INFRA
INFRA
INFRA
Immutable object storage may be best ransomware defense, says analyst
An ounce of prevention is worth a pound of cure. Security officers know it, but so do hackers; hence the growth of cleverly camouflaged ransomware. WannaCry ransomware infected more than 230,000 computers by getting users to click on innocent-looking links to breaking news or even fake WannaCry protection offers.
“You can’t prevent someone from clicking on a link,” said Edward Haletky (pictured), principal analyst at The Virtualization Practice LLC.
Prevention, of course, has its place in any security strategy, Haletky said in an interview at this year’s VeeamOn in New Orleans, Louisiana. However, it’s just one of several crucial layers, he told Stu Miniman (@stu) and Dave Vellante (@dvellante), co-hosts of theCUBE, SiliconANGLE Media’s mobile livestreaming studio. (* Disclosure below.)
On the front end, organizations should mitigate risk as much as possible. Measures may include anti-phishing tools or policies against accepting encrypted payloads, Haletky stated.
The mid-tier of the security architecture should focus on data protection, detection and legal holds, he explained. The legal hold is basically a “do-not-delete” mark on the recover point previous to the current one. The point is to save the extra restore point in case the current one has corruptions that are not yet detectable.
Object of the game
Storing backups on an immutable target further fortifies them against breach, according to Haletky. The best immutable source today is object storage with versioned rights, he added. Every version written is immutable, meaning it is non-rewritable and cannot be changed.
A user may restore from a target provided by backup software, for instance. “But let’s say that gets corrupted. Now I can go back to the object store as the ultimate source,” he said.
Immutable object storage is not quite the final security stage. “It’s the pre-archive; it’s kind of like, ‘OK, put it there, and then I may archive that off on a retention schedule,'” he concluded.
Watch the complete video interview below, and be sure to check out more of SiliconANGLE’s and theCUBE’s coverage of VeeamOn 2017. (* Disclosure: TheCUBE is a paid media partner for VeeamOn 2017. Neither Veeam Software Inc. nor other sponsors have editorial influence on theCUBE or SiliconANGLE.)
Photo: SiliconANGLE
Since you’re here …
… We’d like to tell you about our mission and how you can help us fulfill it. SiliconANGLE Media Inc.’s business model is based on the intrinsic value of the content, not advertising. Unlike many online publications, we don’t have a paywall or run banner advertising, because we want to keep our journalism open, without influence or the need to chase traffic.The journalism, reporting and commentary on SiliconANGLE — along with live, unscripted video from our Silicon Valley studio and globe-trotting video teams at theCUBE — take a lot of hard work, time and money. Keeping the quality high requires the support of sponsors who are aligned with our vision of ad-free journalism content.
If you like the reporting, video interviews and other ad-free content here, please take a moment to check out a sample of the video content supported by our sponsors, tweet your support, and keep coming back to SiliconANGLE.
