Part III: It’s Time To Rethink Your Risk Mitigation Strategy

By Doug Chando

Prevention Through Smart Monitoring And Alerting

This is the third blog in a five-part series on risk mitigation and how Commvault can help.

In the last post, we were discussing the importance prevention plays in ensuring that you are prepared to handle the evolving threats to your data. Hardening of systems was the first of four necessary structural components that support a solid prevention strategy. The second component we’ll discuss is monitoring and alerting. Now, you no doubt have a number of controls already in place, typically in the form of anti-virus/malware/ransomware.

But as many organizations have realized, even with the most current definitions, their environments were still at risk. The reason being, the attacks and methods of compromising your environment are getting increasingly more sophisticated. In order to best arm yourself to fend off these attacks, your monitoring and alerting needs to be equally, or more, sophisticated than these threats – and ideally your strategy should be multi-dimensional. What do I mean by multi-dimensional? Well, having current virus definitions is always a great front line defense, but augmenting this with other smart monitoring and alerting powered by artificial Intelligence (AI) and machine learning (ML) should really be considered a best practice.

As we talked about previously, Commvault customers have been able to realize a 62 percent reduction in unplanned downtime, and no doubt additional forms of monitoring and alerting contributed to this reduction.With Commvault, our customers can bolster up their monitoring and alerting and achieve a more multi-dimensional approach. Some additional forms of monitoring our customers are widely using today are:

  • System Monitoring: Customizable dashboards within Commvault Command Center provide near real-time visualization of unexpected\unwanted events. One such useful notification would be multiple and continuous login attempts to critical machines, which could indicate malicious activity.
  • Backup Monitoring: Through AI and ML, Commvault can determine normal data patterns and can actively detect and alert you when there are significant changes to those patterns, such as backup size increases by defined percentages, which could indicate the encryption of files.Along with that, ML and AI can enable further smart operations with periodic anomaly checks on protected systems for mass file reads/writes/changes/deletes, etc., which again could indicate suspicious behavior.
  • Log Monitoring: Also native to the Commvault platform is application and system log monitoring, which can provide early threat detection for ransomware related events.

With the value of data on a steep and steady incline, and the threats to your data on a similar plane, it’s becoming increasingly important to have multiple lines of defense. With Commvault, adding these additional layers of defense by means of enhanced monitoring and alerting isn’t only easy, but it’s also dynamic and adaptive to your various data types and behaviors so it keeps you protected; we like to call this “Smart” data management! With innovations like these, Commvault is reaffirming our commitment to keeping our customers safe – regardless of the threats.

Next up in the series will be “Recovery Readiness.”Thinking you are prepared for a recovery event, and knowing you are prepared, are two very different things.We’ll discuss how Commvault can ensure your data is recoverable, and how this is another necessary component for a solid prevention strategy.