It's time for Tintri's Summer of Love! Throughout the summer, we'll be highlighting stories from our beloved customers about how they use Tintri products to make their lives easier, faster and saner. After all, we don't make products unless we know you'll love them. Got a story to tell? Email us at email@example.com!
Well folks, I just wanted to share an interesting experience we had recently. One of the staff at our company received some Crypto-X malware via email, and unwittingly executed the program that was cleverly masquerading as a .pdf file. This started a malicious engine that targeted all accessible Word, Excel and PowerPoint files and encrypted them with a very strong cipher. As users tried to access the files, they were then directed to “ransom” payment instructions run through the Bitcoin network. Long story short, if we wanted our stuff, we were going to have to pay out at least a few thousand dollars to get it back!
I'm sure more or less everyone has seen or heard about this kind of situation. Well, I can tell you that in our case, with thanks mostly to Tintri, we do not have any “tough luck” stories to report. The encryption engine ran for at least an hour on one of our virtual desktops before anyone noticed there was a problem. We encountered roughly 15,000 files that were affected by this and they were both on the VM and on a shared file server (also a VM). While at first the size of the cleanup/backup operation seemed a bit daunting, we realized that the majority of the files were encrypted after most of the company had already gone home. By a stroke of luck, this was after my Tintri VMstore had kicked off the second of my daily automatic snapshots and this gave us the perfect opportunity to witness the power of Tintri snapshots firsthand.
By simply shutting down the affected VMs and running up instant VAAI clones from the “pre-infected” state snapshots, we were back to 100% clean with all files intact. Total time for recovery? Less than five minutes—with no interruption to any other computers on the network!
It dawned on me at that point that had I still been running my old NetApp array, I would have had a whole volume snapshot to deal with and the potential for a lot of lost data and very long data restores from backup. In short, when you hit a crisis situation like this, Tintri's per-VM approach is absolutely magic!
An interesting knock-on effect was that we also managed to “outcloud the cloud.” While we easily retrieved the company’s data, the staff member who kicked off the malware ended up with encrypted files in their personal cloud storage folder. Fortunately that had no effect on the company, but it was a tough lesson for the staff member to learn as they lost their documents.
Recently, Tintri introduced a new feature: SyncVM. This gives you the ability to not only snapshot whole VMs, but also move backwards and forwards between recovery points. It's like Back to the Future but better—because it's a time machine that YOU control.
One thing is for sure: cybersecurity threats are getting more and more advanced every day. It gives huge peace of mind to know that my Tintri VMstores equip me with these powerful and rapid recovery tools.
Thank you again Tintri!
Tintri all-flash storage and software controls each application automatically