Ransomware, something that many companies thought always occurred to other more high profile organisations, has become a first line threat to all companies, big or small, irrespective of geography or region.
The first thing to understand about protection from Ransomware attacks in an organisation is that there is no single tool or application that will protect you. Companies should implement a multi-layered approach to protection that is a combination of technology and process.
Firstly some things you should be doing:
- Ensure Anti-Virus is up to date on servers and PC endpoints
- Ensure there is a robust spam gateway or filter in place for employee emails
- Consider a de-facto standard of email quarantine for attachments
- Ensure employees know what phishing is and how they should deal with it
- Ensure all Operating System, server, and application patches are up to date
- Ensure that the company has robust Identity Access Management procedures / technology in place
What else can you do ?
We will now take a look at the Storage Made Easy File Fabric and how it can help with Ransomware protection:
Backup Files in Real Time – Backing up files is key to recovery from a ransomware attack and is a key piece of a companies defences. Backup can be an all or nothing scenario however, what happens if you are hit in between the time you last did a backup ? The key is real-time back ie. backing up files as they are changed.
Multi-Cloud Backup – Multi-Cloud Backup backs up every user file/folder automatically, in real-time, from a nominated primary store to nominated secondary store. For example this could be used to automatically keep a copy of everything a user stores on a windows file server on Amazon S3, or everything that a users uses on Google Drive on Amazon Glacier, or Google Nearline. It can be used as self-contained recovery ‘vault’ that can be used in conjunction with the Forever File feature to restore files or folders as needed.
File Retention – A file retention policy is another key piece of a Ransomware defence. Establishing a File Fabric retention policy enables companies to retain updated/deleted files so that the original files can be retrieved if they are locked/deleted by ransomware attack. Admins can set a file versions retention policy which controls how many prior versions of a file are saved after they have been overwritten/edited.
Forever File – Forever File is File Fabric feature that enables Administrators or nominated Support Users to quickly recover files/folders for users that suddenly find themselves locked out from backup sets, or multi-cloud backup sets, or from the last good file that was retained before update.
Remove Email attachments – Many Ransomware attacks come from email phishing attempts with malicious attachments. These types of attacks can get worse as users share the email and attachments. Organisations should consider eliminating attachments all together. The File Fabric has an Outlook plug-in that can prevent attachments being used and enable secure monitored link sharing.
Object Storage – One of the key features of object storage is versioning. Object Storage implementations creates a separate copy of a file once it has been modified ie. each object is immutable. They also retains older versions which can be restored. if a company used Object Storage as a backup or archive with the File Fabric the immutability of each object in the data sets means that it should always be possible to recover from a ransomware attack. The File Fabric supports several Object Storage vendors out of the box and any object storage vendor that supports OpenStack or S3 compatible Object Storage.
The Storage Made Easy File Fabric works with existing files, whether they are on-premises and are on-cloud and adds security and governance to existing company data and can be a key part of a companies defences on Ransomware.by