Nothing Beats Having a Plan

“The worst ___ ever!!!”. That’s a phrase that is incredibly overused. We use it to emphasis how bad something really is. When I hear that phrase, I immediately listen, but always with a grain of salt. Very few stories ever live up to the proper level of respect that “The worst ever…” deserves. The tale I am about to tell you is an exception.

Back in November of 2013, we received a support call from one of our best customers that some of the files on their server would not open. We remote connected to their server and discovered that their files were in the process of being encrypted. A few minutes later, a scary red window (see an example below – tell me that’s not scary) opened and gave all of us the bad news that we all feared. This customer’s server had Cryptolocker malware running.

This is, wait for it… the worst malware I have ever seen in my 20+ years in this industry! Without getting into a ton of technical details (otherwise known as techy-speak or mumbo-jumbo), this software locks your files out and requires you to pay a ransom in order to get them unlocked or after 72 hours the files will be deleted permanently. As you can see above, they even give you a countdown timer for you to watch before your files “blow up”.

As expected, the customer immediately asked, “What do we do now?”. We told them that they have two options. One, they could pay the relatively small ransom of $100 and see if the bad guys would unlock their files. Two, since we had a good, clean backup of their data prior to the malware being installed, we could restore the affected data from backup. The second option is more labor intensive, but there were no guarantees that the bad guys would truly unlock their files even if our customer paid the ransom. Since bad guys usually are not very trustworthy, the customer decided to take advantage of their disaster recovery plans and restore their data from backup. In the end, our customer was back up and running in a few hours and we were able to easily remove the malware from their server.

My point to sharing this story today, is to demonstrate how planning is everything, in today’s world of information technology (IT). Our customer survived this catastrophe by having a solid plan in place. The plan began when they hired our company to support their IT. Then they took our advice and implemented a data backup plan. That data backup was then periodically tested to make it would work in case of a disaster. This plan wasn’t formal per se, but when the need arose, our customer was ready to respond.

Nothing beats having a plan. What happens if you have a fire? What happens if you have a flood? What happens if your computer breaks? Have a plan. Find a smart person you can trust and make a plan. Don’t get caught in the middle of “The worst ____ ever!” without a plan.