Virtualization Technology News and Information
Security is not a state, it's an approach - leveraging file systems and storage for a more complete strategy

Written by Warren Arnold, Senior Technical Marketing Manager, Nasuni

There are many different approaches when it comes to securing an IT infrastructure and critical data, and tools from which to choose. A seasoned Chief Information Security Officer (CISO) knows that achieving 100 percent security is a nearly unattainable goal, as the threat landscape changes constantly. In this article, we talk about how the resiliency and fast recovery options offered by your file storage solution can be an extremely effective part of your strategy.

Ransomware has emerged as a top threat to enterprises, their files and storage, as well as everyday operational continuity. Email is still the top method of communication in most companies, making phishing extremely effective, and meaning ransomware won't be going away anytime soon. Knowing this, an experienced CISO will architect their infrastructure to be able to endure an infection and minimize disruption to their operations rather than focusing solely on making their perimeter impenetrable.

As more organizations entrust data to the cloud for its strength of security, there are many things to consider when increasing a network's ability to withstand an attack. Increasingly, CISOs can turn to innovative uses of existing technologies to augment their security strategy.  For example, leading approaches to global file management and primary storage are highly effective at mitigating the effect of ransomware.

Ransomware attackers turning focus to the enterprise

Cybersecurity Ventures estimates that ransomware will have cost companies more than $8 billion in 2018 and that number is expected to grow to $11.5 billion in 2019. This value doesn't just come from paying ransoms, but from the downtime that results, which leads to lost productivity and revenue, as well as the recovery process itself. In 2018, enterprises represented 81 percent of infections, a 12 percent increase from 2017.

Prior to 2017, consumers were the most heavily targeted by ransomware. One reason for the shift to targeting enterprises occurred because consumers stopped paying ransoms. They didn't need to. Most only use mobile devices, which are fully backed up, making a complete restore very fast and easy in the event of an infection.

After an attack, the quickest restore possible is the name of the game, but what options are available to facilitate the recovery process, lose none or a minimal amount of data, and do it fast? Enterprises can certainly take a page from the consumer's playbook and improve security by rethinking data accessibility and disaster recovery. 

Your global file system + cloud storage = ransomware protection for all your unstructured data

80 percent of organizations' data is unstructured -- text documents, graphics, CAD files -- which are easy to restore in certain environments. A global file system, in charge of coordinating document contributions and version control from teams across many locations, for example, could snapshot changes to files roughly every 15 minutes, and more frequently for active hot data. Enterprises leveraging a cloud or hybrid cloud environment could then send those deltas, fully encrypted with their encryption keys, to their cloud-based storage, accepted as one of the more secure options available, which is quite a contrast to just a few years ago.

This combination of simple solutions can make restoring this 80 percent of data - including the application files used to conduct business today - a very fast process, and in many cases, in as little as 15 minutes. Enduring just 15 minutes of downtime after an attack would greatly minimize losses in comparison to taking hours or days to recover. A CISO who knows this can advise their board with confidence to follow the FBI's advice and never pay a ransom.

If the idea of protecting all your unstructured data is appealing, do keep a few items in mind. Not all file systems work the same. One that relies on local disks will not be able to achieve adequate granularity, and it will run out of space. Only a limited number of snapshots can be stored locally. A better strategy is to leverage a global file system that saves directly to the cloud where capacity is not an issue. With this configuration, the snapshot becomes a true immutable point in time copy - much more than just a backup. By storing the master copy and all its metadata in the cloud, it also relieves the sheer volume of data that would need to be restored after a loss, making the recovery process that much faster.

For an extra layer of data security, each snapshot should be written to WORM (write once, read many) storage systems, ensuring that the data's integrity is preserved and that restores can be performed from a viable, clean version. Often, data snapshots can be corrupted by malware, rendering them unusable for system recovery. Since WORM data cannot be altered, IT administrators will have many more strong options from which they can select a restore point.

Increasing resiliency and speed of recovery using a global file system is an extremely cost-effective way to prevent undue business interruption. Depending on the frequency of snapshots, a business may only miss a few moments of productivity before it is back up and running. After all, not missing a beat due to an attack is the security endgame all CISOs are after.


About the Author

Warren Arnold 

Warren Arnold is senior technical marketing manager at Nasuni. The company's platform enables enterprises to embrace a new approach to file storage, synchronization and collaboration that combines the performance and control associated with traditional network attached storage and the unlimited capacity, inherent resiliency and economy of the cloud. With more than three decades of information technology expertise in senior-level sales and systems engineering roles, Arnold provides the technical expertise needed to deliver detailed, accurate evaluations for customers, presentations and training. Prior to joining Nasuni in 2011, he developed and led the sales and systems engineering program at EqualLogic. Previously, he held system engineering management positions at Lucent, Ericsson, Chipcom-3Com and Harris Corporation.

Published Wednesday, May 08, 2019 7:28 AM by David Marshall
Filed under: ,
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
<May 2019>