Not just restore data but rebuild isolated environments to recover from ransomware
Govind Rangasamy, Appranix
Since the pandemic required businesses to quickly switch to remote working, secure VPNs and firewalls have been helpful, but due to the rapid increase in cyberattacks, more effective safeguards had to be adopted. As a result, the cloud has stepped up its game and helped businesses by providing much-needed resilience and agility.
In this interview, Govind Rangasamy, CEO of Appranix — a cloud-native SaaS platform that delivers cloud application resilience — shares his perspective on the cloud’s journey during the pandemic and how its resilience contributes to today’s cyber security.
How did Appranix originate? What has your journey been like?
Appranix was founded on the premise that as organizations transition to public cloud platforms, they will adopt an application-centric way to deliver resilience to their cloud environments. This adoption has benefited Appranix. Gartner named us a cool vendor in the backup, recovery, and storage space that has been notoriously hard to innovate in.
We increased our ARR by 300% last year, with some customers spending 10 times more than the previous year. Despite a pandemic, war, inflation, tech rout, public cloud skills shortage, great resignation, and so on, we continue to grow by double digits. We’re pleased that cloud-enabled organizations continue to subscribe to Appranix as one of the critical systems needed even during tight budget cycles.
We are lucky to have very talented engineering and SRE teams. Our young customer success team has delivered great dividends by growing our existing customers; that resulted in 185% NRR, one of the very best in the industry. We have recently added our new president of sales who comes from IBM to lead our growth in the direct and partner sales channels.
The great resignation has also affected us like any other tech company in the last couple of years. We were lucky that fared better with retention compared to other similar organizations in our industry and the region. We have in fact doubled our strength over the last year and another 50% growth is planned for next year to a point where we are running out of physical space as our folks return to the office.
Can you introduce us to what you do? What are the main challenges you help navigate?
Appranix delivers cloud application resilience to cloud-enabled organizations. Our cloud-native SaaS platform increases the speed of cloud environment recovery time by 6–10x while reducing cloud DR costs by close to 70%.
Appranix’s unique agentless continuous learning system creates and maintains a cloud time machine for organizations so they can recover their business-critical systems from ransomware attacks, cloud region or zone failures, bad software deployments, cloud misconfigurations, or simply human error.
Our hyperfast recovery system eliminates the need to port traditional infrastructure-centric backup, replication, or recovery systems over to the cloud. Appranix reduces the risk of manually putting together 7–8 layers of application stack complexity during the dire need for dynamic, distributed cloud systems recovery.
What does the process of disaster recovery usually look like? Can everything be restored “back to normal” after an incident?
Organizations invoke disaster recovery to recover business-critical software systems after a ransomware attack, cloud region failures, natural disasters, and other events. Typically, senior management staff declares a disaster event to assemble IT leaders and teams consisting of infrastructure, applications, network, system, storage, and backup and replication teams.
On the technology side, a DR runbook will be invoked to kickstart the process of recovering compute, storage, network, and application data from all the associated systems. These runbooks should have been assembled by the organization after doing periodic DR drills.
Typically, DR runbooks run multiple pages with all the complexities of recovering applications and all the dependencies, IP addresses, and various tiers of the application infrastructure in order for databases, platforms, and application services to be recovered. A moderate multi-tier application has about 6–7 layers of stack complexity to be able to recover all the cloud services and the associated data successfully.
After application recovery, a verification process will have to be conducted by the application, database, and platform teams. Typical distributed cloud system recoveries could take hours or even days, while Appranix has cut down entire application environment recoveries to minutes.
Yes, a properly protected system can be recovered successfully to an earlier state from a clean immutable data and configuration copy. However, in order to achieve a successful recovery, an organization should have completed periodic DR drills to ensure that not only systems are recovered but also people are ready to verify before promoting the recovered environment to be the production environment.
Have you noticed any new threats emerging as a result of current global events?
Absolutely. We are noticing a lot of ransomware attacks. Three weeks ago, we recovered a business running on the Azure cloud platform in about 36 minutes. Their entire environment was completely encrypted by a ransomware incident, including their Active Directory, which provides the critical authentication mechanism, was taken over by the hackers.
A panic call from their CIO at 4:46 AM ET, kick-started the process of recovery with the help of Appranix’s customer success team. We were able to rebuild several cloud applications spread across 18 different cloud accounts using a clean copy of data and meta-data from two days ago to get them back to a running state. They did not pay any ransom. They kept the infected cloud environment for forensics to understand how the attack really happened and how they could avoid such problems in the future while running the business from a clean environment.
What measures do you think everyone should implement to tackle these new threats?
- Backup your cloud configurations, meta-data, and dependencies for your business-critical application systems
- Backup your application data but keep control over your data within your account in the application’s native format in the same region and across another region of the cloud or across another cloud account, completely isolated from production. This allows you to quickly recover your applications along with databases in sync rapidly after a downtime event. It is important to keep the application data in the native format so you don’t have to translate from a backup management system to recover fast
- Practice proactive recovery drills with an automated system to gain confidence in your recoveries
All these recommendations are not new. They are documented in the NIST Cyber Security framework. Appranix focuses on the recovery of cloud-native application systems in this framework.
How can cybercriminals take advantage of unprotected cloud applications?
The latest ransomware attacks have become a lot more sophisticated in that they are targeting the backup and recovery system consoles to prevent users from even restoring critical application data.
More and more attacks are targeting the entire cloud environment/account level encryption, rendering all the applications and data useless. So it is important to protect all the cloud applications’ meta-data and dependencies somewhere else other than the production cloud.
Unprotected AWS S3 or other object stores become a prime target for hackers to steal the data as well.
Most ransomware is dormant for a long time until they take hold of customers’ environments, including authentication systems such as Microsoft AD thereby preventing users from even logging into their systems. So, it is important to be able to go back to an earlier immutable clean copy at a point in time to recover the systems.
Many companies have recently chosen cloud solutions as a way to enhance security. Are there any details that might be overlooked when making the switch?
Yes. Typically, when organizations adopt cloud SaaS solutions, instead of a self-managed product based solutions, they tend to deploy them for a partial set of workloads, typically for applications running on the cloud platforms. Make sure external or other networks that connect to the data centers and associated systems are secure as well, such as cloud gateways.
Zero-trust implementations help, for sure, but make sure they are implemented for cloud infrastructure instead of just access points.
Cloud-based data and application resilience systems are becoming important as sophisticated ransomware attacks go after the backup and replication consoles, so they block organizations from restoring applications completely. However, going with a cloud-based data resilience system has its advantages and disadvantages. Make sure you adopt them based on your needs.
Hyperscale cloud platforms have enough capabilities to securely move the data to different regions fast and securely, so you don’t have to compromise on speed as well as security, while retaining the data control within your accounts or systems. Yes, there is a nice balance that organizations can achieve by leveraging all the cloud capabilities to achieve much better protection while speeding up the recovery. We call these “hyperfast recoveries” for applications running on hyper-scale platforms.
What are the best practices companies should follow when developing and launching applications?
Cloud-native applications are distributed, auto-scaling and dynamic. Cloud infrastructure and services are programmable, not just self-serviceable. Following cloud well-architected frameworks for your applications is very important. There are typically five/six pillars to a well-architected framework. One such framework is here — https://docs.aws.amazon.com/wellarchitected/latest/framework/welcome.html. One of the pillars is “Reliability” — https://docs.aws.amazon.com/wellarchitected/latest/reliability-pillar/design-principles.html. Architecting for resiliency should one of the core principles of any cloud system — https://docs.aws.amazon.com/wellarchitected/latest/reliability-pillar/s-99.95-with-a-recovery-time-between-5-and-30-minutes.html.
Application downtimes are not new. Cloud application downtimes are not an “if” but a “when” as organizations adopt more hyper-scale public cloud platforms. We believe that if cloud well-architected frameworks are followed as best practices while designing new applications or refactoring migrated cloud applications, organizations can achieve much better resilience against current and evolving cyber threats.
In the end, security will always be a moving target. The only thing that organizations can properly practice is the ability to recover after cloud application environments experience downtime. So, doing recovery drills at regular intervals is key.
And finally, what does the future hold for Appranix?
We are on a mission to change the expectations of entire application environments to rapidly recover for customers. As more and more organizations move towards software-centric digitally transformed organizations, they are most likely to adopt hyperscale clouds as their primary infrastructure for mission-critical applications.
If the application teams have the confidence to recover their applications so businesses can continue, we would love to have the opportunity to lead the transformation compared to other traditional players in our space.
If more organizations say they have achieved much better resilience using Cloud Application Resilience software, I think we could say that we helped our industry change the behavior and as a result, we would have automatically grown tremendously as well. We hope to continue our exponential growth in the coming years.
About Appranix
Appranix delivers cloud application resilience with entire cloud environment backup and recovery of all resources, services, and dependencies at any point in time in any cloud region.
Get in touch with us to work with your shared VPC environments: https://calendly.com/appranix-team/30min
