Greater IT security with Commvault
Discover a better way to improve data protection, eliminate IT security blind spots, and recover your data from cyber threats, including ransomware.
IT security basics
With new strains of malware threats, including ransomware, on the rise, your enterprise and customer data is continually at risk despite the steps you’ve taken. Organizations protect and recover from security threats, including data breaches and ransomware while controlling access to key data.
of organizations have experienced downtime due to security incidents.1
of ransomware attacks involved the threat to leak exfiltrated data.2
increase in ransomware attacks from the baseline levels reported in February 2020.3
Common types of cyber threats
Or data exfiltration, an offender gains access to files or data with sensitive information such as personal identifiable information (PII), credit card numbers, bank account information, health records, and social security numbers.
(DDoS) Make an online service unavailable by overwhelming it with excessive traffic from many locations and sources.4
Also known as malicious code or malicious software. Malware is a program inserted into a system to compromise data confidentiality, integrity, or availability. It is done secretly and can affect your data, applications, or operating system.4
A MITM (man-in-the-middle) attack occurs when a criminal hacker inserts themselves between a device and a server to intercept communications that can then be read or altered.4
A form of social engineering, including attempts to get sensitive information. Phishing attempts will appear to be from a trustworthy person or business.4
Prevents or limits users from accessing their system via malware. Ransomware asks you to pay a ransom using online payment methods to regain your system or data access.4
An attacker inserts malicious code into a server that uses SQL. SQL injections are only successful when a security vulnerability exists in an application’s software. Successful SQL attacks will force a server to provide access to or modify data.5
A piece of malicious code that is installed without the user’s knowledge. Viruses can replicate and spread to other computers by attaching themselves to other computer files. Worms are like viruses in that they are self-replicating. However, they do not need to attach themselves to another program to do so.
Is the method hackers use to attack systems with a previously unknown vulnerability.6
How often do cyberattacks happen?
All of the time. Ransomware is the front page, global news. Everyone is talking about it, from Wall Street to Main Street. It is a hot topic in the boardroom as the board of directors reviews ransomware preparation and recovery plans. And it will continue to dominate headlines—and for good reason. In 2020, ransomware increased by 435 percent over the previous year.7 In 2021, researchers estimate that a business will fall victim to a ransomware attack every 11 seconds.8 Unfortunately, a ransomware attack is a matter of when, not if.
“Data security is a top priority for our customers. Commvault enables us to enhance cybersecurity, improve our recovery readiness and meet compliance requirements.”
-Jitender Durairajan, head of cloud engineering and solutions, Sify Technologies Ltd.
How do cyber threats spread?
Cyber threats are often spread through email phishing messages that contain malicious links or through drive-by downloading. Drive-by downloading happens when a user unintentionally visits a contaminated site, and malicious software (malware) is downloaded onto the user’s computer or mobile device. A drive-by download usually exploits a browser, application, or out-of-date operating system or has a security flaw. Malware then uses these vulnerabilities to spread to other systems.
How to minimize cyber threat exposure?
The goal is to reduce risks and minimize the effects of a cyber threat. Cyber threat mitigation requires a combination of best practices and constant vigilance, along with a layered approach. Steps to reduce cyber threats, including ransomware, include:
For cybersecurity protection and recovery have a multi-layer security strategy to ensure your mission-critical data can withstand a targeted attack.
Conduct employee security training to detect phishing campaigns, suspicious websites, and other scams.
Stay current to reduce the risk of cyber threats exploiting common vulnerabilities.
Software with active monitoring designed to thwart advanced malware attacks.
Makes it highly unlikely that a valid user account can be impersonated.
Including systems and networks.
Segment your networks to prevent lateral movements and to contain any damage in the event of a successful cyberattack.
Determine if data is exposed to vulnerabilities, and then remediate those risks by removing or securing the exposed data.
Employ data protection solution that offers a multi-layer framework for protecting, monitoring, and recovering from threats.
Ensure your plan is going to work as needed. Verify that you can meet the Service Level Agreements (SLA) you’ve defined for critical and high-priority data and applications.
What is cybersecurity data protection?
The cyber threat landscape, including ransomware, has transitioned to a case of “when” not “if.” To ensure you can recover your data, you need the right solution with the best technology, the right people, and processes.
Organizations require tools (such as anomaly detection, immutable backups, air gap, zero-trust, and data isolation support) to protect and measure their recovery readiness state continually. They do this to expose and remediate problems, validate the recoverability of their data and business applications, and improve their security to reduce their risk profile. In the event of a successful cyberattack, such as ransomware, fast restores are required to resume business operations quickly.
How to recover data from a cyberattack?
When a cyberattack occurs, and your data is exfiltrated or encrypted, you need to have a validated copy of your backup data that can be quickly restored to resume business operations. For a trusted and protected backup data copy, organizations need a layered approach encompassing multiple security tools, resources, controls, best practices, and strategies. These various layers of security controls are necessary to help ensure the backup data is secured and recoverable. These steps provide the confidence that when an attack does occur, your backup data is ready.
IT Security Market challenges
Cyberattacks continue to increase in volume and sophistication. Your data grows exponentially across on-premises, multi-cloud, and hybrid environments. As more technologies are added to meet new needs and demands, data is dispersed across multiple environments, including remote and distributed environments. Generations of data sprawl and fragmentation have broadened the attack surface, impeded automation and process efficiency, and left companies struggling to manage multiple protection and recovery tools across their environment. Your risk profile continues to be a significant challenge to control and all this amid constant evolving business requirements.
Your IT security data protection and recovery solution needs to be able to restore your business from a wide variety of outages, including ransomware. The truth is ransomware isn’t new. It has been around in one form or another for decades. Like other technologies, malware and ransomware are evolving, with new threat variants coming out all the time. One reason for this is cybercriminals are sharing techniques and base code (off-the-shelf malware) with other criminals – which accelerates the time to market for new and more robust malware.
“Commvault Complete™ Backup & Recovery has accelerated our recovery process to the point that we now measure our RTO in hours or even minutes, rather than days.”
– Ping Zhang | Director of Digital Development Center, Luzhou Laojiao Co., Ltd.
The Time for a Recovery Plan is Now
An ongoing attack is no time for improvisation or ad hoc measures. An effective plan is a foundation for a full and speedy resumption of normal operations. Like any disaster recovery plan, a plan’s essential elements are what, when, and who.
What – Identify and prioritize critical applications to focus on the systems and data you’ll need to recover first.
When – Define the Recovery Point Objectives (RPO), Recovery Time Objectives (RTO), and Service Level Agreements (SLAs) for your systems, data, and applications.
Who – Which players – internal staff and external vendors – will be involved in your data recovery efforts?
RPO is the maximum number of hours that data can be lost during a service disruption.
RTO is the maximum amount of time allowed to restore after a service disruption.
3-2-1 is three copies of your data, on two different media types, with one copy off-site.
“Our RPO and RTO times have definitely decreased with the investment in the new [Commvault] solution.”
– Michele Buschman, Vice President Information Services, American Pacific Mortgage
A better way: Commvault’s approach
Security-conscious organizations trust Commvault for data protection and recovery to get their business back up and running quickly. Our multi-layered security approach to data protection and management ensures every organization can tailor its cybersecurity protection and recovery needs to its business requirements. The security framework follows the National Institute of Standards and Technology (NIST) Cybersecurity Framework standards and best practices and addresses these five areas:
Identify: assess and mitigate risks
Protect: lock and harden data from changes
Monitor: find anomalous threats
Respond: analyze data and perform orchestrated actions
Recover: restore clean data quickly
With Commvault, you’ll have a multi-layered security solution with robust cyber protection and recovery features to meet your business needs.
Paying the ransom is not a plan; put your money on recovery
Purchasing bitcoins or other cryptocurrencies and paying the ransom is not a viable solution. Even if you pay the ransom, 35% of the data remains encrypted.9 You still have to restore data to resume business operations fully. In addition, having data recovery is a necessity
- Paying the ransom increases the likelihood of another attack, even by the same group
- Governments are considering security regulations that would require organizations to provide proof of recoverability” and may prohibit ransomware payments
- Cyber insurance companies are writing policies that exclude the ransomware payment
In any case, you need to hope for the best and plan to recover.
Commvault readiness and recovery from ransomware
Commvault provides the most robust ransomware protection, detection, and recovery for the widest variety of workloads, whether virtual, physical, cloud or SaaS. Commvault simplifies and scales ransomware recovery within a single platform that features an intuitive administrative dashboard.
Most complete ransomware protection & broadest coverage.
Best visibility across your data to manage and identify risk.
Consistent repeatable processes and the most recovery options.
Coverage for your entire environment
Your data is dispersed across a mixed environment from tape libraries to containers, physical to virtual to cloud, endpoints to the data center, and everything in between. While the environment is diverse and data dispersed, an enterprise requires a single, comprehensive solution that provides industry-leading coverage.
Commvault has your ecosystem covered and protected. Commvault supports the broadest range of applications, databases, public cloud environments, OSs and hypervisors, NAS systems, and primary storage arrays. Learn more at Supported Technologies.
Ransomware protection and recovery
You’ve seen the headlines – organizations with their data held hostage and payouts to perpetrators to restore it.
1 McAfee, The Hidden Costs of Cybercrime, by Zhanna Malekos Smith, Eugenia Lostri, and James A. Lewis, Project Director, December 2020.
2 Coveware, Ransomware Payments Fall as Fewer Companies Pay Data Exfiltration Extortion Demands, February 1, 2021
3 VMware, Threat Research: Amid COVID-19, Global Orgs See a 148% Spike in Ransomware Attacks; Finance Industry Heavily Targeted, April 15, 2020.
4 Mass.gov, Know the types of cyber threats, 2021.
5 IT Governance Ltd, Types of cyber threat in 2021, 2021
6 Kasperksy, What is a Zero-day Attack? – Definition and Explanation.
7 Deep Instinct, 2020 Cyber Threat Landscape Report, 2020.
8 CyberCrime Magazine, Global Ransomware Damage Costs Predicted to Reach $20 (USD) by 2021, Steve Morgan, October 21, 2019.
9 SOPHOS, The State of Ransomware 2021, April 2021