A control group is defined as the group in an experiment or study that does not receive treatment by the researchers and is then used as a benchmark to measure how the other tested subjects do.

Recently, our company was confronted with two companies in one week with the same infection – Ransomware. While the strain of this malware varied, the symptoms were similar. Files were being encrypted on the network, and over time, all the systems became unusable.

Both companies ground to a halt for all practical purposes.

Company C represents the control group.

They had a backup system that was up to date and stored files were old. They felt they had to pay the ransom – but they did not get their data back. This act put them in potential hot water because Ransomware payments typically go to organized crime and terrorist groups like ISIS.

The company took a long time to get their files back as they were stored only in the cloud.

After 12 days, they were up and running but with old files.

Company A had a backup appliance. When their systems became infected, their servers stopped functioning. They switched over to the appliance at the appropriate time before the infection.

They continued to work, without a problem.

This solution also would have enabled the company to work via a cloud version of their files, had something happened to their physical location.

While we were not able to ascertain the exact cost of these outages – one was brief and the other took almost two weeks. Almost all companies say a single hour of downtime costs them over $100,000. At the high-end, it could cost $5 for an outage of one hour.

In summary, Company A had a brief outage and was up and running in no time because they had the foresight to plan for such an occurrence. Since the odds are, every company will eventually deal with a cyber attack, their planning was very smart.

Company C – in the control group, hoped for the best and lost hundreds of thousands of dollars as a result.

Every company has a choice to become Company A or stay Company C. The choice is theirs.

The time to think about these issues is before there is a problem – or basically, immediately. Good luck to you and hopefully you will be able to weather your next “storm” without a hitch.

Often the best way to approach these issues is to work with IT services experts who can assist with Strategic IT Plans, Business Continuity and Disaster Revovery solutions before a problem hits.