Backup & Recovery
How can I protect against ransom-ware like wanna cry, Petya and other malware?
Backup is your best protection, as this protects against as yet unknown malware. Operating system updates attempt to close vulnerabilities once known to the manufacturer. Antivirus software protects where possible to known threats. Pirated operating systems and software pose a problem as the operating system, browser and other application software will not be updated and hence these systems become prime targets for malware. What is malware?Any software designed to interfere with the normal operation of a device (PC, tablet or smart phone). This can take the form of using the PC for attacks on other computers, allowing remote access to all or selected data on a device, denying the user access to parts of the internet or denying the user access to applications or data on the device. For example WannaCry denies the user access to data on their own device by encrypting the data. The user may then be asked to pay a ransom to unlock the data. What if I am affected by malware:As soon as you become aware of a malware attack, for example if a ransom message is displayed immediately shut down this workstation and all other computers networked to it, including the file server. Some or all of the data on the hard disk(s) may still be recoverable. A professional can install the potentially infected hard drives to a known clean system, inspect it and if possible copy the data from those drives. Backup rotation and multiple backup devicesYour backup is connected to and close to your PC to be backed up. Chances are that the backup device is vulnerable to the same things that the main PC or server is. For example fire, water, power disturbances, theft, malware and so on. If you have just one backup, and the data on the PC or server is damaged, you are likely to find out part way through the backup or later. So in this case your good backup has been overwritten with the bad data. To help prevent this set up separate backups , for example a different backup for each day of the week. Best if these backups are spread over a number of backup devices. That way if one backup device fails, you will still have a backup on another device. This is called Backup rotation. RoomMaster backup rotationIn roomMaster in Files, Backup, use the smart directory feature, on the Setup/Backup Location tab, check the Use Smart Directory Names option. Next, configure the directories to save to by clicking on Configure Smart Directory. For each day of the week, enter in the location you want to save to. For example: Sunday: E:RMbackSUN Monday: F:RMbackMON Tuesday: E:RMbackTUES and so on. Removable backup devicesIn certain circumstances, like brownouts (loss of power insufficient for the battery to kick in) or lightning strike the main data drive and backup drive may both be damaged. Ransom ware may have damaged the data on the PC or server and on the backup. So we recommend rotating the external backup and removing the most recent backup from the PC location. Rotating the backup using en external drive (typically USB drive or just a USB stick) simply means backing up to one drive one day, then using another drive the next day. (One could even have a weekly cycle, a backup device for each day of the week). There are more involved schedules like combined day, weekly, monthly and even yearly cycles. When using cheap backup media (Like tapes or CD-R/DVD-R), one could retain more backup copies. With CD/DVD it becomes feasible to keep backups for ever (Well at least for the live of the CD's, normal CD's can lose information in as little as 1-2 years, so if you've stored your photo collection on CD/DVD, copy them to archival quality CD/DVD or better to a external hard disk). In the typical hotel environment, historical data may be of interest for police records. RoomMaster allows setting the retention period for online historical data for example to one year. If the property extends over a larger area, a networked backup device could be located remotely from the main data server. While this would give protection from some environmental problems, it would still be permanently attached to the server and hence vulnerable to ransom-ware . What about Cloud backup storage?Cloud storage just means that the backup data is stored somewhere on the internet. roomMaster data take up about 200 M byte for a smaller hotel. The data will grow over the years with audit packs and guest history and other historical data. With a good fibre optic internet connection, google drive for example backs up 15Mbytes per minute. The 200 M byte would take 14 minutes to backup. If the data has grown to 2 G bytes, that backup would take 140 minutes. On a slower link, competing with other office and / or guest internet access it could take 10-20 times longer or more. Of course that means the backup would not complete in under 24 hours. Best way to find out if this is a solution for your property, test it. In roomMaster select Files, backup, backup files. This should generate a backup in C:RMbackup. Now in Windows explorer right click RMBackup, select properties. This will give you the size of the backup for the Basic and Enterprise editions. For Premier edition locate the backup on the server (IT may have to assist), right click it and select properties. If you use Gmail, the Gmail login can be used to access Google drive. Login to Gmail as usual, then open a new tab: https://drive.google.com/drive/my-drive. This will show you the contents of your Google drive. Now click and hold RMBackup and drag it into the google drive window. Release. Check how long it takes. The copy should start and, after ten minutes or so give a reasonable estimate of how long it will take to complete the backup. Other data backupThe same rules of course apply to other data stored on the server and other workstations. Full device backup Of course the PMS data is not all that needs to be backed up. Each PC should have a full backup every time programs are installed or updated, so that if for example the hard drive fails or the system is corrupted, the PC can be restored quickly. To do so without a full backup may mean having to reinstall all the applications (Where are your Microsoft Office license numbers? Who remembers all the applications installed? Where are the install media?). If data is stored on the workstation, of course it must be backed up regularly (daily). Restoring from backupAlways contact a professional before attempting a restore. The current data may be able to be patched and often parts of the data can still be accessed. Best to run of reports if possible like arrivals, in house, departures, Folios and so on. Some current data is better than none at all! Further we recommend copying the current database before overwriting it with a restore. DO NOT use the backup function to do so. Using the backup built into roomMaster may overwrite your most current backup! Note that if the system has been subjected to a ransom ware attack, DO NOT just plug in a previously detached backup drive for recovery. The ransom ware may immediately damage the backup data. If possible on a PC that has been not been affected by the ransom-ware, is disconnected from the internet and not used to check emails, inspect the most recent backup drive that has not been affected and make a backup of the most recent good backup to that PC. Disconnect the server from the internet. Remove the ransom ware from server and workstations (Depending ion the ransom-ware, this may take some doing) , before connecting the backup drive. A server or hard disk has failed completelyWe recommend restoring to a new hard disk. This way if necessary some data on the old disk may still be recoverable. If the problem was caused by a disk error, even if it can be cleared with a bad block scan and recovery or reformat, the error is an early indication of potential disk failure. A new hard disk cost less than the recovery! Restore from a known good (pre malware) backup. How do I know the backup is done correctly at my property?Ideally test by checking if a restore is possible. A good start is to tell your IT staff that the server is down, you have another PC, can they setup a spare server or even just a single stand alone workstation? Blank looks is not the right answer! RoomMaster Basic and Enterprise edition can be activated on a stand alone workstation by restoring the whole roommaster directory to that work station. This would allow front desk to continue operation in an emergency. The Premier edition license allows for a backup SQL server (Required for Premier Edition) to be setup, provided the live and backup server are not run simultaneously. Always best to test the backup environment, even if it is on a single workstation (Note that Premier edition can also run stand-alone on a suitably configured workstation) |