Isolation. Isolate and separate the data from the rest of the network via snapshots and backups. Security teams can isolate or air-gap through logical means by utilizing capabilities like secure snapshots and backups. We have a technology that creates secure snapshots that are not accessible by the host system, protecting it from corruption. Companies can isolate the data by storing it offline on a different media like tape storage.
Immutability. Ensure the company stores data in a secure isolated recovery environment. This prevents any attacker, external or internal, from changing or deleting data. Write Once, Read Many (WORM) technologies, as well as secure snapshot solutions offer proven retention capabilities.
Recovery time. It’s often overlooked, but system recovery time is an important capability of any data resilience framework. How fast can the organization recover from a ransomware attack? While tape excels at isolation and immutability of backup data, it can take hours and sometimes days to fully recover the data to the pre-attack state. For organizations that can’t afford any downtime, look for high-performing data storage solutions, such as flash-based systems. After that, ensure that uninfected and logically isolated copies of the data are as close to the source dataset as possible to shorten the data transfer distance and create an even faster recovery relationship.
Simplicity. It’s increasingly critical that organizations ensure that access to backup data is simple, quick, and easy. For starters, this speeds testing recovery procedures and backup validation. The quicker companies can get data into an isolated environment following a ransomware attack, for example, the faster they can find a valid recovery point from which to restore.
Ponemon Institute research reaffirms that cyberattacks have a direct impact on patient safety risks and mortality, which was exacerbated by COVID-19 and ongoing risk management with third-party vendors.