In today’s digital landscape, ransomware attacks have become increasingly prevalent and devastating for businesses of all sizes. As a result, it is essential for organizations to have a robust disaster recovery plan in place to protect against and recover from such attacks. Quorums onQ offers a comprehensive solution, with a built-in test room environment, which can be used as a clean room to troubleshoot and perform forensics on ransomware attacks effectively.

Benefits of Using onQ Clean Room Test Network for Ransomware Troubleshooting

  • Included with onQ solution so you can test as often want

  • Provides a safe and controlled environment for simulating ransomware attacks

  • Enables thorough testing of recovery capabilities

  • Facilitates forensic analysis of infected servers without risking production systems

  • Helps organizations identify and address vulnerabilities in their network
  • Enhances overall security posture and resilience against ransomware attacks
  • Ensures compliance with regulatory requirements by documenting recovery processes
  • Collaborate with external partners, such as law enforcement and cybersecurity experts, to combat ransomware threats more effectively

“Over the past 2 years, we have had 3 Ransomware attacks, mostly caused by employees opening documents with infected attachments that looked legitimate. We were able to isolate and recover the infected servers in a matter of minutes. I can honestly say, without Quorum, we would not be in business today.”

– Confidential Oil and Gas Client

How to Use onQ Test Network as a Clean Room for Ransomware Troubleshooting

Once you have taken the preliminary steps of contacting insurance, any police, or forensic experts and made the decision to try and recover, you should proceed in a methodical best practice driven direction.

1. Set up the Clean Room Environment.

Create a replica of your production servers and data within the onQ Test Network at a point in time before ransomware took effect. This will serve as a baseline for conducting ransomware troubleshooting activities without risking the integrity of your primary systems.

2. Perform Forensics.

With the clean environment set up you can use it to perform extensive forensics and ensure the servers are free from infections of ransomware, spyware, and root kits.

3. Clean Network.

While working on the servers is a key to recovery, forensics should also be used to identify how your network was breached, and ensure that no back doors were added so you are not reinfected.

4. Document Findings and Recommendations.

Keep detailed records of the ransomware troubleshooting process, including the steps taken, recovery outcomes, and areas for improvement. Use this information to refine your disaster recovery plan and enhance your organization’s security and resilience against future ransomware attacks. This information should also be given to the FBI or CISA to be used in fighting the ransomware epidemic.

5. Recovery.

Once comfortable with the forensics and network status you can move the cleaned servers from the onQ test network back into the production environment, and restore functionality to your company.

Quorum onQ is the Core of Our Disaster Recovery and Ransomware Protection Solution.

Security is in Our DNA

With all Quorum solutions, security measures such as immutable back-ups, encryption at rest and in transit, multi-factor authentication, and a zero-trust environment are our highest priority. For customers using Quorum Cloud, each customer receives dedicated resources in the event of a disaster, with connectivity via open VPN or Cisco AnyConnect. Our multiple cloud locations are fully PCI and HIPAA compliant to ensure your most sensitive data is safe.

Years in Business

15+

Ransomware Infections

0

Recovery Time

~5 mins.

Trusted by the world’s fastest growing companies:

Logo of AC Controls Company. The logo features the initials "ACC" with a stylized design of a blue square and white dial on the left. Below the initials, the full company name "AC Controls Company" is written in blue text.
Logo of Hotel Emma with a brown and white emblem on the left side featuring intricate designs and the letters "H" and "E". To the right, the text "HOTEL" is written in uppercase with horizontal lines on either side, and "EMMA" is written below in larger uppercase letters.
Century Savings Bank logo with the text 'CENTURY SAVINGS BANK' in bold letters and 'Since 1865' in a smaller, cursive font below.
Logo of the California Bankers Association. The logo features the letters "cba" in a stylized orange font, with "CALIFORNIA BANKERS ASSOCIATION" written in gray capital letters to the right.
The image shows the Nisa logo, with the word "Nisa" in large blue letters. A rainbow arch flows from the "N" to the "a". Below, in smaller blue text, it reads, "Making a Difference Locally".
Logo of Bear Valley Community Healthcare District. "Bear Valley" is in large, black uppercase letters with a blue icon resembling a pinecone or flower above the "V". Below it, in smaller blue uppercase letters, are the words "Community Healthcare District.

We could be your “one and only”.

See why customers love Quorum.

Century Savings Bank logo with the text 'CENTURY SAVINGS BANK' in bold letters and 'Since 1865' in a smaller, cursive font below.

“In under 2 hours, we completed a bare metal restore…”

In under 2 hours, we completed a bare metal restore from the local Quorum server and went home and got some sleep. The next morning came and no one even knew the PDC for the entire institution died the night prior.

A person with a short beard wearing a gray flat cap and a black shirt is looking at the camera with a slight smile. The background appears to be outdoors, featuring a blurred green lawn and a building.

William Estlow

Network Manager – Century Savings Bank

Logo of AC Controls Company. The logo features the initials "ACC" with a stylized design of a blue square and white dial on the left. Below the initials, the full company name "AC Controls Company" is written in blue text.

“I was able to restore the data within 30 minutes.”

In February of 2018, a network share containing crucial financial data was accidentally deleted. The share was part of a backup on one of our servers. I was able to restore the data within 30 minutes, minimizing the business impact to the initial loss.

A middle-aged man with short, graying hair, a beard, and mustache wearing rectangular glasses and a dark suit jacket over a white shirt. He is looking straight at the camera with a neutral expression against a plain background.

Kevin Staley

MIS Admin – AC Controls Company

Logo of Hotel Emma with a brown and white emblem on the left side featuring intricate designs and the letters "H" and "E". To the right, the text "HOTEL" is written in uppercase with horizontal lines on either side, and "EMMA" is written below in larger uppercase letters.

“The ‘Set it and forget it’ reliability and uptime is amazing.”

Quorum is seamlessly integrated with my network, and the ‘set it and forget it’ system reliability and system uptime are just amazing.

A person with short dark hair and a trimmed beard and mustache is smiling at the camera. They are wearing a light-colored collared shirt and are set against a plain white background.

Gabriel Longoria

Director of IT – Hotel Emma

Logo of the California Bankers Association. The logo features the letters "cba" in a stylized orange font, with "CALIFORNIA BANKERS ASSOCIATION" written in gray capital letters to the right.

“We like that Quorum operates the DR site.”

We like that Quorum operates the DR site, since it minimizes management of a DR site for us and is much more cost-effective than if we had to maintain it ourselves.

A man with short, dark hair smiles at the camera. He is wearing a checkered shirt and is standing against a plain, light-colored background.

Randy Mateo

IT Manager – CA Bankers Association

Logo of Bear Valley Community Healthcare District. "Bear Valley" is in large, black uppercase letters with a blue icon resembling a pinecone or flower above the "V". Below it, in smaller blue uppercase letters, are the words "Community Healthcare District.

“Quorum is ridiculously easy to learn…”

Quorum is ridiculously easy to learn how to operate. To be able to operate this effectively out of restore and backup, is incredible. I think it’s a very elegant solution, a very well thought out and a very well-designed solution.

A middle-aged man with short, light-colored hair wearing a light blue dress shirt and patterned tie smiles at the camera against a neutral background.

Jon Booth

Director of IT – Bear Valley Community Health

A green and white logo for "LCL Bulk Transport Inc." featuring bold, stylized text. The words "LCL" are at the top, "BULK" in the middle, and "TRANSPORT INC." across a broad, horizontal section at the bottom, all within a triangular frame.

“It was very easy to deploy – the easiest ever.”

It was very easy to deploy – the easiest ever. The support was great, too, But it was knowing we were protected that was so invaluable.

Black and white portrait of a man with short hair and a beard, wearing a zip-up jacket, and looking directly at the camera with a slight smile. The background is plain, and the lighting highlights his facial features.

Bo Heinemeyer

Director of Technology – LCL Bulk Transport Inc.

Request a Live Demo

Office

QUORUM HQ AND DEVELOPMENT CTR
2870 Zanker Road STE 130, San Jose, CA 95134

Contact

+1 877-997-8678
+1 408-708-4500

Open Hours

Monday to Friday: 9am — 5pm PT


Explore Quorum

3D illustration of a clipboard with a magnifying glass and person icon. The clipboard has a blue and white color scheme with purple lines representing text. The person icon is positioned on the side, and the magnifying glass is at the bottom right. Blue background.

Resources

Explore whitepapers, ebooks, case studies, and more.

Read More
3D illustration of a blue calendar with two rings, a red and white megaphone, and a red gift box with a pink ribbon, all floating against a light blue background. The image suggests themes of events, announcements, and celebrations.

Events

Explore webinars, shows, podcasts and more.

Read More