By Phil Wandrei
Ransomware can strike any time. You may have seen an increase in the number of attacks over the last several months. The bad actors never stop and are continually searching for the latest vulnerabilities to exploit.
The cost of a ransomware attack can run into the hundreds of thousands, and even millions of dollars, not including the damaged reputation. While the cost can be extraordinary, prevention is typically a fraction of this. Prevention does take time and vigilance, but it can pay tremendous rewards by limiting your exposure and allowing you to resume business operations more quickly.
Preventing ransomware attacks
While it may not be realistic to be completely invulnerable, identifying and reducing risks will save you a tremendous amount of pain, time and cost. There are several ways to go about this.
One area to address is user vigilance. Ensuring users are aware of malware and suspicious of emails, attachments and links. The next step is to secure and protect your data against any exploits that do make it through. This should include:
- Infrastructure hardening: reducing the attack surface within your environment. For example, actions you can take are removing services, protocols, configurations, daemons, etc. that are not necessary.
- Application hardening: Commvault software controls and limits access to applications through an AAA security framework for Authentication, Authorization and Accounting.
- Authentication: who is allowed access. Commvault integrates with virtually any secured LDAP-based directory service like Active Directory and external identity providers. Commvault also supports two-factor authentication.
- Authorization: what level of access is allowed. Ensuring admins are only allowed to manage their backup data, but not browse, view, or restore data they don’t own. Requiring a passkey, and using a data privacy lock, can restrict browsing and restore operations to the data owner or other select parties.
- Accounting: monitor access and capabilities. Commvault tracks and reports on users’ data access and audit reporting.
- Ransomware prevention ensures your backups are safe. This includes keeping the platform itself from being a conduit to spread malware to the backup data. Commvault utilizes many tools and technologies to prevent backup copy data from being deleted, modified, or accessed by malicious cyber and internal threats:
- Immutable backup copies ensure they cannot be altered or encrypted by ransomware. With Commvault, it can be turned on for the storage of your choice, whether it is on-premises or in the cloud.
- WORM (write once, read many) technologies can block unauthorized encryption attempts by making it impossible to change or delete backup data.
- Data isolation using air gap techniques reduce the exposure of backup data to the risk of malware.
With Commvault, you have the tools and technologies to help in your ransomware defense. View how all of this comes together to minimize your exposure.
An ounce of ransomware prevention may save your data and your career. Be ready with Commvault.
Learn more about Commvault ransomware protection.