Continuity™ provides the industry’s ONLY storage & backup security solution, to help you protect your most valuable data.
Part 1 explained why storage managers need to prepare for the ransomware scourge. In Part 2, we move onto what they need to do to achieve ransomware resilience.
Various surveys make it clear that the rising frequency of ransomware attacks is steadily eroding confidence in being able to cope. Almost 60% of respondents are not confident in their ability to recover from a ransomware attack.
How should they deal with the problem?
Here are 6 ways organizations can improve how they detect and prevent ransomware attacks, how to mitigate the impact if they suffer from one, and how they can recover their data.
Immutable storage is data that retained in a form that cannot be altered or tampered with. Once backed up, it is stored in that same format and can’t be changed. It can be implemented on tape, disk, SSDs, or in the cloud as a defense against ransomware. Some tools even incorporate machine learning features that can detect any signs of interference from ransomware.
Replication is about sharing data between redundant resources, such as software or hardware components or between servers or data centers to provide fault tolerance and business continuity. If one server goes down, the other holds the same data, for example. Snapshots are typically used in replication to provide near-instantaneous data protection. Point-in-time copies are replicated to other systems. If data is loss, they can be used to rapidly restore it. Backups, too, can be transmitted to an offsite location using replication.
Network segmentation is a tactic that can greatly reduce the impact of a ransomware attack. By separating the network into smaller, distinct areas, the spread of a malware is minimized if one area is compromised.
Data vaulting is a good way to avoid the possibility of ransomware infecting backup files. Cybercriminals increasingly target backup environments with ransomware as a way to guarantee the success of their extortion attempts. Vaulting addresses this via air gapping i.e., a copy of the backup is kept offline, separated from other systems. This is best achieved via tape backups that are retained offline. As there is no physical connection to the internet, ransomware has no chance of infecting it.
Data security is about protecting valuable data. There are different procedures, standards, and technologies to choose from. These include encryption (in transit and at rest), file scanning, malware detection and prevention, network security such as firewalls, intrusion detection, data privilege, access management, and more. Their goal is to ensure that only authorized parties can access and use the data and that its integrity is maintained at any given moment.
There are a great many patch management and vulnerability management tools out there. They continually scan networks and systems for security risks. They do a fine job with operating systems (OSes) and enterprise applications. However, they often miss security misconfigurations and vulnerabilities in storage and backup systems.
There are currently thousands of active CVEs out there that relate to storage and backup systems. They can be used to exfiltrate files, initiate denial-of-service attacks, take ownership of systems, block devices, and delete data. Overall, about 20% of storage devices are exposed and can be attacked successfully by ransomware.
In fact, many organizations fail to configure immutable backups properly – possibly the result of insufficient understanding of the technology and its limitations. This allows adversaries to compromise those backup systems.
Continuity’s StorageGuard was designed to comprehensively scan all data storage, storage management, storage networking, and backup systems to look for security misconfigurations and vulnerabilities. It offers enterprises complete visibility into storage and backup security blindspots, automatically prioritizing the most urgent risks. As the industry’s only security posture management solution for storage and backup systems, it provides:
StorageGuard also complements data security and file-based security solutions. Files eventually are stored within storage devices. If you break into a storage device, you can still delete, alter or block all files stored within the device – even if those files are encrypted.
Discover how secure your storage & backup systems are. Click here for a free trial of StorageGuard.
Get in touch to see how you can detect, prioritize, and fix all security risks in your storage & backup systems.