Standard backups are no longer enough
By MYBRANDBOOK
Amit Deshmukh
Head - India Channels and Distribution Business, Cohesity
New ransomware variants destroy backup data before they encrypt production data. Therefore, companies need intelligent security solutions in combination with secured data that cannot be changed.
In some ways, the competition between cybercriminals and security experts resembles the famous race between hare and tortoise. At first, hackers primarily encrypted production data. Companies fought back with solutions that allowed data to be restored quickly via backups.
Then the attackers shifted to destroying or encrypting backups. IT countered with immutable backups. Now the criminals are pulling data and threatening to publish it on the dark web. As a result, companies are once again faced with the question of how to adequately secure their data.
AI instead of traditional tools
Many conventional or legacy tools only detect attacks using known virus signatures, IP addresses or attack patterns. However, they often cannot detect and defend against new types of attacks from unknown sources.
To defend against current attacks, companies should therefore also deploy next-gen data management solutions with built-in artificial intelligence and machine learning (AI/ML) capabilities. These technologies can be used to trigger alerts that can notify the IT data admin when the backup data changes or ingest rates fall outside the norm based on historical trends - all of which could indicate an attack has taken place.These capabilities can also indicate, for example,when a user accesses large amounts of sensitive data at unusual times. Integration with security orchestration, automation, and response (SOAR) platforms can then be used to trigger defensive measures or further authentication via an additional factor.
Companies should complement this with an integrated data security and data governance solution. They can then use AI/ML systems to classify their data to identify sensitive information - including personal data. Only when it is known what sensitive data is stored where can it be determined who has access to it to protect it from attack. Data classification with predefined guidelines, such as data protection regulations and legislation, helps make compliance easier.
Immutable backups
Despite all precautions, a data theft or ransomware attack can be successful. In this case, companies need the ability to restore data quickly. But the backups must not have been altered beforehand, for example through unwanted encryption or deletion by an attacker. Therefore, it’s critical that customers embrace next-gen solutions that offer immutable back up snapshots. Immutability helps ensure that no unauthorized user or application can modify the ‘gold’ copy of the backup. Any attempts to modify the ‘gold’ copy will automatically create a zero-cost clone.
If this feature is embedded from the start, the original copy of the data is safer from unwanted manipulation. In addition, it is recommended to activate DataLock in the backup policy. The snapshot is then provided with a time-limited lock that even the security officer cannot delete.
For even greater security, look for solutions that provide data on the frequency of file accessed, and the number of files that are modified, added to, or removed by a particular user or application.
There is also the option to store an isolated copy in an externally managed data vault. This makes data even more resistant to ransomware attacks. In addition to immutability, this gives companies another way to protect themselves from attackers who want to encrypt data.
Last but not least, in the event that you are attacked, recovering quickly is the name of the game. Therefore, look for next-gen data management solutions that offer instant mass restore capabilities so that you can minimize downtime while keeping the brand intact and customers happy.
Relying on traditional backups as insurance is no longer enough. Modern systems offer AI/ML solutions to detect and defend against even novel attacks. Should they still succeed, immutable backups can help enable fast and reliable data recovery.
Singapore to remove One-Time Passwords from Bank Accounts
According to the Monetary Authority of Singapore, clients who utilise secur...
Is 375 million Airtel subscribers database breached?
When a hacker claims to have accessed and put up for sale a customer databa...
The government of India intends to construct a single portal f
A single portal will be launched by the Indian government to list all of it...
OpenAI offers GPT-4o, a faster model available to all users at
GPT-4o, a faster and more sophisticated AI model, is made available to all...
ICONS OF INDIA : RAJIV MEMANI
As Chair of the EY Global Emerging Markets Committee, Rajiv connects e...
Icons Of India : NANDAN NILEKANI
Nandan Nilekani is the Co-Founder and Chairman of Infosys Technologies...
Icons Of India : Dr. Arvind Gupta
Arvind Gupta is the Head and Co-Founder of the Digital India Foundatio...
C-DOT - Center of Development of Telematics
India’s premier research and development center focused on telecommu...
LIC - Life Insurance Corporation of India
LIC is the largest state-owned life insurance company in India...
IREDA - Indian Renewable Energy Development Agency Limited
IREDA is a specialized financial institution in India that facilitates...
Indian Tech Talent Excelling The Tech World - JAYASHREE ULLAL, President and CEO - Arista Network
Jayshree V. Ullal is a British-American billionaire businesswoman, ser...
Indian Tech Talent Excelling The Tech World - JAY CHAUDHRY, CEO – Zscaler
Jay Chaudhry, an Indian-American technology entrepreneur, is the CEO a...
Indian Tech Talent Excelling The Tech World - Thomas Kurian, CEO- Google Cloud
Thomas Kurian, the CEO of Google Cloud, has been instrumental in expan...