Frequently Asked Questions
According to US Department of Justice, Ransomware is the fastest growing malware threat, not just for businesses, but for home users as well. On average, there have been more than 4,000 ransomware attacks that have occurred daily since 2016. And the attacks are growing faster every year.
Payments vary by business and industry. And they are going up every year. In 2020 alone, the estimated costs for all attacks were over $20 Billion, and growing yearly. Reports show that businesses lost around $8,500 per hour due to ransomware induced downtime.
Nobody is immune from attacks. Ransomware attacks pretty much every kind of organization, including Government, Manufacturing, Construction, Healthcare, Utilities, Retail, Education, Financial Institutions, and Energy.
Unfortunately, no. Consider the soft costs in getting your data back. Remediation costs can include and not limited to downtime, labor, product cost, network cost, lost opportunities, legal fees, and other damages. The ransom itself is just one cost of the many hidden costs in recovery from such an event: Seven Factors Analyzing Ransomware’s Cost To Business (forbes.com)
Today, when Business Management wonders if they will be able to recover from ransomware attacks, there is no easy way to get a quick answer. When they ask their IT teams, they will get a long list of the IT team is doing to protect their backups, but it still doesn’t give them a simple answer as to how safe they are. With R-Score, we now have a way a simple metric to track and get the IT teams completely aligned towards protecting the organization.
The closest analogy to R-Score is the “FICO® Credit Score”. Credit Scores is something people in the US live and die by because their financial lives depend on that. Similarly, IT infrastructure teams should depend on the R-Score for the value they deliver to the organization.
It is a quantitative benchmark for assessing an organizations recovery readiness in case of a ransomware attack. It is built on industry best practices. In addition to the score, customers will also be able to get a set of prescriptive recommendation about the critical areas of their data protection environment and practices they can enhance to improve their readiness.
Well, that all depends. There are many factors to consider to fully understand if your backup data is safe from hackers. R-Score will delve into some of those details to see if you really are protected.
Similar to FICO® Score, R-Score has 5 broad categories that influence the score. The 5 main categories are: Backup Process, Backup Infrastructure, Security and Networking, Restoration Process and Disaster Recovery.
The results from R-Score are only as accurate as the information that is input by the end user. The more accurate the data that is input, the more realistic score will be.
Customers can get their preliminary score by filling a small set of questions right on getrscore.org. To get the fully personalized score, they can request the discussion with recovery consultant @ getrscore.org.
All answers are weighted by the five categories and each of the item carries its own weight. Since a huge list of factors are involved, the calculation is complex, but the benefit for the user is that the output is simple to consume.
R-Score was built on years of experience in the data protection industry and observation of real customer scenarios. To get an accurate score, customer needs to provide the right set of information. The score can only be as good as the responses provided by the user. End users and practitioners who have used it provide a great benchmark of the usability of the system.
R-Score is focused to give you a structured approach and evaluation so that one can recover in case is hit by ransomware. R-Score does not address the area of prevention from ransomware attacks. This is covered by our security partners.
Once the user of getrscore.org completes the survey, they will the preliminary score and will also receive recommendations that will help them move in the right direction to improve their score.
To get the detailed R-Score, customers must request a meeting with the recovery consultants on getrscore.org.
Using the R-Score
As you work to address any deficits within the 5 categories in your environment, simply retake the test and answer appropriately. You should then see an improvement in your score.
As most IT users know, there is no limit to how much protection you can have. R-Score® reflects the same. For every incremental change a customer adds, increases the score. The exact impact depends on how much recovery readiness they have now. As IT administrators know, at some time the marginal incremental value of the increased effort does start slowing down.
As organizations and their technology/data changes one needs to reassess its own recoverability capabilities regularly. We will continue to update R-Score with the latest best practices regularly, and suggest that you reassess yourself ideally quarterly, and always after a bigger change in your multi-cloud environment.
To keep users and their organization’s data safe, we have consciously designed the system in such a way that no identifiable corporate infrastructure specific information is stored in the systems. So even if the entire getrscore.org gets compromised, users can rest assured that no corporate specific infrastructure information will be available to a third party.
No identifiable corporate infrastructure specific data is stored in the system, so customers can rest assured that their infrastructure specific info is not even available for any possibility of sales. That said, if a user specifically requests an in-depth R-Score or requests recommendations, then their name, industry, and email are captured to contact them. That contact is not sold and is only available to the organizations that are providing this free service.