What happens when an inevitable ransomware meets an immutable backup?
Ransomware attacks have emerged as a pressing concern for businesses across all sectors, presenting a substantial threat to critical operations. Consider a healthcare organization unable to access patient records or appointment schedules, or a bank unable to access financial records—these scenarios are not hypothetical, as ransomware attacks have surged by 238%, exacerbating the challenges already posed by the COVID-19 crisis. Disturbingly, more than a quarter of this year's attacks have targeted financial or healthcare entities.
While organizations of all sizes should implement multiple safeguards and policies, such as antivirus and antispam solutions, disabling macros, keeping systems updated, and enforcing highly restrictive internet access, cybercriminals continue to evolve and persistently breach systems. Despite proactive measures, the reality is that it's not a question of if an organization will be attacked, but rather when.
However, facing an inevitable ransomware attack doesn't spell game over. Organizations can take proactive steps to mitigate the impact and recover effectively. By architecting a robust backup strategy, organizations can prepare to recover from various forms of ransomware attacks, whether they involve locker or crypto ransomware. To explore these strategies in-depth, we invite you to review our Nutanix technical brief, which outlines how customers can detect, prevent, and recover from ransomware attacks.
HYCU paired with Nutanix Mine can help to secure your backups using three simple techniques:
- Immutable storage
- Isolated backups
- Inhibited access
Immutable storage
Imagine a scenario where a user or malware, even with admin rights, couldn't delete or modify any backups. This level of security is only achievable by storing primary backups in Write Once Read Many (WORM) enabled S3 Object storage, ensuring 100% data immutability until its expiration time. With WORM enabled S3 Objects, even administrators are unable to modify or delete backups until their retention time expires.
While the security features of S3 Object storage are promising, many backup vendors in the market treat Object storage as a secondary or tertiary backup target due to misconceptions about its performance capabilities. These vendors often limit Object storage to secondary copies or archives and struggle to perform regular incremental backups to it.
This is where Nutanix Mine with HYCU comes into play. Nutanix Mine, powered by Nutanix Objects, is renowned for its cost-efficiency, simplicity, scalability, high performance, and WORM support. Combined with HYCU's proprietary write optimization of incremental backups, copies, and archives to Object storage, as well as its built-in backup security features, the combination of Nutanix Mine and HYCU offers an unparalleled solution. This ensures instant recovery of files, VMs, file shares, and applications from the most recent uncorrupted backup version, with a minimum backup Recovery Point Objective (RPO) of one hour.
Isolated backups
The concept of "isolated backups," also known as air-gapped backups, entails separating backups from the regular production environment. In this setup, no user, process, application, or server should have access to the network or the data-storage device containing the backups, except for the HYCU backup server.
The HYCU virtual appliance functions as a black box in this setup. It is built on a security-hardened CentOS Linux image with restricted root access and an option to disable SSH access. This ensures that only authorized personnel can access and manage the backup environment.
To achieve this level of isolation, you need a data protection solution that is simple and does not rely on complex architectures like media or repository servers. Additionally, the solution should facilitate the provisioning of logical networks to dedicated backup targets, ensuring that backups are encrypted in transit and segregated entirely from the production environment.
By implementing such a solution, you can safeguard your backups from discovery by malware in the event of a compromise of the production environment. This ensures the integrity and availability of your backup data, providing peace of mind in the face of potential cyber threats.
Inhibited access
The access to the backups, network and backup storage should at least be restricted and at best for end users be denied outright. This can only be achieved by a solution that has robust RBAC policies with secure multi-tenancy, that includes seamless integration with multiple AD, LDAP/s domains. Also, care must be taken to ensure that even administrators have no rights to manually delete backups.
With HYCU’s self-service and RBAC capabilities, organizations can host multiple groups in a shared environment. Every group’s backup metadata, such as restorepoints, VM details, application inventory and user-data are stored in secure databases where unauthorized users, even super admins, cannot access them. This also includes events, alerts and backup reports, that are filtered down to the specific group’s authorized resources within the multi-tenant environment.
HYCU disables manual backup deletion to prevent any forms of malicious intent from within an organization. HYCU can also allow administrators to easily pause backup expiration based on policy retention time, to serve during ad-hoc compliance audits or emergencies.
Summary
Nutanix Mine with HYCU isn’t just a cost-efficient solution, but also the most robust and secure data protection solution offered at a fraction of the cost compared to its competitive counterparts.
To summarize, Nutanix Mine with HYCU can deliver:
- Backups to WORM-enabled S3 storage with no performance penalty
- Provide network segmentation between desired sources and backup targets
- Deliver robust RBAC, multitenancy and more for software-level backup security
If you’d like to find out more on how Nutanix Mine with HYCU can meet your data protection needs, please contact Nutanix at mine@nutanix.com and HYCU at info@hycu.com
Get the newest insights and updates
Ransomware proof your backups
Overview
What happens when an inevitable ransomware meets an immutable backup?
Ransomware attacks have emerged as a pressing concern for businesses across all sectors, presenting a substantial threat to critical operations. Consider a healthcare organization unable to access patient records or appointment schedules, or a bank unable to access financial records—these scenarios are not hypothetical, as ransomware attacks have surged by 238%, exacerbating the challenges already posed by the COVID-19 crisis. Disturbingly, more than a quarter of this year's attacks have targeted financial or healthcare entities.
While organizations of all sizes should implement multiple safeguards and policies, such as antivirus and antispam solutions, disabling macros, keeping systems updated, and enforcing highly restrictive internet access, cybercriminals continue to evolve and persistently breach systems. Despite proactive measures, the reality is that it's not a question of if an organization will be attacked, but rather when.
However, facing an inevitable ransomware attack doesn't spell game over. Organizations can take proactive steps to mitigate the impact and recover effectively. By architecting a robust backup strategy, organizations can prepare to recover from various forms of ransomware attacks, whether they involve locker or crypto ransomware. To explore these strategies in-depth, we invite you to review our Nutanix technical brief, which outlines how customers can detect, prevent, and recover from ransomware attacks.
HYCU paired with Nutanix Mine can help to secure your backups using three simple techniques:
- Immutable storage
- Isolated backups
- Inhibited access
Immutable storage
Imagine a scenario where a user or malware, even with admin rights, couldn't delete or modify any backups. This level of security is only achievable by storing primary backups in Write Once Read Many (WORM) enabled S3 Object storage, ensuring 100% data immutability until its expiration time. With WORM enabled S3 Objects, even administrators are unable to modify or delete backups until their retention time expires.
While the security features of S3 Object storage are promising, many backup vendors in the market treat Object storage as a secondary or tertiary backup target due to misconceptions about its performance capabilities. These vendors often limit Object storage to secondary copies or archives and struggle to perform regular incremental backups to it.
This is where Nutanix Mine with HYCU comes into play. Nutanix Mine, powered by Nutanix Objects, is renowned for its cost-efficiency, simplicity, scalability, high performance, and WORM support. Combined with HYCU's proprietary write optimization of incremental backups, copies, and archives to Object storage, as well as its built-in backup security features, the combination of Nutanix Mine and HYCU offers an unparalleled solution. This ensures instant recovery of files, VMs, file shares, and applications from the most recent uncorrupted backup version, with a minimum backup Recovery Point Objective (RPO) of one hour.
Isolated backups
The concept of "isolated backups," also known as air-gapped backups, entails separating backups from the regular production environment. In this setup, no user, process, application, or server should have access to the network or the data-storage device containing the backups, except for the HYCU backup server.
The HYCU virtual appliance functions as a black box in this setup. It is built on a security-hardened CentOS Linux image with restricted root access and an option to disable SSH access. This ensures that only authorized personnel can access and manage the backup environment.
To achieve this level of isolation, you need a data protection solution that is simple and does not rely on complex architectures like media or repository servers. Additionally, the solution should facilitate the provisioning of logical networks to dedicated backup targets, ensuring that backups are encrypted in transit and segregated entirely from the production environment.
By implementing such a solution, you can safeguard your backups from discovery by malware in the event of a compromise of the production environment. This ensures the integrity and availability of your backup data, providing peace of mind in the face of potential cyber threats.
Inhibited access
The access to the backups, network and backup storage should at least be restricted and at best for end users be denied outright. This can only be achieved by a solution that has robust RBAC policies with secure multi-tenancy, that includes seamless integration with multiple AD, LDAP/s domains. Also, care must be taken to ensure that even administrators have no rights to manually delete backups.
With HYCU’s self-service and RBAC capabilities, organizations can host multiple groups in a shared environment. Every group’s backup metadata, such as restorepoints, VM details, application inventory and user-data are stored in secure databases where unauthorized users, even super admins, cannot access them. This also includes events, alerts and backup reports, that are filtered down to the specific group’s authorized resources within the multi-tenant environment.
HYCU disables manual backup deletion to prevent any forms of malicious intent from within an organization. HYCU can also allow administrators to easily pause backup expiration based on policy retention time, to serve during ad-hoc compliance audits or emergencies.
Summary
Nutanix Mine with HYCU isn’t just a cost-efficient solution, but also the most robust and secure data protection solution offered at a fraction of the cost compared to its competitive counterparts.
To summarize, Nutanix Mine with HYCU can deliver:
- Backups to WORM-enabled S3 storage with no performance penalty
- Provide network segmentation between desired sources and backup targets
- Deliver robust RBAC, multitenancy and more for software-level backup security
If you’d like to find out more on how Nutanix Mine with HYCU can meet your data protection needs, please contact Nutanix at mine@nutanix.com and HYCU at info@hycu.com
Experience the #1 SaaS data protection platform
Try HYCU for yourself and become a believer.