fbpx
cover background

Ransomware Protection for Storage & Backups

Validating Anti-Ransomware Best Practices for Storage & Backup Systems

“93% of cyberattacks target backup storage to force ransom payment…. and are successful in debilitating their victims’ ability to recover in 75% of those events.” 

There’s no silver bullet for protecting your organization against ransomware. However, storage and backup systems play a major role in ransomware protection and data recovery.

Fact #1: Nearly all production mission-critical data is kept on storage systems

  • Each single storage system serves dozens or hundreds of hosts. ​
  • A compromised storage system is the equivalent of breaching hundreds of database servers – at once!​
  • A compromised storage system will impact multiple applications and business services; recovery may not be possible.​

Fact #2: Recovery data (backup, replica, snapshot) is kept on storage systems

  • If storage or backup systems are compromised, bad actors can delete or sabotage the recovery data, thus making data restore impossible, following a ransomware attack.​

Fact #3: Immutable data copies for cyber-recovery are implemented at the storage and backup level

  • Has your organization implemented immutable data copies? Are they configured according to vendor and industry guidelines?

Fact #4: Various ransomware protection capabilities can and should be enabled at the storage and backup level

  • AV scanning
  • Anomaly detection
  • User behavior analysis
  • Retention lock
  • File filtering
  • Snapshot policies
  • …and many other storage and backup capabilities can assist with mitigating ransomware – HOWEVER they’re not enabled by default, and must be configured correctly

Fact #5: Storage and Backup systems are non-standard systems that are not comprehensively scanned by common vulnerability management, configuration compliance or other security posture management solutions

  • While host OS and web applications have been the center of security posture management efforts for decades, ransomware has started to push storage and backup back onto the CISO agenda
  • Storage and backup systems use non-standard appliances and operating systems, and therefore existing CSPM/VM solutions are unable to effectively scan them using standard host OS scan​
  • Unauthenticated scan cannot effectively collect and analyze security settings and configurations ​of storage and backup systems

The Dummies Guide to Ransomware Resiliency for Enterprise Storage & Backup

In this new Dummies Guide, discover the new threat tactics, and get a list of practical tips and solutions to secure these critical systems, protect your data, and ensure recoverability.

Download Paper

How StorageGuard Helps

StorageGuard verifies that your storage and backup systems are hardened, configured according to industry and vendor security best practices, and are not vulnerable

Verifies that anti-ransomware features are enabled and configured correctly (e.g., ransomware detection, ransomware isolation, anomaly detection, user behavioral analysis, and AV scanning)

Protection

Verifies that snapshots, replicas, images, and backup sets which are required for recovery from ransomware - are secure, immutable isolated and generally protected

Visibility

Verifies that ransomware protection best practices published by storage and backup vendors are implemented

Validates that data volumes, exports and shares are configured with restricted access and privileges, and according to security best practices

"Attackers are looking for identities and they're looking for your backups, to keep you from recovering. So you need to have governance and an active program to secure your storage and backup layers”

Marc Ashworth

CISO

“The hackers are after our data. In a bank, data is money. This is why I’m a big believer in securing the storage layer.”

Erdal Ozkaya

Erdal Ozkaya

Former CISO

"Storage is where our core data is stored. And so, vulnerability management, configuration management, and ensuring a strong policy around the governance of all storage devices are absolutely critical."

sunil-varkey

Sunil Varkey

CTO

Talk To An Expert

Get in touch to see how you can detect, prioritize, and fix all security risks in your storage & backup systems.

We use cookies to enable website functionality, understand the performance of our site, provide social media features, and serve more relevant content to you.
We may also place cookies on our and our partners’ behalf to help us deliver more targeted ads and assess the performance of these campaigns. You may review our Privacy Policy I Agree