DEV Community


Discussion on: Would you pay a data ransom?

ferricoxide profile image
Thomas H Jones II

A couple things can mitigate the "need to pay" thing:

  • Good (and well-tested) backups — preferably redundant
  • Implement your infrastructure and application deployments as code

While neither of these protect you from "sharing" your data with the world, they do prevent you from being denied access to your data or your ability to function:

  • Live data got locked up? Restore your most recent backups
  • Locked out of your systems or your systems were straight up nuked or are otherwise undtrustworty? Nuke them from orbit and rebuild.

Yeah, the holes are still there (though, if you automate your deployments, it's at least likely that any given point of entry doesn't stay available sufficiently-long to be wholly compromised).

Does that help you against buggy, vulnerable code and not protecting your data in-flight or at rest? No. But if you're doing things right, those things are also taken care of in your designs.

But, in the end, it comes down to, if faced with the nightmare-scenario, what's the least-costly way to get back online is probably the choice you make.

mitchjacksontech profile image
Mitch Jackson Author

You highlight critical points: Automated backups, and a tested disaster recovery plan. I don't know how people think they can live without them.

Forem Open with the Forem app