In the fast-paced and interconnected world of business, the continuity of operations after a cyber attack is paramount. Many companies today are embracing the concepts of Minimum Viable Business/Company (MVB/C) as a key strategy in ensuring that their core business applications and processes are able to survive in the face of adversity. Much like a Minimum Viable Product within the software industry, a MVB methodology defines the core requirements and applications that need to be running in order for a business to continue to generate revenue. The concept of embracing an MVB strategy employs many concepts from traditional disaster recovery/business continuity objectives, but differs slightly as it focuses solely on a company's core business applications and all of the prerequisites and dependencies it may have. If an organization is at all concerned about the continuation of services and keeping the company afloat amidst cyber disruption, MVB is the answer. Furthermore, regulations such as the Digital Operational Resilience Act (DORA) have a core focus on ensuring an organization's services are able to withstand and continue operating during a disruption; embracing MVB concepts can help to lay the groundwork for organizations, allowing critical business operations to be recovered efficiently and successfully. Rubrik Security Cloud and its data security platform provides a simplistic approach to helping organizations embrace MVB methodologies in various ways. But before diving into how Rubrik can help, let’s dive deeper into the concepts and components organizations should take to truly embrace MVB methodologies.
What is a Minimum Viable Business (MVB)?
At its heart, an MVB represents the most streamlined version of an organization capable of operating under adverse conditions. The objective is to preserve essential services and functionalities that define the business, even amidst disruptions. This framework empowers an organization to allocate resources effectively, focusing on the vital components that sustain customer satisfaction and revenue generation.
At its core, the first step in becoming an MVB is to identify and define the application(s) that are crucial to the organization. This may be a CRM solution, an online transaction application, whatever services and applications that your organization cannot live without. Once defined, the critical application’s dependencies must also be mapped out. This may include identity services such as Active Directory, data services such as a SQL Database, or crucial networking components like DNS. Basically, anything and everything that the core application requires in order to successfully deliver its service. Once defined, recovery plans should be generated dictating restoration components built around the application and its dependencies such as boot order, pre/post recovery scripts, network mapping, etc.
With a philosophy surrounded on providing a more prescriptive approach to recovery, the environments we recover to must also be prescriptive, and of course, scalable enough to deliver production ready workloads. To perform these types of recoveries, a Minimum Viable Business must deploy a Minimum Viable Recovery Environment (MVRE) that can be leveraged as production while everything else is in turmoil.
Crafting a Minimum Viable Recovery Environment (MVRE)
For a business to earn the title of an MVB, establishing a Minimum Viable Recovery Environment (MVRE) is imperative. An MVRE is the foundational bedrock that supports a business's essential functions in the wake of disruption, particularly cyberattacks.
Often after a cyber incident, a compromised production environment will be quarantined - no access in, no access out. Previously, we’ve spoken about Rubrik’s support for clean room environments, providing the ability to efficiently restore point-in-time copies into an isolated environment for further forensic analysis. While the clean room approach is still required, it does little in terms of providing a location for the actual recovery. And often, recovering back to production, especially after a cyber event, is not an option as it is often quarantined by security teams for lengthy periods of time. This is where the MVRE springs to action, allowing core services and applications that are pivotal to the company's survival to resume operation after their clean room analysis. MVRE’s allow organizations to get a minimal set of business operations up and running as quickly as possible, whilst the focus of an incident response and forensics team might be to have both the original locked down environment and a clean room environment available to perform their duties - Rubrik’s approach can help you to address both needs.
As we can see, having an MVRE deployed can drastically reduce the amount of downtime of your core business applications. Rather than waiting for production to be deemed safe, MVRE’s provide a performant and safe place to run your most mission critical applications, which can be simply migrated back to production, or any other environment once it has been given the green light to run workloads safely.
Rubrik Security Cloud: Your Ally in Achieving MVB Status
Rubrik Security Cloud stands out as a powerful ally in orchestrating a seamless transition to an MVB with a robust MVRE in place. Below we can see a high level overview of how Rubrik enables recovery into an MVRE running within AWS cloud. As shown, even with our production account quarantined, Rubrik ensures that data is replicated and available within the MVRE, ready to be recovered.
As we can see, having an MVRE deployed can drastically reduce the amount of downtime of your core business applications. Rather than waiting for production to be deemed safe, MVRE’s provide a performant and safe place to run your most mission critical applications, which can be simply migrated back to production, or any other environment once it has been given the green light to run workloads safely.
Rubrik Security Cloud: Your Ally in Achieving MVB Status
Rubrik Security Cloud stands out as a powerful ally in orchestrating a seamless transition to an MVB with a robust MVRE in place. Below we can see a high level overview of how Rubrik enables recovery into an MVRE running within AWS cloud. As shown, even with our production account quarantined, Rubrik ensures that data is replicated and available within the MVRE, ready to be recovered.
While the above diagram is simplified, there are many design principles that Rubrik Security Cloud adheres to in order to empower organizations along their journey to crafting a minimum viable recovery environment:
Out of Band Management: Emphasizing separation, Rubrik Security Cloud provides out-of-band management for all your environments across datacenter, cloud, and SaaS. This ensures recovery processes remain unmarred by compromised operational environments. Furthermore, granular Role-Based Access Controls (RBAC) ensure separation of duties within the Rubrik Security Cloud interface and API.
Immutability and Encapsulation: Data integrity is non-negotiable for an MVRE. Rubrik provides immutability for backups, ensuring that they are encapsulated and safeguarded from encryption or deletion by cyber threats. This makes it possible to restore clean, uncompromised data, thus maintaining the core functions necessary for the MVB.
Efficient Data Replication: Catering to the dynamic RTOs of modern enterprises, Rubrik facilitates fluid replication across diverse infrastructures, significantly enhancing recovery timelines. Whether it be replication on-premises between datacenters, cross-region/cross-account replication in the cloud, or archival to the air-gapped Rubrik Cloud Vault, Rubrik ensures that your data is available and ready to be restored in the event of a cyber attack.
Data Threat Analytics: Rubrik’s powerful Data Threat Analytics functionality arms organizations with the tools and processes they need to successfully respond to and recover from a cyber attack. In fact, many customers eliminate the need for clean room environments overall by coupling Rubrik’s Data Threat Analytics with air-gapped backups located on Rubrik Cloud Vault. Anomaly Detection allows organizations to understand the blast radius of the attack with a 2-stage machine learning model that identifies workloads and data potentially compromised by an encryption attack. This detection capability not only works on unstructured data, but also at the virtual machine and hypervisor level, and can even identify the ransomware strain employed. On top of this, Rubrik’s Threat Monitoring helps organizations to ensure that no stagnant malware or other Indicators of Compromise remains undetected in the backup data, increasing the chance of a reinfection once restored. Additionally once enabled, Threat Monitoring happens automatically on all supported data with no user intervention and no additional hardware - once data has landed on the Rubrik platform the scan automatically happens and results are available. Since both of these technologies handle large datasets and intense processing, they are designed to leverage incremental scans and are distributed in parallel across the Rubrik Secure Vault cluster for optimal performance. This drastically expedites recovery as organizations can easily locate the latest non-anomalous, non-quarantined backup to restore, and can do so directly to their MVRE to resume operations, or to a clean room for further analysis.
Seamless Integration: Rubrik Security Cloud integrates seamlessly into existing environments, providing flexibility and adaptability. This allows organizations to create an MVRE that aligns closely with their primary production environment, ensuring that the critical services are mirrored and can be activated without friction. Furthermore, Rubik's broad support of workloads ensures that not only core business data is available, but the dependencies it relies upon can also be safeguarded and replicated to the MVRE.
Embracing Cyber Resilience with Rubrik Security Cloud
In the digital age, the ability to emerge from a cyberattack with minimal impact is a testament to a company’s resilience strategy. By emphasizing the importance of becoming a Minimum Viable Business and establishing a Minimum Viable Recovery Environment, Rubrik Security Cloud helps organizations confidently face cyber threats, knowing their core business functions will remain intact.
Rubrik Security Cloud isn't just a set of tools; it’s a comprehensive solution that aligns recovery and business priorities, ensuring that an organization can withstand and quickly rebound from disruptions. With Rubrik, businesses not only prepare for the inevitable challenges ahead but also set themselves on a course for sustained growth and success.
To read more about MVRE’s and how the key Rubrik architectural principles align, download the new Cyber Recovery In the Cloud with Rubrik Security Cloud whitepaper.