From large government agencies and multi-million-dollar enterprises to small businesses and local municipalities, everyone is a target when it comes to a ransomware attack. Most recently, the east coast of U.S. faced gas shortages due to an attack on Colonial Pipeline.
To secure your data, and your customers’ important information, you need to have a multilayer security strategy, from the outer walls of your organization to deep within your storage infrastructure. Focusing only on stopping attacks from coming in is like having a mote around your castle but nothing within the castle walls to protect what’s valuable. It’s the sensitive information and data stored within your organization that hackers are looking to take hostage and exploit, so why are all your defenses on the outside?
i-Virtualize and NetApp can help you not only increase your security at the storage level, but also simplify your ability to manage your storage as well. NetApp OnTAP has a wealth of features to drive efficiency and productivity, but it can also be a life saver when it comes to safeguarding your stored data.
1. Remembering the Moment
Making point-in-time, read-only copies of your data that are saved every few hours, days or even weeks, can help you quickly restore your files from a particular point in time without having to pay a ransom. With NetApp Snapshot, your data is exactly what it looked like at the moment the snapshot was taken, whenever that was, because once a snapshot has been taken, it can’t be encrypted.
So if you’re attacked, hackers can only encrypt and hold for ransom the files that haven’t been stored via Snapshot. If you regularly take snapshots, then you can forgo the ransom and pick up where your last snapshot was taken. And you don’t have to worry about this eating up your storage. NetApp Snapshot copies use Redirect-On-Write (ROW) to save whatever was changed at block level, instead of making a full copy that would take up a lot of space. You can also recover your files quicker with snapshots— terabytes in seconds.
2. Constructing Safeguards
Your technology is only as good as your policies around it. Having a retention policy in place ensures that you’re keeping copies long enough to recover your data. Since some ransomware lies dormant for months, it’s recommended that you keep snapshots for several months so if an inside invader suddenly pops up, you’re prepared. It’s also a good idea to turn off autodelete so important data isn’t deleted just to make room for unrecoverable copies and ransomware-encrypted data.
3. Acting Weird?
You may also have policies in place for employees when it comes to storing your data. NetApp FPolicy helps you further elevate your ransomware protection strategy. Looking for anomalies in behavior at the storage level, FPolicy’s zero-trust engine goes beyond permissions in access control lists. Using AI and machine learning technologies to develop User Behavior Analytics (UBA), FPolicy pays attention to any inconsistencies in user patterns. If a user on your team is acting weird, intentionally or unintentionally—according to the analytics—their access can be denied, sending you a big red flag to take a look at what’s going on.
4. Naming Protections
Initially intended to block unwanted files from being stored on your infrastructure, NetApp FPolicy’s file blocking methodology and file-access notification enables you to monitor, filter or block traffic based on file extensions and file metadata. So when users decide to download suspicious attachments, gifs, or jpegs, whatever is riding on those downloads’ coat tails won’t make it into your database.
5. Locking It Down
While Snapshot can prevent data from being deleted automatically, mistakes happen that could leave you scrambling. Or worse, someone within your organization can create chaos before you even know it. NetApp SnapLock is your write once, read many (WORM) compliance solution. SnapLock ensures that snapshot copies can’t be changed, renamed, or deleted until they’re aged out based on the configured policy. Once they’re committed to this non-erasable, non-rewriteable state, they’re locked in place, giving you an indefinite retention period.
Assessing Your Security
To truly strengthen your ability to mitigate ransomware attacks before they break you, it’s best to have another layer of protection should they breach your perimeter. As a NetApp Gold Partner, i-Virtualize invites you to find out where your security level stands when it comes to end-to-end protection with a simple and straightforward Security Assessment. By answering these 6 questions, you can find out what security solution is right for your business. It’s never too late to discover what you don’t know.
To learn more about how i-Virtualize can help secure your business from becoming a ransomware victim, contact us at info@i-virtualize.com.
