Prevent unplanned deletions
Neutralize ransomware attacks
Avoid Unplanned or Malicious Backup Deletions
PII regulations call for the protection of PII data for preservation and keeping it from prying eyes. Unfortunately, the world of malware has evolved and continues to evolve.
The front-door protection of firewalls, anti-virus software, anti-phishing software, and deep packet inspection is no longer enough.
More than 7 out of 10 IT organizations targeted by ransomware are infected despite security efforts. In this game of offense versus defense, the offense is continuing to stay ahead.
Why are backups a target?
The latest evolutions of ransomware are attacking backups. The purveyors of ransomware know that the way most organizations defeat ransomware or malware attacks is to recover from a good clean backup.
Therefore, cyber criminals recognize the way to prevent organizations from defeating their attacks and revenue streams is to neutralize the backups.
They do this by deleting the backups before the ransomware detonates and encrypts all of the system’s data including the PII data. They delete the backups three ways:
- Find and delete the backup directory.
- Steal the backup administrator’s privileges to delete the backups.
- Utilize the published and well-known backup software API to delete the backups.
Once the backups are deleted, there is nothing there to recover from the ransomware or malware, and the ransom must be paid to recover the data.
The problems with current approaches to data security
Many backup vendors are pushing approaches to data security that are out-dated and ineffective. Here’s why these approaches won’t work.
- Time-Based Snapshots
- WORM (Write Once Read Many)
Problems with old approaches to data security:
Time-Based Snapshots – Not Good Enough
Frequent snapshots, such as every day, hour or minute, offer a false security because they only solve half the problem. Snapshot solutions do not ensure the data in the files has not been deleted or modified before it is snapped. It’s easy for a hacker to modify or delete backups between the time they are written and the time they are snapped.
WORM – Not Feasible with Todays Storage Systems
WORM (write once ready many) technology is not feasible because backup programs rarely allow write once file compatibility. In addition, WORM is financially unviable because of exponentially growing data.
How Can ioFABRIC Help?
ioFABRIC software prevents ransomware, malware, malicious actors, disgruntled employees, or even human error from deleting backups.
It does this by placing an unbreakable retention lock on the backups that prevents the backups from being deleted until the retention lock time period has expired, making backups immutable. The retention lock cannot be shortened although it can be lengthened.
Even when backup data has an immutable retention lock, users can still find and erase PII data within the backups, maintaining PII compliance.
ioFABRIC Secure Backup Target
ioFABRIC replaces your existing NAS with a secure NAS that prevents malicious actors from deleting or encrypting files. The principal use case against ransomware is to use ioFABRIC as a backup target. As your backup software writes files into the ioFABRIC appliance (virtual or physical), they are immediately snapped, become immutable, and then retention locked. ioFABRIC’s locking policy guarantees files can always be recovered during the retention period.
ioFABRIC software works with your current backup software to ensure your backups are safe from ransomware, other malicious attacks and accidental deletions. With ioFABRIC you will never lose data.
ioFABRIC Features:
- Activity-Based Monitoring, Alerting and Management for unusual or suspicious behavioral activity and alerts
- Activity-Based File Locking that works with your existing backup software and provides a snapshot view for reporting on an hourly, daily, weekly or monthly basis
- Activity-Based Snapshots capture data and the state of the system as it is written
- Optional Offline Replication of Snapshots gives you the option of a second immutable physical or virtual location for your backup data
- Hardened Security with a built-in firewall and two-factor authentication
