The sales reps PC was completely encrypted, then it hit the rip PC, then it it started to infect our server. A sales rep PC got infected, It was a new varient that none of our software picked up. it did make me realize the CNC also has al its custom tool configs as well as saved "artboards".so now both of them are on our backup! So it was just a bit of manual work getting it back up.
Luckily I keep manual documentation of custom CMYK colors for clients as well as printed samples/proofs in a book. The malware of course made me realize All our profiles and custom samples and quicksets were a pain to get back. it was in hindsight, we figured all our files are backed up and fine, if anything else gets lost it's a quick image restore and we're back up. Our Rip station, and our CNC station, as well as peoples desktops dont get backed up beyond the Desktop/documents being stored on the server getting backed up. THEN I have a 100 TB server at home that I also backup the backups onto So all our important stuff is covered. our cloud backup never deletes older ones, so it's just a matter of finding a backup before the malware came onto the PC. So if something like ransomware gets through and deletes all our main backups and re-uploads the images to our cloud backup. which then gets duplicated to our cloud backup that has "unlimited" backups. Our server and all our VM's are backed up and actively protected - VMS /servers have 6 months worth of backups - they get a full backup every week, with incremental backups everyday. We have everything backed up, for the most part. even if It cost us more to start from scratch. I'd rather start from scratch than pay a ransom.