From Snapshots to Resiliency: Safeguarding Your Business
No one wants to rely on the backup quarterback to secure a big win in the playoffs. You always want your star player on the field, as they are a known and proven factor. Similarly, you don’t want your business to depend solely on a backup solution in the event of a ransomware attack because backups can be an unknown factor as well.
Cybersecurity professionals recommend a 3-2-1 backup1 strategy as a means of recovery from ransomware attacks. However, restoration speed, quick rollbacks, and data integrity are critical items during a recovery. Restoring from backups takes precious time sometimes days or weeks. Something quicker and more efficient is needed.
Snapshots no Longer Enough
Snapshots have proven to be an effective way to counter ransomware attacks by providing point-in-time copies of data that can be quickly restored. They offer a fast recovery option without the lengthy process of traditional backup restoration. However, cybersecurity is a moving target, and threat actors constantly adapt their methods to counter defensive efforts. Ransomware actors have learned to delete snapshots before deploying ransomware, negating the effectiveness of a tool that once worked well. Enterprises now need a new strategy.
Resiliency is the Name of the Game
Resiliency prominence has grown because companies have realized that you cannot stop every attack. At some point, a privileged user account might be compromised, or a zero-day vulnerability could be exploited, opening the door for attackers to gain initial access. Resiliency is a strategy that refers to the ability to withstand and recover from disruptions with minimal downtime and ensuring continuous operation.
The key is to ensure that even if they gain a foothold, attackers cannot do something to cause significant damage or disruption. That “something” often involves your data – the crown jewels that fuel your business operations. Whether an attacker seeks to encrypt or delete your critical data, the result can be highly disruptive to your business. In most cases, when attackers infiltrate your enterprise, they eventually target your storage systems. That’s why you want to ensure that your storage solution is resilient enough to withstand any attack. This is where NetApp, a leading global data management and storage solutions company, comes into play. They are emphasizing data resiliency to ensure that their customers don’t have to experience the sting of a successful attack.
NetApp’s 3-Point Strategy
While the 3-2-1 backup strategy is an industry standard for ransomware go-to recovery solution NetApp still has a 1-2-3 strategy that proves highly effective against modern data attacks:
- Immutable/Indelible Storage Snapshots
- Storage Array Authentication that features multi-admin verify
- Data Protection provided by SnapMirror /SnapVault and SnapLock
Digital organizations have traditionally had a glaring weakness. If a single privileged user account, such as a global administrator, becomes compromised, an attacker can potentially move uninhibited throughout the network. However, this is not the case with NetApp, as these admin accounts are protected by multiple layers of security, including multifactor authentication (MFA) and its multi-admin verification (MAV) feature.
The Combined Power of MFA and MAV
First off, MFA adds an additional layer of security to accounts in case a password is compromised. An attacker would need to bypass both the password and the second factor of authentication to gain access. Even if MFA is overcome NetApp MAV is still in place enhancing security of critical actions. With MAV action such as volume deletion, changes to replication configurations, or modifications to security settings must be approved by one or more additional administrators from an approval group before they can be executed. In other words, a single compromised account, no matter how privileged, cannot unilaterally make unauthorized changes or deletions that could potentially disrupt operations or compromise data integrity.
Indelible Snapshots are Everlasting
Snapshots still provide an effective means to quickly recover from data deletion, encryption, or manipulation, as long as the Snapshot itself isn’t deleted. That’s why NetApp allows configuring customized snapshot retention policies that govern how long snapshots must be kept before being automatically deleted, ensuring they cannot be deleted by anyone during the retention period. Moreover, NetApp offers immutable/indelible storage where data can be written once and read many times but never modified or deleted.
Speaking of retention, SnapVault is another NetApp feature that enables replicating and retaining data for weeks/months/years in a vault location and with SnapLock compliance feature ensures data cannot be altered or deleted until a specifed retention date. SnapMirror replicates Snapshot copies from a source volume to an offsite destination volume, serving as a recovery of last resort in case of a disaster.
Resiliency is Native with NetApp
It wasn’t that long ago that enterprises were dependent upon third party solutions to integrate resiliency into their data storage environment. With NetApp, resiliency is built-in with everything you need to sleep soundly at night knowing that your data is safely protected. Even better, none of these resiliency features require any additional licensing as everything is included with ONTAP ONE. With NetApp, you no longer have to settle or compromise when it comes to safeguarding your organization’s most valuable assets.
While resiliency is native to NetApp, the features that enforce it are not enabled and configured out of the box. That’s where Evolving Solutions comes into play. Our dedicated NetApp storage teams have extensive experience implementing these solutions in a wide variety of environments.
We enforce best practices and ensure that your retention policies are ideally configured for your storage environment and retention needs. With Evolving Solutions, you can eliminate doubt or worry, knowing that your resiliency capabilities are optimized and robust because when it comes to your business, every day is game day.
1The 3-2-1 backup rule is a simple but effective strategy for keeping your data safe. It advises that you keep three copies of your data on two different media with one copy off-site.