Backup Exec — the first step to ransomware resiliency

In the last couple of years, ransomware has become a significant cybersecurity threat. According to the 2018 Security Risk report by Ponemon Institute, over 50 percent of small and medium businesses (SMBs) have been victims of ransomware attacks. In today's IT environment, SMBs must have a comprehensive backup strategy so, in the event of an attack, they can recover quickly. In this article, we will define the two types of ransomware, discuss how to minimize risk, and learn how Backup Exec is the first step towards ransomware resiliency.

What is Ransomware?
Ransomware is a form of malware that encrypts victim's data and demands a ransom to restore access to that data upon payment.

There are two types of ransomware: Crypto ransomware and Locker ransomware. Crypto ransomware encrypts the user's data so that it can't be accessed, whereas Locker ransomware doesn't encrypt the data but locks the user out of the device itself. In both cases, the attacker will demand a ransom to provide access to the data or unlock the device.

How to minimize risk?
Minimize risk by adopting a multi-layer approach.

Follow these three steps:

  1. Educate: Make your employees aware of potential threats.
    • Don'ts: Open suspicious emails, attachments, nor click on suspicious links.
    • Do's: Scan external storage and keep the anti-virus updated on all the machines. Beware of pop-ups and software with optional installs.
  2. Secure:
    • Install security software on all the machines and keep them up to date.
    • Ensure all the firmware, OS, and software patches are up to date.
    • Enable anti-virus and anti-malware software to auto scan and update.
    • Set up proper permissions and access control on the machines.
  3. Protect:
    • Backup your data regularly.
    • Ensure backups are successful.
    • Store the backups separately. Isolate them separately.
    • Secure your backups. Have data recovery capabilities.

Even though you educate people and secure your workplace environment, anything involving humans is not 100% protected. Even the anti-malware, firewall with IPS, or anti-virus doesn't claim 100% protection. Learn how Backup Exec can help you design a backup strategy to keep your data secure.

How can Backup Exec help mitigate damage from ransomware?
Backup Exec gives you fast, simple, complete, cost-effective protection and recovery for your data, wherever it lives. Protect your data from potential ransomware threats by using the following suggestions.

Apply 3-2-1 Rule
3-2-1 rule—keep a minimum of 3 copies of your data, store 2 backup copies on different storage, and 1 copy offsite. Using Backup Exec, you can configure disk, tape, network cloud storage, etc. on the Backup Exec Server, target backups on any storage, and duplicate the data to remaining storage devices.Picture1-edited.jpg

Shrink your RPO
Using the Backup Exec Scheduler, you can configure your backup jobs to run frequently so that your Recovery Point Objective (RPO) can reduce data loss to hours or minutes. While configuring a Backup job, go to Backup Options and select/set a schedule as per your RPO.Picture2-edited.jpg

Air Gap Backups
Keep an offline copy of your backup and isolate it from the network. Using Backup Exec, you can target your backups to tape or keep your backup data stored in the cloud storage of your choice.

DR of Servers

Having disaster recovery capabilities for your servers allow you to restore your system quickly in case of an attack. Backup Exec comes with an integrated Disaster-Recovery-as-a-Service (DRaaS) solution. Backup Exec Instant Cloud Recovery integrates directly with Azure Site Recovery to ensure data and application availability with cloud-based disaster recovery. For more information, read here.

Minimize downtime and avoid the impact of disaster with Veritas System Recovery (VSR). VSR helps you easily recover in minutes, whether you're restoring a single file or email to an entire machine-physical or virtual. To know more about VSR, read here.

Apart from the above capabilities, Backup Exec 20.4 introduced a new feature that provides enhanced protection against ransomware attacks by protecting your backup data.

Ransomware Resilience

Backup Exec's new Ransomware Resilience feature provides enhanced protection of business-critical data against ransomware attacks. This feature provides an extra layer of protection to disk storage on the Backup Exec Server. Only Backup Exec services are allowed to write to the disk storage. Unauthorized processes are blocked from modifying backup data hosted in the backup destination storage.

In Backup Exec, a new option 'Disk storage Lockdown setting' is introduced and is enabled by default. The disk storage lockdown setting protects the disk-based backup storage configured with Backup Exec. The option is available in the Network and Security setting of Backup Exec settings.Picture3-edited.jpg

The disk storage lockdown status displays the status of disk-based backup storage configured with Backup Exec, on the bottom right of the Backup Exec UI.

Picture4-edited.jpg


Upgrade to Backup Exec 20.6 and protect your business-critical data from ransomware attacks.