realize that the recovery point was a compromised copy of the system, and in turn, re-introduces the threat back into the environment. To make matters worse, if a replicated copy were to be recovered at a tertiary site, it might introduce malware into networks that it previously didn’t have access to and further impact business operations.

Why is it that the most impressive technologies are often the ones that go unnoticed? Sometimes what makes technology impressive is precisely that it goes unnoticed, and that is the case with the Rubrik Data Observability engine. As ransomware continues to grow as a real, costly, and persistent threat to conducting business, organizations are looking for smarter and faster ways to keep data safe and recover easily in the face of cyber attacks.

It’s no secret that hackers are attracted to large and lucrative targets in the vast digital sphere. Oftentimes, the largest targets present the most avenues for attack. And with over 300 million users worldwide, Microsoft 365 is one of those large targets. Over 80% of deployed Microsoft 365 accounts have suffered an email breach and over 70% have suffered an account takeover.

Data is an integral part of any organization and hence it is important to respond to and recover it from any crisis. With the onset of the COVID-19 pandemic, the need for data security and cyber resiliency is evident. Cyber resiliency is the ability to prepare for, respond to, and recover from cyber-attacks and data breaches while continuing to operate effectively.

In the summer of 2021, Rubrik officially released its first SaaS-based automated Disaster Recovery (DR) solution, Orchestrated Application Recovery. Orchestrated Application Recovery is incredibly easy to use: no need to install new binaries, no need to integrate between different vendor’s products.

Ransomware can be expensive—in 2021, the average cost of a ransomware attack was $4.62million, and that doesn’t include the ransom itself. Beyond financial costs, the cost of time, data, and brand reputation can also be astronomical. According to the IST Ransomware Task Force, the average downtime can be 21 days, with full recovery taking on average 287 days from the initial ransomware incident response. And cyber criminals are getting more sophisticated every year.

There has been tremendous growth in Microsoft 365 usage with the current remote work trend, leading to an explosion of Microsoft 365 data. Microsoft infrastructure and platforms support the availability, reliability, and security of this infrastructure by providing world-class perimeter defense, controlling access to keep attackers out, and detecting risky behavior. However, customers are responsible for protecting the data itself - emails, chats, files, etc.

Part 1 of this series covered the challenges Rubrik initially faced with its distributed database. Our applications had become quite complex to work around some of these challenges. Part 2 of this series covered how we chose a new distributed database (CockroachDB), and how we performed the migration. Next, we will dive into some of the challenges we faced after migrating to CockroachDB and how we developed on top of CockroachDB to mitigate them.