Why You Need an Enterprise-Grade Anti-Ransomware Solution
Ransomware – It isn’t a question of “if” but “when”
Remember the days when your data protection strategy was designed around system failures or loss of a data center due to a catastrophe, whether manmade or natural? While preparing for these types of disasters is still very much a priority, in the past decade a new menace has surfaced, demanding the attention of organizations everywhere.
The main difference between ransomware threats and the “classic” cyber threats is that organizations can’t prevent the cyber-attacks that result in ransomware events. These cyber-attacks are persistent and are constantly adapting to whatever prevention mechanisms are put in place to stop them.
Here are just a few of the ways these ransomware attacks can infiltrate:
- Phishing emails – no matter how up to date an organization’s email filters are, new threats will get through. All it takes is one user to click on one link for the entire organization to be exposed to a cyber-attack.
- Missing patches – operating systems and applications constantly need patching to keep up with all the exposures/vulnerabilities that have been identified and fixed. Unfortunately, this constant cycle of patching can cause some systems to be susceptible to attack while waiting to be patched. Again, all it takes is one unpatched system to bring an organization’s data under attack.
- Poor password policies/practices – as more organizations and applications implement polices/practices for stronger, longer, and more complex passwords, users can develop poor password habits which can result in a cyber-attack. Whether a user is keeping the same password for multiple accounts or has a password list stored in an insecure manner, even the slightest missteps can open an organization up to a cyber-attack.
- Alert fatigue – even if IT’s diligence has paid off and an organization receives alerts for 100% of potential attacks, there is still the issue of finding the proverbial needle in the haystack. While researching one alert, there may be another more imminent threat that is buried in the queue of alerts. By the time attention is drawn to that alert the damage may already be done.
So, what can we do when faced with such seemingly insurmountable odds? We need to design a solution that protects our data assets when the attack occurs. An integral part of such a solution are your backups. A reliable backup with fast and secure recovery is the last line of defense when a ransomware attack occurs.
Building the Solution: Veeam + Infinidat
One of the key factors to designing a reliable solution to recover from a ransomware attack is identifying what data should be protected and assigning a priority of importance to that data. Determining the impact and cost to the business if the data is lost is a crucial metric in prioritizing the data importance.
Once the important data is identified and prioritized, the next step is establishing the Restore Time Objective (RTO) and the Recovery Point Objective (RPO) for that data. An RTO is the period of time that a business has determined the restoration of the data must be completed within. The RPO is the determination of the maximum amount of data that can be lost before it causes detrimental harm to an organization. The more frequently your data is backed up, the shorter the RPO period.
Typically, the more important the data the shorter the RTO and RPO durations. In these cases, a Veeam + Infinidat solution is an excellent solution to consider. Together, Veeam + Infinidat provide:
- Veeam’s Scalable Software Defined architecture (SDS) – Veeam Backup & Replication (VBR) provides several methods to protect the organization’s data. Whether via backups, replication, continuous data protection (CDP), or storage array snap-shot integration (via Veeam’s Universal Storage API), VBR provides all the tools needed to fit any organization’s RTO/RPO requirements.
- Veeam Hardened Linux Repository – VBR’s hardened Linux repository protects your backup files from loss as a result of a cyber-attack with the help of single-use credentials and immutability. Single-use credentials are used only during the setup of the hardened repository and are not stored anywhere in the VBR environment. Immutability specifies a time duration where the backup files cannot be modified or deleted within the hardened repository
- Infinidat InfiniBox + InfiniGuard– Infinidat’s platforms can both act as storage targets for Veeam. InfiniGuard goes a step further in providing added capabilities as a modern data protection purpose built backup appliance. It has the added benefit of being built on top of the InfiniBox, which is an industry leading storage array known for enterprise class performance, 100% availability, and ease of use. InfiniGuard takes advantage of all the InfiniBox features, but takes this a step further and adds best in class deduplication capabilities and a highly available overall purpose built backup solution. Infiniguard boasts up to 50PB of effective storage for your backup repository and 35PB of effective storage for safe storage of immutable snapshots.
- Infinidat InfiniSafe Technology – Available across all Infinidat solutions, InfiniSafe Technology is built specifically for the purpose of cyber resilience. As we all know, restoring data in a timely fashion is the basis of establishing an RTO. InfiniSafe has four primary pillars that make up underpinnings of a strong cyber resilience capability: Immutable Snapshot, Logical Air-Gap, Fenced forensic environment and near instantaneous InfiniSafe, utilizing the capabilities of their efficient snapshot technology allow you to recover your data faster than any other solution on the market. Infinidat has demonstrated the ability to recover 13PB of data in only 12 minutes and 55 seconds. You can view the restoration here.
An example of what a Veeam + Infinidat solution looks like this:
This solution provides you with enterprise class data protection with Veeam’s industry leading Veeam Backup & Replication software combined with the unbeatable performance and scalability of Infinidat’s InfiniBox and InfiniGuard products.
Where can you learn more?
Veeam and Infinidat are hosting webinars on 12/14/2022. You can register here: Veeam + Infinidat Ransomware Webinars.