Jon Toor, CMO, Cloudian
For anyone questioning the threat that ransomware poses, the recent attacks against Kaseya and Colonial Pipeline are a harsh reminder of why ransomware has become the top cybersecurity threat. Unfortunately, traditional defenses such as anti-malware software and anti-phishing training for employees have often proven ineffective, leading organizations to look for better solutions. In a new Gartner report titled “Innovation Insight for Leveraging Isolated Recovery Environments and Immutable Data Vaults to Protect and Recover From Ransomware,” the analyst firm highlights the critical role data immutability technology can play in ransomware protection.
Having an immutable data backup copy prevents hackers from encrypting or deleting data for a specified period of time, thereby enabling organizations to recover an unencrypted copy of that data without having to pay ransom. This not only reduces the financial costs and downtime resulting from an attack but also helps to break the cycle of ransom payments funding cybercriminals’ ability to conduct further attacks. In addition, data immutability can help with cyber insurance—in obtaining ransomware coverage, ensuring that an insurance claim will be covered (e.g., some insurers may refuse to pay claims if organizations have not adequately protected their data) and/or securing a discount for the insurance (currently as much as 20% in some cases).
Below are some of the key points about the importance of immutability from the Gartner report:
- “Now ransomware attacks have become so common that it’s no longer a matter of if you will be attacked, but more about when. Even worse is the focus of ransomware attacks to target backup systems.”
- “An IDV (immutable data vault) is an immutable, air-gapped tertiary independent copy of the backup in a secure environment for safeguarding backups against ransomware and insider attacks.”
- “Having an immutable copy of the backup is the most important item to start protecting backup data. All other initiatives are complementary.”
- “Isolated recovery environments (IREs) with immutable data vaults (IDVs) provide the highest level of security and recovery against insider threats, ransomware and other forms of hacking.”
- “New backup and recovery solutions offer many of the benefits offered by IREs, but IREs offer additional physical security and recovery features.”
- “Optimize recovery speed by implementing IREs with IDVs in close proximity to production systems.”
Cloudian provides data immutability—validated in U.S. government certification testing — through a solution called S3 Object Lock, which provides a virtual air gap and easily integrates into an end-to-end, on-premises backup architecture. This solution is part of the company’s HyperStore object storage platform, which includes additional features to secure data such as system-level hardening and root disable that go beyond protections available from any other on-premises object storage provider.
To learn more about Cloudian’s S3 Object Lock for ransomware protection, see: Lock Ransomware Out – Keep Data Safe | Cloudian.