What Is Ransomware 2.0?
Ransomware 2.0, meanwhile, shifts the focus to what Preston calls the “star player” of data defense: backups. “Now, they’re going after extortion,” he says. “They’re going to exfiltrate some data, such as personally identifiable information or private company information. And there’s no defense once data is outside a company’s control.”
As a result, business need a strategy to prevent backup attacks from happening in the first place.
Data backup solutions offer significant protection against ransomware attacks, so long as companies don’t fall victim to their Achilles’ heel: same-server storage. “Don’t put backup files on your primary server,” Preston says. “Companies can’t have these files sitting in a directory that’s visible in user space and says ‘E:/backups.’ If your backups are visible as files, they’re directly targetable.”
He suggests two strategies to solve this problem. First is changing the way on-premises backups are designed and administrated. The other is moving off-premises with a cloud-based backup solution.
DIVE DEEPER: How growing businesses can improve data storage performance.
Key Data Backup Best Practices for Businesses
For companies that choose onsite backups, Preston recommends separating the authentication system from the backup itself. “Don’t use Active Directory,” he says. “Use something like a password manager, and always implement multifactor authentication.”
Backup data must be stored discretely from operational servers, Preston says. This could take the form of a separate Windows or Linux server, or a purpose-built appliance.
“It’s also important that companies really look into the best they can do from an encryption standpoint, and consider adding another backup copy, possibly in the cloud,” he says.
Preston notes that while these processes are basic, they’re often ignored when backups are deployed. If companies take all the necessary steps, they could stop 95 percent of ransomware attacks, he says.
The other backup option is using a Software as a Service solution that occupies a different technology and administration domain.
“It’s a completely different security paradigm because it protects your data and puts the right people in the right place to take action. You’re having it run by team of people that live and breathe this stuff,” Preston says.
For example, Druva’s Data Resiliency Cloud helps companies reduce overall cost and complexity by 50 percent, Preston says, and it comes with the benefit of in-depth backup expertise. He notes that Druva handles multiple ransomware recoveries each month, so it knows what to look for, where to find it and how to get companies back on track.
When it comes to effective backups, there’s no one-size-fits-all solution. Whether companies opt for an on-prem solution, a cloud-based strategy or a combination to safeguard their data, Preston offers a simple, shared approach for successful protection: “The more you separate the data, the better off you’re going to be.”
UP NEXT: Explore the defensive technology trifecta that is Security service edge.
Brought to you by: