Veeam Ransomware Protection Solutions

Top provider of industry leader Veeam’s ransomware prevention and protection solutions

DATA ISOLATION & IMMUTABILITY = DATA Security Powered by Storcom + Veeam Ransomware Protection & Prevention Solutions


GOAL: Ransomware Prevention with Data Isolation and Air-Gapping
  1. Need for a secondary or even tertiary copy of data that is completely isolated from copies of backup storage targets. You need an immutable copy.
  2. Data is unreachable from the public portions of your environment using virtual LAN (VLAN) switching, next generation firewalls, or zero trust technologies.
  3. If your organization is infiltrated by ransomware, or a malicious attacker, then the cyber threat will have a limited attack surface.
  4. The public portions of the environment may get infected, but the isolated data will not because it cannot be accessed.
  5. Isolated environments should not be accessible to public networks of the organization or  the Internet. Physical access to isolated resources should be secured and heavily controlled.

 

MASTER the 3-2-1 Data Backup Rule 

The 3-2-1 rule for data backups says:
  1. You must have at least three copies of your data: the original production data and two backups.
  2. You need to use at least two different types of media to store copies of your data. For example, local disk and cloud.
  3. You must keep at least one backup offsite. For example, in the cloud or in a remote site.

 

BACKUP & RECOVERY Powered by Veeam

 

Veeam Backup & Replication

    • Cloud: AWS, Azure, and Cloud Managed Service Providers
    • Virtual: VMware vSphere, Microsoft Hyper-V and Nutanix AHV
    • Physical: Agents for Microsoft Windows, Linux, AIX, and Solaris

 

Applications Including:

    • Microsoft Office 365 
    • Microsoft Active Directory, Exchange, SQL, SharePoint
    • Oracle and SAP HANA Databases

 

Benefits

  1. Protect all your workloads
  2. Support for all major platforms
  3. Implement a confident disaster recovery strategy
  4. Reduce TCO on data retention

 

VEEAM Availability Suite

Veeam Backup and Recovery + Veeam ONE provide superior ransomware detection and prevention capabilities.

 

VEEAM Availability Suite + Storcom DRaaS for DATA PROTECTION 

 

VEEAM Availability Suite and Storcom DRaaS for DATA PROTECTION

We are Veeam Experts!

Interested in a Veeam Demo?

Fill out the form below or give us a ring: 866-610-7472

Learn More About Veeam Today!

  • This field is for validation purposes and should be left unchanged.

 

Veeam Ransomware Statistics

 

96% of Veeam customers cut their average ransomware recovery costs under $5,000

 

76% of Veeam customers have to spend NOTHING AT ALL

What is Ransomware?

What is Ransomware?

Ransomware is a maliciously-created malware that finds and encrypts an organization’s files and storage to render them unusable. 

Through entry points like phishing emails, users can unintentionally allow this attack into their organization. 

Cybercriminals use malware to extort money from companies, which is given the option to pay a high ransom to de-encrypt the data or rely on a backup to restore. However, many ransomware attacks also seek out all production and backup files and documents. By encrypting those too, the attack leaves the organization no choice but to meet the cybercriminals’ demands if they want to access their data.

 

How should I prevent ransomware?

How can I prevent ransomware?

Veeam backup products are known for being simple, flexible and reliable — attributes that are key to your resiliency efforts. When it comes to a ransomware incident, resiliency is completely predicated on how you implement your Veeam backup infrastructure solution, the behavior of the threat and the course you take in remediating the threat.

Veeam’s 5 Simple Steps to Prevent Ransomware

1. Keep all software up-to-date

2. Perform a threat analysis with your security team

3. Train your staff on cyber security best practices

4. Back up everything at least once a day

5. Send a backup copy offsite

 

Ransomware Prevention Recommendations

Here are 12 recommendations on how to prevent ransomware in order of importance:

Rank Recommendation
1 Secure or limit the use of RDP

Remote Desktop Protocol (RDP) can be beneficial, but you need to ensure its security.  Malware can sneak into RDP connections, and have an open front door into your environment.  And in most cases, under quite high access management rights.  Without many exceptions, all RDP instances should require multiple levels of access and authentication controls. This would include the use of a VPN to access an RDP instance and requiring a second factor for authentication with lockout policies.  Most of all the end-point using RDP must also come under mandated security policies.  Ensuring the protection of the local end-point is the first step in defending from RDP attack.

2 Protecting all data types and sources from ransomware

Your organization has many different data types – structures, unstructured files, databases, workloads, both physical and virtual, applications, and even cloud apps.  Everyone needs a plan to ensure protection from ransomware.  While ransomware may start with files, it will quickly overtake workloads and applications, bringing systems crashing to a halt.  A modern data protection system can provide support across your multi-cloud, virtual, and physical environment.  Ensuring your ransomware strategy is ubiquitous across all data sources.  Veeam Backup and Replication offers a unified solution for backup and ransomware protection for all your data, workload, and application types

3 Invest in endpoint protection and backup

Critical data is being stored more and more on mobile devices and laptops.  As the workforce becomes increasingly mobile, so does data. Organizations should invest in a sound malware detection system for all endpoints, as well as local backup to protect data. Endpoint protection can backup files to a local device, as well as to a local datacenter or cloud instance that is replicating to an immutable store.  Ensuring the data is protected if a ransomware attack occurs, and can be restored with little downtime.  Veeam Backup and Recovery provides backup for both Windows and Linux servers, workstations and laptops.

4 Enable a solid ransomware detection solution

Detect, protect, and restore are your key actions for Ransomware protection.  Detection can be assisted through a security system monitoring for malware, and also through tools looking for changes in the environment.  Ransomware causes signature changes in systems that can be compared to “normal behaviors” by looking for unexpected increases in memory, CPU, and especially storage.  Veeam ONE (part of the Veeam Availability Suite) can help by looking at suspicious activity occurring in your data center is through the Possible Ransomware Activity alarm.  By examining normal behaviors overtime, Veeam ONE can intelligently detect unexpected changes and alert you to examine them more.

5 Educate users to the danger of Phishing attacks via email

The vast majority of malware delivers through infected documents.  Users open up an attachment, and the malware is unintentionally injected into their system, and eventually onto the network.  Systems must be implemented through email gateways to look for suspicious attachments and masked email addresses.  In conjunction with this, user training needs to be mandated to be on the lookout for possible phishing attacks – how to spot real or fake email and best practices when dealing with attachments.  This is not only important for the corporate email but as many users access their private email on work devices, they need to practice the same discipline.

6 Deploy immutable backup

Immutable backup uses on-premises or cloud-based (for example, AWS or Azure) object storage to protect backup files.  By utilizing ultra-resilient backup storage and the 3-2-1 Rule (thee copies, two storage systems, and one backup offsite), you can expect to be protected.  By replicating your backups to AWS or Azure object storage, you can meet the need for the 3-2-1 rule and take advantage of data immutability where data can be read but not altered or deleted.  Therefore even if a malicious attack occurs, your cloud-based replicated backup cannot be harmed.  Veeam Backup and Recovery provides the integrated capability to replicate your data to any object storage systems with immutability.  Managing the replication and life-cycle of the data and automating the restoration if needed.

7 Define role-based backup accounts to protect at-large attacks

There is often a single master backup account and if it’s account credentials are compromised, it can provide unabated access to your backup files.  By investing in role-based backup credentials, you can protect backup across your organization – with the added security layer of Multi-factor Authentication (MFA) to ensure a simple password is not the only form of prevention.  Veeam Backup and Recovery can provide role-based security to backup files, as well as integrated MFA providing a more secure access experience.

8 Create a regular cadence for systems updates

Most vendors patch vulnerabilities as quickly as they are found; however, bad actors rely on the slow patching cycles of organizations to take advantage of these vulnerabilities.  Patching can be time-consuming and disruptive to the business. Still, it is crucial for protecting against malware.  Systems that aren’t (or cannot) be patched regularly should be isolated in virtual networks to protect them from direct hacks.  Veeam Backup and Replication can accelerate patch testing and deployment, enabling you to test updates using the latest production backup in an isolated environment before deployment.

9 Perform recovery verification for all backups

Backing up data often goes smoothly but often problems occur when restoring it. What happens if malware is also backed-up?  There could be potential for reintroduction back into the environment weeks or even months after a clean-up.  Backup verification is an automated process where data is proactively restored into an isolated virtual sandbox environment.  It is then tested to ensure the expected restore results are successful.  Veaam Backup and Replication provides automated data verification for all workloads. Continually testing the success of the backup, and the experience of recovery using DataLabs – a virtual sandbox protected environment. During this restoration test, virus scanning for malware such as ransomware also occurs, providing 100% malware-free recovery guarantee.

10 Isolate over-the-wire backup and replication using the public internet

When using the public internet, endpoint backup and replication to offsite storage (like cloud) can be a potential security risk.  Malware can piggyback onto these communications and ultimately infect the destination environment.  Simply using VPNs for all internet-based communication can protect the data, aligned with data encryption, to provide a strong platform.  Veeam offers Site-to-Site VPN through Veeam Powered Network. This free Veeam solution supplements the Veeam functionality of replicate and restore to cloud repositories (Azure, Amazon EC2) and allows you to create a VPN connection between remote sites over the public network.

11 Enable automated disaster recovery to restore rapidly

The key to fast recovery is automation and orchestration.  You don’t want to be spending valuable time looking through backup files at what to restore when systems are down.  Automated recovery systems document the environment recovery procedures to meet your specific RTOs and RPOs.  Keeping them current as new systems are created and testing the plan (and verified recovery) frequently to ensure its meeting expectations.  Veeam Availability Orchestrator delivers a reliable, scalable, and easy-to-use orchestration and automation engine that’s purpose-built for today’s business continuity/disaster recovery (BC/DR) needs.

12 Define and manage your ransomware restoration plan

Every company needs to have a solid ransomware restoration plan.  Like a DR plan, this is the guide you turn to when the unthinkable happens, and your systems are now available.  This plan provides the step-by-step guidance on how to purge current systems, and restore from your immutable backup (while scanning for possible malware intrusions in the backup files). Veeam Availability Orchestrator (VAO) is designed to assist your Ransomware restoration plan.  VAO is a one-click solution to bringing up everything from your critical application to your entire site from one window. Plus, through dynamic documentation, as your environment changes, your plans will keep updating to ensure all workloads and data can be recovered.

 

To find implementation recommendations for ransomware resiliency, then explore the following guidance:

  • Protection of the Veeam Backup & Replication™ server and components
  • Implementing Veeam capabilities for ransomware detection
  • Ultra-resilient backup storage and the 3-2-1 Rule
  • Multiple recovery techniques configuration
  • Endpoint protection
  • Network-attached storage (NAS) protection
  • Veeam encryption of backup data
  • Orchestrating recoveries of backups and replicas

How can I recover from ransomware?

With Veeam and Storcom, our approach to ransomware remediation is this:

  • Don’t pay the ransom
  • Restore the data — this is the only option

In spite of all of the education and implementation techniques that you may employ to stay resilient against ransomware, you should be prepared to defend against a ransomware incident if a threat is introduced. But what you may not have thought about is specifically what to do when a threat is discovered.

Are you prepared against ransomware?

Knowing all the options to help protect your environment is great but it’s time to put the pieces together. The question you should be asking is not “If it will happen?” but “Are you prepared when it does happen?” Do you know your backups are safe? If you restore those backups, do you know that your applications will be in a proper state? Do you know how long it will take to recover your data in the event of a disaster? Is there a plan in place of what servers must be brought online first and who will need to be involved to make that happen? Are you waiting for ransomware to activate in your environment or are you taking steps to mitigate damage before it happens? This article will help you take the steps today to answer those questions and what tools we offer to make this possible.

Test backups

Testing backups is just as crucial as taking the backups in the first place. This brings up the concept we discussed earlier with 3-2-1-0, meaning 0 errors. There are several ways to test the backups: manually restore the machine and test components with Instant Recovery or full machine restore, leverage SureBackup jobs to automatically bring up and test the components in an isolated environment, and using Veeam Availability Orchestrator to test in a disaster recovery environment. The following sessions will cover how you can use SureBackup and Veeam Availability Orchestrator to automate some of your testing.

SureBackup

SureBackup is a process that spins machines up from backup files or replicas in an environment that is isolated from your production network so they can be tested with various scripts. There are three preconfigured types of tests you can run out of the box with SureBackup: Heartbeat with VMware tools, Ping test from the Veeam Backup & Replication server to the isolated VM, and application tests, both preconfigured and custom. The heartbeat test uses VMware tools installed inside the guest to make sure that the guest operating system is running in a consistent state.

The ping test is done by the Veeam Backup & Replication server to the isolated environment where the VM is running to make sure the network interface is up and if the machine can respond. When running application tests there are a number of predefined scripts that can be run for different server roles: testing ports for DNS, checking and updating the bur flags so that a domain controller comes up in authoritative or non-authoritative state, mail and web server response, and a script to check that SQL databases are available.

Beyond the predefined scripts, SureBackup can run custom scripts if there is a specific application that needs tested outside of what is already provided. This is a powerful feature built into the Veeam Backup & Replication test and verifies your machines within the backups.

 

Veeam Availability Orchestrator 

Veeam Availably Orchestrator is a one-stop shop for automating and testing your DR site. This application not only tests your DR site replicas but provides detailed reports on the components boot-up time, giving accurate RPO and RTO readings.

Veeam Availability Orchestrator provides a one-click solution to bringing up everything from your critical application to your entire site from one window. The custom reports allow you to make detailed records of the DR site health, reports to hand up the management chain, component health reports for application owners and so much more.

Make a plan

Last but very much not the least, create a plan for any type of disaster that can happen and not just ransomware (weather, malicious admin, etc.). What every company needs in a disaster is going to be different but a great place to start is by asking questions and gathering information.

Some top points that should be addressed: determine what machines are mission critical, who are the application owners and who to call when one is down, what is the company’s threshold for data loss in the RPO/RTO, what are the compliance and regulation needs that need to be accounted for, if the cloud is in the picture and what support contracts you have.

Make sure the plan includes conversations with all departments, so nothing is missed, and create a backup in case something in the plan fails. The most important part of planning is scheduling a maintenance window to test that plan for faults.

Conclusion

In short, no company is immune to disasters such as ransomware. If it hits and there is no plan, then the damage can exponentially be worst. There are many great tools Veeam offers to alleviate the pressure that comes with planning for the worst day but the first place to start is with a meeting to see and address the company’s needs. Contact Storcom today to learn more!

Common Ransomware Infection Methods

Common Ransomware and Malware Infection Methods:

Trojans: the most common attack vector; email attachments that contain malicious macro attachments are the chosen method here.

Removable media: very simple way to infect a PC as users generally trust those devices.

Ex. A study by Google and two US universities: dropping an USB stick in public places was a simple and effective way to trigger human curiosity, with a full 49% of the ‘bait USBs’ being plugged into a computer by people who found them.

Malvertising: attackers compromise the weak infrastructure of an online ad network that serves adverts to legitimate websites. Users are tricked to download malware through display ads.

Social media and SMS: ransomware is delivered through shortened links; it is often JavaScript based, so it requires little action on the users part, other than to click the link.

Popular Ransomware Strains

Popular Ransomware Strains

Reyptson: Distributes itself through a spam email campaign from victim’s computer.

Wysiwye: Scans the web for open RDP servers and, once in, infects entire network. 

Ryuk: Targets high enterprise companies, encrypts data and halts operations.

WannaCry: Exploits a defect in Microsoft’s implementation of SMB protocol.  

11 Seconds

A ransomware attack occurs every 11 seconds

$20 Billion

USD spent on ransomware attacks

$80,000

Average cost of a ransomware attack

CHOOSE TRUSTED PARTNERS IN RANSOMWARE PROTECTION AND PROTECTION WITH VEEAM AND STORCOM.

 

VEEAM RANSOMWARE PROTECTION ALLIANCE 

The Veeam Ransomware Protection Alliance brings together some of the most powerful solution providers in the industry with the #1 ransomware recovery solution. Veeam ransomware protection integrates with IT solutions from Cisco, Lenovo, Pure Storage, Hewlett Packard Enterprise (HPE), Cloudian, and Amazon Web Services (AWS).

Amazon Web Services logo HPE solution provider Chicago

Veeam Insights and News

Learn more about Veeam's products and services.

Veeam + Storcom: Top 6 Reasons Why You Need an Office 365 Backup

Many people ask “why do I need to backup my Microsoft O365 data?” Well, simply put, backing up your data is your responsibility…not Microsoft’s. 

www.youtube.com

Veeam Modern Backup Buyers Guide Technical

This guide provides directions into what capabilities to look for and offers questions as businesses evaluate their companies’ specific needs regarding backup and data protection solutions.

Veeam and Storcom Ransomware Prevention and Protection in 2021 Webinar

What is Ransomware? What is the History of Ransomware? How is Ransomware Evolving in 2021? How Can I Prevent and Protect My Business Against a …

www.youtube.com

Veeam Backup For Microsoft Office 365 V5 Data sheet

Learn more about Veeam Backup For Microsoft Office 365 V5 with our data sheet

Draas For Dummies Veeam Software Special Edition

Read Veeam’s DRaaS for Dummies eBook! 

Beat Ransomware: Education, Implementation, Remediation

Beat ransomware: Education, Implementation, and remediation with Veeam

40 Recovery Options in Office 365 Backup v5

Learn more about the 40 recovery options in Veeam Backup for Microsoft Office 365.

IDC Report: Veeam Backup for Microsoft Office 365

Why a Backup Strategy for Microsoft Office 365 is Essential for Security, Compliance, and Business Continuity

O365 Backup For Dummies: Veeam Software Special Edition

Check out this eBook on O365 Backup For Dummies: Veeam Software Special Edition

IDC Report: Why Backup Microsoft Office 365

Read the IDC Report and learn why you should backup Microsoft Office 365

Veeam Executive Summary on Ransomware

Ransomware: A modern threat to modern data. Read the executive brief. 

IDC: Veeam Five Key Factors Consider HCI Data Protection

This white paper specifically focuses on how Veeam aims to create business value for enterprise customers by ensuring the “data protection, data recoverability, data availability, and data management” — to use Veeam’s own words — within hyperconverged infrastructure.

Veeam Backup Replication 10 Data Sheet

Veeam Backup & Replication:Seriously powerful, modern data protection.

Veeam Agents Datasheet

Veeam® Agent for Microsoft Windows v4, a key component of Veeam Backup & Replication™, is a comprehensive backup and recovery solution for Windowsbased workstations, physical servers and cloud instances that enable organizations to protect their heterogeneous environments from a single management console and minimize interruptions to their business. 

2020 Gartner Magic Quadrant Disaster Recovery

 Licensed for Distribution

Backup, Recovery, and Migration of Mission-Critical Workloads on Azure

Veeamhas a long history of collaborative innovation with Microsoft, including thedelivery of tightly coupled solutions that enable customers and serviceproviders to harness the robustness, scalability and agility of Microsoft Azure.This often includes ensuring that mission-criticalworkloads running in Azure are as protected as possible with purpose-built backupand recovery that complements the varying native resiliencies withing aspectsof IaaS and SaaS. Regardlessof what percentage …

Veeam Acquires Kasten for Kubernetes-Native Backup and DR

We’re excited to announce Veeam’s acquisitionof Kasten, the leader in data backup, disaster recovery and mobility forKubernetes. Veeam has admired Kubernetes-native approach and recently announceda partnership with Kasten in May 2020. In many ways, Kasten’s approach toKubernetes mirrors the approach of Veeam to vSphere in the early days ofvirtualization. In collaboration with a passionate set of customers, theydeveloped and delivered a Kubernetes-native data management experience desig…

Top 3 Things You Didn’t Know You Could Do with the VAO v3 API

VeeamAvailability Orchestrator v3 was a massive release that brought a greatdeal of features and functionality to this already awesome product, such assupport for NetApp ONTAP Snapshots. Today, I want to focus on one of thefeatures that sometimes gets overlooked, the VAO v3 API. Since v1, VAO has hada Rest API that has been enhanced further with every release. The new featuresof VAO v3 have been seamlessly integrated into the Rest API. Let’s take a closer look at the top threethings y…

Everything You Need to Know About Buying Modern Backup

Modern backup seems to be such a hot termat the moment, and everyone is jumping on the bandwagon. It reminds me of thoseshopping network commercials late at night (well I guess they’re 24 hours a daynow … I’m showing my age!) where the host is screaming about the product andhow it will change your life. There is a lot of that going around, so how doyou weed out what is good and what is not? Let’s take a look at ways you can approachthis exact task. The need for modern backup First le…

What Solution to Use for Azure Data Protection

The cloud adoption is inevitable, but thereare some new considerations to make on this journey. We’ve been warning ourcustomers to not just blindly copy their existing data protection strategies whenswitching platforms, and instead, use the opportunity to challenge the statusquo and embrace new practices. Today, I wanted to bring my own perspective intoMicrosoft Azure data protection challenges and talk about Azure Backup, a nativeIaaS backup offering, as well as show when its capabili…

Californian city modernizes data protection with Veeam to keep residents safe

With the Californian city of Rancho Cucamonga looking to replace its legacy backup it turned to Veeam to modernize data protection by simplifying backup and increasing recovery speed 99% and ensuring public safety information is available around the clock. Rancho Cucamonga is one of the largest cities in Southern California and it’s growing at a steady rate. According to the Southern California Association of Governments (SCAG), the city’s population grew by more than 38% between 2000 and 20…

Veeam Awarded the 2020 Go-To-Market Partner of the Year Award from Nutanix

September 10, 2020 01:10 PM Eastern Daylight Time COLUMBUS, Ohio–(BUSINESS WIRE)–Veeam® Software, the leader in Backup solutions that deliver Cloud Data Management™, today announced that it has been awarded the 2020 Technology Alliances Go-To-Market Partner of the Year by Nutanix (NASDAQ: NTNX), a leader in enterprise cloud computing. Nutanix recognized Veeam as the sole recipient of this award during Nutanix’s Global .NEXT Conference and Partner Xchange Digital Experience. Veeam and …

Veeam & Microsoft: Data Protection Across Datacenters, Edges, and the Cloud — Redmondmag.com

Veeam unveils VASPs

Veeam has rolled out some enhancements to its ProPartner programme and revealed that it is working with 50 accredited services partners. The data management specialist has awarded the Veeam Accredited Service Partner (VASP) ranking to those that have demonstrated high levels of expertise and technical knowledge. Each one is given a dedicated technical leader from the vendor. There are four VASPs in the UK: Nexus Open Systems, Comms-care, Xtravirt and Tech Data. “Businesses are more reliant o…

Why disaster recovery is the last line of defense against ransomware

Criminals need two things to make a ransomware attack work for them; a penetrated IT security system, and inadequate or non-existent backup and disaster recovery. Sadly, this is an all too common state of affairs, as illustrated by Garmin, the latest high-profile victim of ransomware. At time of writing, the company is slowly restoring its GPS tracker and navigation services. But it is thought to have paid up to $10m to the ransomware attackers to gain access to the decryption key, according…

Veeam Backup for Office 365 adds Microsoft Teams protection

Cybersecurity and threat news for Europe, the Middle East & Africa Veeam Software has announced the general availability of the latest version of the company’s fastest growing product — Veeam Backup for Microsoft Office 365.  Version 5 adds purpose-built backup and recovery for Microsoft Teams, making it easier for users to quickly find and restore Teams data, including entire groups, specific channels and settings.  Veeam says protecting this data is more critical than…

Veeam roadmap: Cloud, containers, virtual VeeamON 2021

Veeam Software said its sales have held up well during the pandemic, with a 21% year-over-year increase in annual recurring revenue last quarter. The backup software vendor also said it has passed 400,000 customers. Veeam claimed 500,000 users have downloaded version 10 of Veeam Backup & Replication since its release in February, a figure that includes the free Community Edition. Veeam, a privately held company, does not need to disclose its revenue but said it had over $1 billion in annual …

First Step to Protecting Your Backups from Ransomware

Ransomware: every admins’ worst nightmare. And when one strikes, everyone starts blaming someone else. The security admin points the finger at the network admin for allowing the attack into the network. The network admin accuses the storage admin for not having more secure write access to the storage. In the end though, the business is going to want their data back regardless of who's fault it is and guess who’s in charge of making sure that data was backed up? The backup admin. You may have…

Veeam Reports 22% Growth in 2020 as Demand for Modern Data Protection Increases from Businesses of All Sizes

February 10, 2021 07:05 AM Eastern Standard Time COLUMBUS, Ohio–(BUSINESS WIRE)–Veeam® Software, the leader in Backup solutions that deliver Cloud Data Management™, today reported results for its fiscal year 2020. Veeam kicked off 2020 with the completion of its acquisition by Insight Partners, which was announced on Jan. 9 at a valuation of $5 billion, setting the pace for a year of substantial growth and expanded success across all market segments, culminating with Veeam’s acquisition …

Why Object Storage for a Microsoft 0365 Data Backup

by:Dave Kluger, Storcom CTOThere are many reasons to consider object storage for a Microsoft O365 data backup. With today’s strict regulatory requirements, retaining email and other communication data in a centralized, manageable repository remains the most secure strategy.  A company’s electronic communication data, which includes email and social media content, can be used as evidence in everyday workplace disputes and legal proceedings.  This includes investigations, Freedom of Informat…

The 6 Key Reasons To Have a Microsoft Office 365 Backup

As a robust and highly capable Software-as-a-Service (SaaS) platform, Microsoft Office 365 fits the needs of many organizations perfectly. Office 365 provides application availability and uptime to ensure your users never skip a beat, but a Microsoft Office 365 backup can protect you against many other security threats. You or your boss might be thinking, “the recycle bin is probably good enough.” However, this is where many people get it wrong. The average length of time from data compromi…

The 6 Key Reasons To Have a Microsoft Office 365 Backup

As a robust and highly capable Software-as-a-Service (SaaS) platform, Microsoft Office 365 fits the needs of many organizations perfectly. Office 365 provides application availability and uptime to ensure your users never skip a beat, but a Microsoft Office 365 backup can protect you against many other security threats. You or your boss might be thinking, “the recycle bin is probably good enough.” However, this is where many people get it wrong. The average length of time from data compromi…

How Does Veeam Help Prevent Ransomware?

 

Protect backup data from an attack

Air-gapped or “immutable” backups offer a powerful technique for being resilient against ransomware and other threats.

Enable a replica of your backup, stored out of the reach of cyberattacks, utilizing controls that ensure deletions or changes cannot happen without strict multi-level approvals. Veeam Scale-Out Backup Repository (SOBR), partnered with Capacity Tier (also known as Cloud Tier), enables an easy-to-use capability that writes backup data into object storage either on Microsoft Azure, Amazon Web Services (AWS), IBM Cloud or any platform that supports object store. Using AWS S3 or select S3-compatible storage, you also get access to Object Lock, enabling backup data to be stored as an immutable backup.

 

Detect ransomware

Detecting a ransomware attack in its initial stages can be difficult.

Veeam ONE provides the ability to monitor your environment closely and be aware of any suspicious or abnormal activity. By analyzing CPU usage, datastore write rate and network transmit rate, Veeam ONE can help identify if there are higher than normal amounts of activity on a particular machine. When the alarm is triggered, this immediately notifies you to inspect the machine, look at the resource counters and determine for yourself whether or not the activity is normal. If it’s not, this is a good indicator that more steps should be taken to determine if ransomware is the culprit.

 

Ensure ransomware-free backups

Viruses can be undetected and dormant in your current systems, ready to pounce. Use the power of your backup to root out ransomware threats before they attack.

At all stages of backup and recovery, you want to be protected. Keep ransomware out for good with an automated step to scan the backup for malware, delivering confidence for future restorations. Veeam SureBackup provides immediate notice that a system may not be recoverable due to an undetected ransomware or malware threat.

 

Restore guaranteed virus-free workloads

What happens if your backups have an undetected virus? Viruses can be undetected and lay dormant in older backups. Make sure you can protect yourself.

What happens if your backups have an undetected virus? Viruses can be undetected and lay dormant in older backups. Make sure you can protect yourself.

Secure Restore enables a complete anti-virus scan of your backups when restoring. Having access to the latest virus definitions helps safeguard against previously unknown viruses, providing greater confidence that dormant threats won’t be reintroduced back into the environment.

 

Test your workloads securely

Unsure of a current workload? Suspect that it may be infected? Restore them into a fully secured and isolated environment to test.

Tap into the power of Veeam DataLabs to restore data, workloads and applications into a fully isolated virtual sandbox environment. Test for cyberthreats and other issues while performing potential remediation activities — without impacting any production systems.

 

Ransomware Risk Assessment

Did you know that cyber threats like ransomware were voted the #1 challenge that IT faces today in a recent Veeam global survey? That beats out skills shortage, managing changing customer needs, and even economic uncertainty.   Preparation for ransomware may not merely be a secure front door.  As the majority of ransomware is released into your organization by innocent use behavior, it can sometimes leap your security management systems.

With the costs of ransomware recovery reaching over $85k (USD) if not adequately prepared, is it time you took a quick look at your preparedness?

 

Top 3 Business Implications of Ransomware

The top 3 capability groups Storcom addresses when conducting a Ransomware Risk Assessment are:

1. Risk Management

The challenge of IT is always how to provide the most productive and best experience for users and for customers, while balancing security risk.  Too much control, and productivity suffers, as well as customer satisfaction when new experiencers and features can’t launch rapidly.  To loose, and you invite bad practices that can hinder security and open the door for malware attacks like ransomware.

Standard RDP ports and simple passwords policies provide a haven for an easy attack.  Email monitoring can only do so much; you need to train end-users on how to identify suspicious attachments and phishing emails.  Unpatched systems become easy targets for malware transport when vendors quickly offer patches for most known vulnerabilities. And open internet transport, without using a secure VPN for all your internet-based backup traffic (including replication to off-site and cloud-based storage) can mean malware can piggyback into your protected backup systems. The following components of Risk Management should be assessed:

Remote Desktop

Remote Desktop Protocol enables you to control PCs and servers remotely.  This provides a fast and friendly user experience to manage IT and solve problems but does open up further attack vectors for your organization.

Email risk

Most ransomware attacks happen through email.  The outcome of a user accidentally opening up an unknown attachment that contains malware.  Do you have adequate email monitoring protection for suspicious attachments?

Internet Connection

The internet provides a powerful productivity tool; however, it does come with a fair amount of risk.  Exposing backup infrastructure to the internet can expose backup data to direct attack.

Endpoint Protection

Endpoints (PCs, laptops, smartphones, IoT devices, etc.) represent key vulnerable points of entry for threats. Endpoints are where attackers execute code and exploit vulnerabilities, as well as attack assets to be encrypted, exfiltrated or leveraged.

Systems Updates

Updates and patching can be time-consuming. However, they provide a necessary defense against new and existing attacks.

 

2. Protection & Recovery

Ransomware can affect any size business, stopping work, sales, and releasing critical data. Unfortunately, it’s not IF, but WHEN.  A malware-infected attachment in an email can cause devastating damage by encrypting production and backup files. Leaving you no choice, to either rebuild or take the chance to pay the ransom.  Either one is q going to be a long, painful experience.  Organizations need to have a ransomware plan in place that is tested and documented.  Without it, they are always on the back-foot, now knowing what is infected when restoring and possibly re-infecting previously clean systems.

However, ransomware protection is not one-size-fits-all.  Your data is as unique and needs to be treated as such.  Whether it’s a SQL data, file source, workload, or even SaaS-based, each one needs a specific backup, protection, and restoration plan. Without a modern data protection system that can manage, protect, and, if required, automate restore, the results could be very costly. The following components of Protection and Recovery should be assessed:

Ransomware Detection

Two types of detection are needed to be fully covered – real-time monitoring of endpoints and workloads, and malware detection as part of backup restoration.

Ransomware Incidents

Having a tested ransomware incident response plan is vital for any size organization.  This takes the guesswork out of what’s next and ensures a fully purged environment ready for clean restore.

Ransomware Strategy

Protect the data from the broad set of workloads, files, applications, and SaaS-based services (like Office 365) without a unified tool can be challenging.  While each resource type has specific backup needs, they are all possible attack targets for ransomware and need a singular data-protection management plane.

 

3. Data Protection

Your organization protects troves of sensitive data.  Without trustworthy security investments, you may not detect, contain, and repair all threats and cyberattacks. You can lose or expose customer, personnel, and mission-critical information—ultimately losing consumer trust.  Cyberthreat protection is not all about stopping threats at the front door.  Intelligent attacks sometimes get through even the best defense systems.  You need a system that can protect crucial data from attack, when malware may be infecting your production systems.

Air-gapped (or immutable) backups ensure 100% protection from rogue attacks, protecting essential restore information if production data is infected.  Automated restore systems take the manual effort (and drag) into getting production systems back online.  In the event of a catastrophic ransomware attack, you want to have the confidence you can purge, restore and be back online in no time at all – with no effect on your customer satisfaction. The following components of Data Protection should also be assessed:

Immutable backups

Immutable backups provide a physical separation from your production sites using mechanisms like object storage (either on-premises or the cloud).  Enabling solid protection for your backup’s from ransomware threats.

Backup Account

Passwords are always the weakest link.  By using separate accounts for production and off-site storage backup data (like immutable backups), it offers another level of protection.

Recovery verification

Systems that automatically test backup data as well as an entire DR test frequently.  Using virtual lab technology, modern data protection solutions will restore and launch systems from backup to ensure recovery validation.

Disaster Recovery

Many backup and recovery systems can provide DR, but does it have to be a manual process?  Recovery can be learned through intelligent orchestration and used not only for verification testing but also for the restoration of production environments.

 

Contact Storcom Today! 

We are a top Veeam solution provider and we would be happy to give you a demonstration on how Veeam’s solutions can help prevent and protect your systems from a ransomware attack, or perform a Ransomware Risk Assessment!