Proactive System Protection against Ransomware with DaaS

Book a free consultation

Anunta quickly and efficiently resolves a ransomware issue with zero impact and revenue loss for a leading healthcare manufacturer

Background & Challenges

The client is a healthcare multi-national company who manufactures and markets in India and global geographies. The client adopted Anunta’s Desktop as a Service (DaaS) solution for its frontline team and warehouse staff. These DaaS users regularly access virtual desktops from thin client devices to access inventory and other ERP data. The enterprise had elected to maintain a hybrid environment wherein managers use laptops and desktops that are not deployed or maintained by Anunta.

Since the DaaS users accessed via thin clients, their physical devices were tightly controlled and contained minimal functionality; the only purpose of the thin client devices was to access virtual desktops. The physical devices accessed by the managers, however, were based on standard operating systems and were subject to individual anti virus definition updates. Most desktop users do not fully understand the importance of up to date anti virus protection and view it as a nuisance due to the bandwidth necessary to download updates, system update time, and reboot requirements.

Anti virus is a fundamental and basic line of defense to ensure the security of workstations and servers. Failure to properly update internal system can result in the proliferation of viruses, ransomware, malware, trojans, worms, spyware, adware, and other malicious injections.
For example, a user may inadvertently introduce a key logger virus that steals login field entries, opening the door to a breach. Unfortunately, hackers continuously create new and creative viruses that wreak havoc.

A virus infection was found within client’s organization. The ransomware impacted the physical laptops and desktops of the management employees, as well as several virtual desktops.

The physical laptops and desktops took an immense effort for client’s IT team as each device had to be cleaned individually.

What Anunta Did

The DaaS solution for the customer was based on virtualization technology that provided read only virtual desktops and roaming profiles for personalization, i.e., user preferences for background colors, left/right mouse, and more. As part of the virtualization transition, only business critical data was transferred to file shares. Additionally, system hardening was implemented to maximize security and ensure that users were not able to access critical operating system functionality.

Anunta provided its universal anti virus support, including frequent anti virus definition updates. This process consists of updating gold virtual machine images with the latest definitions during maintenance windows. When an update is complete, each gold image is subject to a complete scan and then new virtual machines are provisioned. Any anti virus definition updates that are available in between maintenance windows are applied directly to the read only virtual machine images in order to assure protection during that interim time period.

Where a virus could not be removed on a physical device, restoration from a backup (if one existed) or a completely new installation of the operating system were the only options. This was a time consuming and labor intensive process that for the customer IT team and was frustrating for users.

As virtual machines supporting virtual desktops operate in read only mode, the virus was cleared simply by rebooting and provisioning a new virtual machine.

About 12 users on the compromised virtual machine performed a fresh login and resumed work fully in no time.

Anunta enabled users no data loss and very minimal inconvenience. When users logged off existing virtual desktop sessions, their roaming profiles were updated and propagated to the subsequent virtual desktop sessions.

In comparison, the DaaS environment ransomware infiltration was addressed in about 30 minutes. Anunta’s Technical Support team was able to quickly determine the infected system resource and isolate that virtual machine.

Value Delivered

In the competitive healthcare industry, downtime equates to lost revenue and opportunity. Anunta was able to address the issue and minimize the impact of virus infiltration.

Zero Impact

Zero Impact: Anunta’s fast and efficient solution cut down impact of ransomware infiltration.

0%

Zero downtime and revenue loss: Anunta’s proactive approach avoided the downtime, loss in revenue and opportunity.

30 minutes

30 minutes: Anunta’s DaaS solution allowed the employees to resume work within 30 minutes.

Case-study Ransomware

Resolving a major virus infiltration issue was addressed for a key DaaS customer in about 30 minutes, not hours or days. Despite up to date anti virus definitions, users clicked on a virus bearing attachment within a virtual desktop, and the users were advised to simply logoff and login.

– Maneesh Raina, Senior VP Operations, Anunta Tech