While most enterprise IT shops have a cybersecurity strategy that includes a backup policy, many have focused more on prevention than recovery, understandably. After all, the attack that fails does the least amount of damage. However, sooner than later, you may suffer a cyber incident that puts your business data and operations at risk — and an airtight cyber incident recovery solution can minimize the damage.
That’s why we’re excited to announce that Kyndryl, the world’s largest IT services provider, has included Veeam as an integral part of their comprehensive managed services: Managed Backup and Cyber Incident Recovery. To create these unique services, Kyndryl selects, engineers, integrates and manages powerful technologies to build a seamless experience.
Veeam bolsters these offerings with powerful, fully-automated and managed backup and incident recovery tools.
Cyber incident recovery: misery loves (your) company
While a traditional backup and recovery solution is better than nothing, it can put your business on a very difficult and costly road to recovery.
Consider one example: recovery from a ransomware attack. An IT organization that handles the recovery process has several hurdles to clear:
- Isolating the effected devices and data stores
- Identifying and removing the ransomware
- Verifying that backups are clean and safe to restore
- Restoring data and bringing affected systems back online
- Monitoring the effected environments to ensure they got the process right
This is an exacting, grueling and time-consuming process, often full of manual work, tedious checking and rechecking of key steps and a trial-and-error process to find good backups. Throw in relentless deadline pressure — many companies measure downtime in thousands of dollars per minute and for some the cost is much higher — and you’ve got the makings of a nightmare.
And that’s the best-case scenario. If IT gets the process wrong — for instance, loading a backup set contaminated with malware — it can get much worse.
Four keys to transforming incident recovery
The good news is that robust managed backup and cyber incident recovery services can drastically reduce the cost, disruption and sheer misery of a traditional recovery process. Let’s look at how Veeam contributes to Kyndryl’s world-class services for a global customer base that include some of the world’s biggest enterprises.
In terms of execution, there are four key capabilities that define Kyndryl’s approach to cyber recovery — all of which either leverage Veeam technology or complement our contributions.
Employing “air gaps” to keep attackers out and protect backup data.
One of the biggest challenges for any recovery process is the possibility that an attacker will get to your data backups before you do. If they’re successful, you might find your only chance at a full recovery encrypted or erased.
Kyndryl’s use of air gaps keeps a customer’s production systems isolated from the storage systems that contain protected and backed up data. It’s a simple step that adds a powerful layer of security to Veeam’s integrated backup and recovery capabilities. It is also a capability that few customers choose to maintain for themselves, given the demands it can place on a company’s IT resources and storage infrastructure.
Providing immutable capability so that if attackers do get in, data and backups are still safe.
Another key to a successful recovery is to implement data systems that support immutability so that stored records cannot be corrupted or compromised. Kyndryl incorporates into its capability Veeam Immutable Repository storage that supports “write once, read many” (WORM) storage media pools. Combining immutability solutions with Kyndryl’s air-gapped storage environments means that customers protect their backups and are ready to restore in the wake of a cyberattack.
Scanning for anomalies to identify attacks as early as possible.
Of course, protecting backup data is not useful if a business has been inadvertently backing up data that is already corrupted or compromised. And this can be a serious problem, since signature-based malware scanning often will not alert a business that damage has already been done — for example, when ransomware has encrypted the data being written to backup.
Kyndryl attacks this problem with technology that uses heuristic scanning to identify the patterns and telltale traits that can indicate compromised data. In the case of an encrypted backup set, for example, anomaly scanning might detect a sudden increase in the size of a company’s daily backups. This allows teams to detect compromised backups sooner and to avoid restoring that bad data back onto a production system.
Empowering resiliency and recovery efforts with automation.
At a time when most IT organizations are already stretched thin and short-staffed, it could take days or even weeks to grind through a manual, often trial-and-error, recovery process. By integrating Veeam’s recovery automation and orchestration tools with Kyndryl’s own capabilities, Kyndryl enables customers to bring automation to their recovery efforts so they may achieve major gains in both RTO and RPO, recovering from an attack in a fraction of the time and getting back into production using the most recent available clean backup data. Chances are good that you’ve seen other backup and incident recovery solutions offering similar capabilities. Veeam shares Kyndryl’s view that a business needs all these capabilities integrated in a seamless, end-to-end solution that avoids the pitfalls of implementing a series of disparate, disjointed point solutions.
A proven formula for friction-free cyber incident recovery
Unfortunately, cyber incidents are still a fact of life, even for the best-prepared businesses. How your business mitigates the risk of compromised backups and handles the recovery process can make a dramatic difference in terms of cost, business disruptions, and the well-being of your IT professionals.
Veeam and Kyndryl are excited to be working together to give so many businesses a faster, simpler, seamless solution to their cyber incident recovery challenges.
Portfolio Lead for Cyber Resilience – Kyndryl