Ransomware is one of the most common ways businesses cause data loss, and it takes steps beyond relying on a single security software to prevent them. Rick Vanover, Senior Director of Product Strategy at Veeam, mentioned the importance of strengthening the firewall in preventing data breaches and recalled that the weakest link of the defense wall is people in most cases. to trust.”
According to the Veeam Ransomware Trends Report 2022, 73 percent of organizations were affected by at least two ransomware attacks last year. In most cases, the weakest element of digital defense, ‘humans’, is key to getting cybercriminals into the corporate network. Phishing remains the preferred tool of hackers and data thieves to gain unauthorized access. This is confirmed by the results of the Verizon Data Breach Report. While reservists often serve as the last wall of defense against usurpers, the right credentials can bring down even this stronghold. As a result, companies need to realize that their own employees also create unwanted threats. The best way to manage this risk is through “Zero Trust”.
Focus on processes instead of hardware
By saying that Zero Trust is not a standalone product, but a paradigm intertwined with corporate culture, Ranover reminds IT managers to consider which employees need access to which content, applications, networks and data. “This goes doubly for storage because: Backups are in many cases the lifeblood that keeps businesses running. However, if this anchor is damaged, downtime increases rapidly and recovery becomes nearly impossible.” Therefore, storage-related roles and permissions must be assigned very carefully, Rick Vanover warns: “Only dedicated personnel and storage administrators should have access to backups. But what if, despite these precautions, the administrator user account falls into the wrong hands?”
“Fixedness” as an important tool
“Consistency” is the only way to permanently protect backups from the wrong hands. In storage, this means saving backups in an immutable, read-only format, so to speak. This prevents all data and backups from being encrypted, even in the case of, say, a ransomware group infiltration. Arguments for different variables can be quickly found when specifying immutable backup intervals in various options, from isolating security solutions to AWS S3 Object Lock. However, it is important that they are implemented as an integral part of the backup strategy. This ensures that if access falls into the wrong hands, the security of backups remains intact and data can always be recovered in the event of an emergency.
No trust in modern data protection is a process
Implementing Zero Trust in Storage is a time consuming and then regularly reviewed process to ensure continued security. Phishing attacks will certainly remain one of the biggest threats to organizations and their data, as employees remain the biggest defense risk. However, it is possible to minimize this risk as much as possible if roles and privileges are assigned according to the zero trust paradigm. This is a backup of your indispensable ransomware defense wall.
Source: (BYZHA) – Beyaz News Agency
Source: Haber Safir
I’m Sandra Torres, a passionate journalist and content creator. My specialty lies in covering the latest gadgets, trends and tech news for Div Bracket. With over 5 years of experience as a professional writer, I have built up an impressive portfolio of published works that showcase my expertise in this field.