Backup and Recovery
Data Encryption
Data Management
Security

Is Your Backup Strategy Ransomware-Ready?

Vijay Ramakrishnan
|
Director of Product Marketing, Own Company
No items found.

Of all the types of malware, ransomware is a particular threat to businesses today.  In our last post on the topic, we covered some key points on the scale of the threat to business continuity posed by ransomware. Your backup strategy - and the solutions that support it - is an important pillar in a holistic approach to dealing with ransomware that should span detection, prevention and remediation.

Backup strategies designed for general purpose business continuity may be ill-suited to the specific characteristics of the ransomware threat because backup files are increasingly targeted by malicious actors in order to maximize disruption.

In this post, we’ll cover the key requirements you should look for in a backup and recovery solution to protect against ransomware-induced downtime.

Isolation from Source/Production Systems

In order for your data to remain accessible in the event that ransomware that has infected production systems, backups must be stored on separate infrastructure from the production data. This is to prevent the spread of the ransomware to the backups that would compromise them as well.

Storing backup files on network attached storage is risky, particularly because ransomware is often designed specifically to seek out network attached storage as a vector to enable its spread. This risk has been magnified more recently as organizations may have opened up permissions quickly in order to enable remote work and a more flexible workforce in general.

Having cloud-based backups that are isolated from your general storage infrastructure is a great way to mitigate this risk. But it also means that the cloud-based backup applications you adopt should have appropriate measures in place to prevent and detect ransomware intrusion.

So what should you look for in cloud-based backup applications to ensure your backups are protected?

Foundational Cloud Infrastructure

Cloud-based backup applications are typically built using underlying, turnkey cloud infrastructures like Amazon Web Services (AWS) or Microsoft Azure. Organizations should consider not only which cloud infrastructures their backup provider has chosen for deployment of their backup solution but the degree to which they are taking advantage of the security and protection measures available on those infrastructures.

Logging, Monitoring and Alerting

While the security capabilities of underlying cloud infrastructures provide a great foundation of ransomware prevention and detection measures, organizations considering cloud backup solutions should ensure that their backup providers take additional measures as well, such as the use of monitoring, logging and alerting tools that can flag abnormal ransomware activity.

Encryption

Organizations should also ensure that their backup providers leverage encryption to protect backup data. This provides an additional safeguard that potential leakage of data doesn’t result in exposure of data, as the backed up data wouldn’t be viewable by malicious actors.

Regular Testing

Organizations evaluating cloud backup providers should also consider whether providers regularly test the measures they have in place to ensure security controls are properly applied and operating effectively. Adequate protection against ransomware threats requires the coordination of multiple technical safeguards as well as operational procedures, and regular testing is essential to ensure that systems that are designed well also operate well.

Third-Party Certification

Finally, organizations looking to ensure their cloud-based backup providers have adequate ransomware prevention measures in place should look for third-party certifications of the provider’s information security practices. This can provide reliable evidence that the vendor can protect the data entrusted to them by having the appropriate controls, measures and programs.

Own helps companies protect business continuity

As the #1 SaaS data protection platform for Salesforce, Own helps over 7,000 organizations better address the unique challenges to continuity from ransomware with backups that avoid pitfalls of traditional approaches while providing additional safeguards to enable safe and timely recovery.

Here’s how we measure up against the requirements outlined above:

  • Isolation From Production Systems: Our cloud-based backups enable you to stop relying on backup files that are stored on local and network file systems to support your continuity strategy.
  • Foundational Cloud Infrastructure: Own is built on hardened infrastructure from the two largest providers, Amazon and Microsoft, and our engineers also work closely with their technical experts to ensure we are applying best practices in leveraging available security measures.
  • Logging, Monitoring and Alerting: At Own, we collect application, network, user, and OS events and analyze them for suspicious activity and threats using multiple, redundant monitoring tools. This provides an additional layer of security beyond what Amazon AWS and Microsoft Azure provide.
  • Encryption: We encrypt HTTP communications and also encrypt backup files at rest, minimizing the chances that any data leakage results in data exposure.
  • Testing: We regularly perform internal vulnerability assessments and hire independent third-party testers who assess vulnerability as well in order to detect and proactively remediate any exposure points.
  • Certification: We subject our security practices to audit and review by third-parties who have certified our processes as adhering to stringent standards. These certifications include SOC II compliance as well as ISO 27001.

You can find further details on how we protect cloud-based backups here, and to see how Own can provide best-in-class support for business continuity, request a demo of our Recover solution below.

Get started

Submit your details and we will contact you shortly to schedule a custom 25-minute demo.

Book a demo
Get started

Submit your details and we will contact you shortly to schedule a custom 25-minute demo.

Book a demo
Vijay Ramakrishnan
Director of Product Marketing, Own Company

Vijay Ramakrishnan is the Director of Product Marketing at Own, where he helps customers understand how they can keep their SaaS data protected. The focus of his career has been helping stakeholders in different departments of an organization - from IT, Finance, Sales Operations and HR - better protect and use data to achieve specific business goals.

You may also like

No items found.
No items found.
No items found.
Backup and Recovery
Backup and Recovery
Backup and Recovery
Data Encryption
Data Management
Security

Get started

Share your details and we’ll contact you shortly to schedule a custom 25-minute demo.

Schedule a Demo