Ransomware is mainstream and sadly, more common than uncommon these days. Rapid digital transformation and the pandemic has led to a surge in susceptibility and attacks. Now ransomware-as-a-service (RaaS) is enabling a broader spectrum of attackers and exacerbates the challenge for enterprises. The Veritas 2020 Ransomware Resiliency Report found that 42% of companies have faced at least one ransomware attack. And those that have? It’s not just one, but an average of 4.5 attacks. Yikes. With attacks becoming more sophisticated and targeting larger companies for bigger paydays, it’s important to be prepared, proactive, and protected.
HOW TO FIGHT BACK?
The best way to fight back? Develop and implement a comprehensive, multilayered cybersecurity strategy to protect, detect, and recover your data. The first instinct is to ramp up your frontline security solutions aimed at prevention. This is important, but know that it’s impossible to completely block or prevent an attack—especially as threats and bad actors evolve at lightning speeds and become more innovative. It’s just as vital to implement sound backup and recovery practices, including hardened solutions, secure access, immutable storage, and orchestrated and automated recovery.
NetBackup, the #1 enterprise backup and recovery solution, offers a unified set of tools to protect IT systems and data integrity, detect by monitoring and mitigating, and recover quickly with automation and orchestration. Including NetBackup will help to reduce risk, eliminate uncertainty, and help you maintain control.
With so much to share, I will break down our solutions that protect first, with an additional blog post next week outlining detect and recover. Let’s start with proactive tools you can use to protect your environment.
With the latest release of NetBackup, we have continued to proactively add security features and functionality to ensure data integrity and protection:
1. Identity and Access Management (IAM)
With SAML support and integrations with Active Directory and LDAP, NetBackup gives customers control of the authentication process and allows support for the identity provider of their choice. This approach paves the way for common single sign-on (SSO) and multi-factor authentication. Furthermore, with role-based access control (RBAC) functionality, NetBackup supports granular access control giving only the right level of permissions by user role.
2. Data Encryption
Prevent bad actors from stealing your backups. More and more ransomware deployments are targeting backup environments and not only encrypting critical data (making it unusable to you) but also stealing it. This allows the bad actor to hold you ransom for the encryption key and gives them the ability to extort you by threatening to make confidential data public. It is more important than ever for you to use encryption to your advantage and encrypt your own data while in-transit and at-rest within the backup environment. This eliminates the extortion threat by preventing bad actors from reading your data if stolen.
3. Immutable and Indelible Image Management and Storage
Prevent bad actors from encrypting or deleting your backups. Among the most exciting recent features of NetBackup and NetBackup Flex, is immutable\indelible image management and storage. This capability lock your backup image data and makes it unchangeable and undeletable which prevents bad actors from encrypting your data. The Cohasset Associates assessment of NetBackup explains this capability in more detail with NetBackup Flex.
NetBackup also includes the OpenStorage Technology (OST) API, so you can manage immutable backup images with Veritas or third-party storage solutions, providing the flexibility to implement the immutable storage vendor or vendors of your choice while supporting immutable policy management through a single source, NetBackup.
4. Solution Hardening
Bolster protection against logical-attack vectors from a backup software and appliance perspective. NetBackup Flex has been hardened to offer a complete secure solution that supports immutable and indelible storage. The solution offers a secure WORM storage server with hardware security features.
To learn more technical information about the newly added security features read our Ransomware Resiliency White Paper.
Want more information?