Data Protection Vigilance for Black Friday and Cyber Monday

It’s that time of the year to see family and friends for the Thanksgiving weekend. AAA estimates that 54.6M people will be traveling this long weekend. 47.8M people will be traveling by car and 4.51M by air.  And between all the traveling and eating a lot of turkey, millions of consumers will be traveling to their PCs, MACs, and mobile devices to shop online. I love to shop on Black Friday and Cyber Monday to get the best deals available and to complete my holiday shopping! Black Friday 2021 saw 88 million Americans shopping online^1, and 97.3 million were shopping online for Cyber Monday.² Consumers like me aren’t the only ones looking forward to these cyber shopping days. As retailers are preparing to make the most of the holiday shopping season so are nefarious actors who are preparing to capitalize on the mass of online consumers and highly trafficked websites. But retailers are ready too. Below are the top ways organizations have proactively prepared for any potential risks and disruptions to their data.   

Data Resiliency

Cyberattackers pressure businesses by threatening to publish the sensitive data information they have hijacked, known as double extortion³.  And, bad actors are taking their cyberattacks one step further by demanding ransomware from third-party victims, such as company clients,  like me – a tactic known as triple extortion⁴. Your organization needs to be ready for anything this cyber shopping season. Secure your data and your customer’s data. Ensure you have multiple built-in defense mechanisms in place.

• Immutable backups: Ensure that your data cannot be changed or touched. Commvault’s HyperScale™ X ensures a fully immutable storage target and protects data from unauthorized random changes and modifications. This preserves the integrity of your backups by helping to prevent intentional modifications and deletions by anyone.
• Air Gap: Designed to isolate and segment secondary or tertiary backup copies and make them inaccessible from the public portions of the environment so if a bad actor is able to get through, you know your backup data is protected and secure.  Commvault HyperScale™ X, provides local air-gapped copies for faster recovery or in the cloud with Metallic™ Recovery Reserve.
• Ransomware activity monitoring: Be proactive and know what is going on with your data at all times so you can react quickly. Gain insight into when files are suspicious or being changed by a potential malware application through anomaly detection and honeypot framework. With Commvault, monitor backed-up and live data source environments.
• Data validation: Continuously validate that your data is not corrupt. You want your organization to take a proactive and preventative approach to bad actors. Commvault uses cyclic redundancy check (CRC) as one method of validating that blocks of data are not corrupt so that corrective measures may be taken if necessary.
• Industry-leading security controls: Incorporate security controls to ensure user access is continuously validated and monitored to prevent data loss and unauthorized access. Commvault’s AAA Security Framework (Authentication, Authorization, Accounting) provides a suite of security controls to harden the Commvault platform and management. Strong multi-factor authentication controls, retention locks, and command authorization protect data from accidents as well as malicious destructive actions.

• Infrastructure hardening: Close infrastructure gaps.  The Center for Internet Security® (CIS®) Benchmarks and Security Technical Implementation Guides (STIGs) are two primary third-party baselines adopted across public and private organizations for infrastructure hardening. It also helps organizations remain compliant within their respective industries. Commvault has validated CIS hardening standards for the core platform infrastructure. Taking it one step further, Commvault HyperScale™ storage is pre-hardened using STIGs, so it is ready for deployment across government sectors.
• Multilayered security framework: Protect and recover your data through a security framework to better understand, manage, and reduce cybersecurity risk. Follow the National Institute of Standards and Technology (NIST) cybersecurity framework standards and best practices to address these five areas: Identify, Protect, Monitor, Respond, and Recover. Commvault’s multilayered security is built on zero trust principles.

Drive Better Security Outcomes From a Single Dashboard

Get unprecedented visibility into your data protection environment to bolster your security posture quickly through the Commvault Security Health Assessment
Dashboard. By design, the dashboard identifies controls available in the Commvault CommCell and provides scoring and remarks to allow organizations to assess the risk properly and continuously monitor security posture.

A Ransomware Strategy

You need a plan to remain steadfast against ransomware. Beyond simply adhering to zero trust principles and hoping for the best, the ultimate solution can manage and substantially reduce the impact of a ransomware attack. It can reduce costs for your organization by utilizing one centralized management platform so security teams don’t have multiple product points to log in and out of. It can increase the visibility of your data through a single landscape to minimize complexity for your teams. And finally, it can protect what matters most by providing the broadest workload coverage and rapid recovery capabilities through a unified approach. For all of this to happen, a solution must embrace Zero Loss Strategy. Learn more here.

Be Cyber Ready for Cyber Shoppers this Holiday Season

Simply put, how is your organization reducing the impact of a potential ransomware attack? Do your teams know their roles and responsibilities if an attack occurs? How are you safeguarding data from double and triple extortion ransomware attacks (such as leakage and exfiltration)? Catch threats before they impact your data with cyber deception capabilities. And are you confident that your organization will recover quickly in the event of a ransomware attack? Gain the knowledge your organization needs today in order to be successful against ransomware. Connect with a Commvault Expert today.

References

1. Darina Lynkova, SpendMeNot, 25+ Black Friday Sales Statistics to Know in 2022, August 2022 – 2. Meaghan Brophy, Fit Small Business, Retail Statistics, November 14, 2022 – 3. Brooke Crothers, Venafi, Venafi Survey: Ransomware Evolves—Double and Triple Extortion Now Features in Over 80% of Ransom Demands, February 23, 2022 – 4. Checkpoint Research, The New Ransomware Threat: Triple Extortion, May 2021