Level Up your Ransomware Protection Security
Category : Uncategorized
Ransomware remains top of mind for businesses as it continues to make headlines in 2023, with malicious actors targeting companies across the globe for infection and then extorting them for large sums of money. The seemingly random, indiscriminate attacks from criminal or state-sponsored ransomware groups means that preparing for an attack is one of the things keeping IT department managers up at night. Ransomware response policies are being written from the perspective of “not if, but when” due to the rapid pace of evolution and use of zero-day exploits as a means to drive profit into the pockets of criminals.
End-user training campaigns for phishing awareness can mitigate the risk of a perimeter breach, but persistent attempts from advanced or state-sponsored attackers can leverage remote exploits that don’t require user interaction. The first line of defense for any device or system on a network is the network itself. Following security best practices for endpoint and perimeter security is the foundation of ransomware protection. When properly configured on a secure network, Cloud Backup further protects your data from ransomware.
Cloud Backup offers multiple levels of protection against ransomware, including snapshots, native encryption, authentication, and containerization, just to name a few.
Below, we’ll identify some best practices for securing and hardening your Data and Infrastructure against a malicious actor attempting to deploy ransomware.
Set up Recurring Snapshots for your Data
Multi versions copy-on-write OpenZFS snapshots, which prevent data in the snapshots from being encrypted in a ransomware attack. Use the Data Protection EDR Solution to configure Secure Network.
Cloud Backup with Recurring Snapshot tasks. Because only changed data is saved, snapshots can be taken frequently, giving you a shorter Recovery Point Objective (RPO) for your continuity plans.
Set a Long Retention Time on your Snapshots
As selected Cloud Backup data and snapshots are stored in a copy-on-write manner, the overhead of retaining multiple layers of snapshots is significantly reduced compared to traditional filesystems. With Tools, daily or weekly snapshots can be held for months or years.
Set Separate Administrative Passwords
Having two identical copies of your data on different systems is good; having two identical administrative passwords on different systems a little less so. Using different passwords on different systems can prevent a single credential compromise from impacting multiple storage systems, and ensures that replicated copies of data remain secure.
Use Pull Replication
When configuring replication, the direction of replication implies the direction of authentication. When properly configured, pull replication means that your second Data server doesn’t automatically trust your primary server. Even if a malicious actor compromises an administrative user on the primary storage, there is no path for it to authenticate against the second server and remove the replicated snapshots there.
Increase your Snapshot Retention Times on the Destination System
When configuring the pull replication task, set the retention time to a Custom value. Increasing the retention time, based on the available capacity of your secondary system, will allow you to retain an even greater number of snapshots for more granular and longer-term recovery.
Configure Two-Factor Authentication (2FA) for Administrators
To help safeguard against accidental compromise of an administrative account, set up two-factor authentication on your source and destination systems.
Contact us for solution on Data Security. Call: 9920275877 / 8169336355