In a recent survey conducted by Dimensional Research, 96% of IT decision-makers reported they are worried about ransomware attacks. Only one in five are very confident they could recover from a ransomware attack. With attacks becoming increasingly sophisticated, CISOs have stepped up protection of their business with prevention solutions, such as firewalls, email security, Identity and Access Management, etc., but one challenge remains – data storage. Florian Malecki, Vice President – International Product Marketing, Arcserve, explores some of the ways CISOs can create immutable storage strategies to increase protection against ransomware threats.
Understanding the importance of immutable storage
When a company falls victim to a cyberattack, every second of business downtime is painful and expensive and can result in a loss of US$5,600 per minute, according to Gartner. The prevention measures mentioned above are essential for security. However, CISOs also need data protection to achieve their primary objective of data security and availability. How well they achieve this depends on data backup and storage.
These solutions underpin all business operations and are prime targets for hackers during cyberattacks. They should, therefore, also be the top priority when preparing data security policies. These backup and immutable storage solutions protect data in case of an attack or any other business disaster. They are the last line of defence that guarantees data security and availability.
Establishing data immutability for optimal security
Implementing a holistic approach to data security by integrating an immutable data storage solution is crucial as it strengthens data resilience. A business can never stop cyberattacks, but neutralising their effects can ensure Business Continuity, which is critical.
The most important step for a company that wants to protect itself against ransomware is to backup files regularly and store them using an immutable storage solution. The most sophisticated attacks make it possible to encrypt both the files and the recovery points. An immutable snapshot is a copy of your data that ransomware or a user cannot modify or delete. An organisation can quickly recover data written to an immutable data storage solution following data corruption or deletion, ransomware attacks, or other issues. Indeed, users can independently recover their data by looking through their files on Windows Explorer or Finder on a Mac. There’s no need to recover data using the previous day’s backup – users look through the files and select the data they want to restore. Arcserve OneXafe does just that and is one of the most efficient immutable data storage solutions on the market. OneXafe also offers inline deduplication and compression to reduce the data footprint.
Keeping ahead of the criminals
More recently, Ransomware-as-a-Service (RaaS) has increased. Tried and tested ransomware tools are made available to launch attacks via a subscription-based model to anyone proficient in the Dark Web arts. Incredibly, the authors of this malware receive a cut of each ransom payment that is received.
This opens the potential for an attack to whole new levels and is something that CISOs must consider as they look at their data security. They must improve their efforts to identify, deter, protect against, detect and respond to these actions.
As discussed above, bringing immutable backups into play will be a massive advantage and this can be done by adding a crucial step to the 3-2-1 data protection strategy. Make it a 3-2-1-1 strategy where you have:
- Three backup copies of your data on…
- Two different media, such as disk and tape…
- With one of those copies located offsite for Disaster Recovery and…
- The final one in this equation is immutable object storage
No silver bullets
While immutable storage offers powerful protection against most ransomware threats, it is not a silver bullet. There is still the issue of exfiltration when hackers attempt to blackmail their victims for ransom by threatening to share their data publicly.
There are no tools and solutions that can protect businesses from all the various ways the hacker can hurt them; the CISO should be working closely with staff and partners to implement a broad range of mitigations. These could include specific and detailed cybersecurity training for all employees to help them avoid the tricks and traps that hackers set. Multi-Factor Authentication is another way to make infiltration harder for criminals.
It is also vital to ensure that customers, suppliers and partners are not creating an opportunity for attack. These can be dealt with through physical security, background checks, safe recruitment and other well-established tactics.
Conclusion
As well as making their teams aware of security risks, CISOs must also increase their awareness of the importance of data storage. Data security policies are often limited to the basics and are not robust enough in today’s world, where the number of attacks are rising. Data is a huge money-maker for hackers, so businesses should be asking not if, but when they will become ransomware victims. Now is the time to change your information security strategy and incorporate a holistic approach to data protection.
Click below to share this article
