Seventy-three percent – that’s the percentage of organisations that have been affected by at least two ransomware attacks in the past year, according to the Veeam Ransomware Trends Report 2022. In most cases, the criminals’ path into the corporate network leads through the weakest element of the digital defense: humans. Phishing remains the means of choice for hackers and data thieves to gain unauthorised access – as confirmed by the latest Verizon Data Breach Report. While backups are often able to act as a last bulwark against extortionists, the right credentials can crack even this bastion. As a result, companies must become increasingly aware that their own employees also pose an unwanted threat. The best way to manage this risk is through Zero Trust.
Focus on processes instead of hardware
Zero Trust is not a standalone product, but a paradigm that is woven into the corporate culture. IT administrators must weigh which employees should have access to which content, applications, networks and data. This goes double for storage, because: Backups are, in many situations, the lifeline that can keep companies running. However, if this anchor is damaged, downtime increases rapidly, and recovery is made nearly impossible. Therefore, roles and rights related to storage must be assigned with appropriate caution. Only dedicated staff and storage administrators should have the ability to access backups. But what happens if a user account of these very administrators falls into the wrong hands?
Immutability as a key tool
The only way to permanently protect backups from the wrong hands is immutability. In the area of storage, this means storing backups in an immutable, read-only manner, so to speak. This prevents all data and backups from being encrypted even in the event of infiltration by ransomware groups, for example. The options for setting up an immutable backup range from air-gapped solutions to the AWS S3 Object Lock – arguments for the different variants can be found quickly. However, it is important that they are implemented as a fixed part of the backup strategy. This guarantees that the reassurance provided by backups remains intact throughout if access falls into the wrong hands, and data can always be restored in the event of an emergency.
Zero Trust in modern data protection is a process
Implementing Zero Trust in storage is a process that takes time and then needs to be looked at regularly to ensure continuous security. Phishing will certainly continue to be one of the biggest threats to organisations and their data, as the employee will remain the biggest risk to the defense. However, if roles and privileges have been assigned according to the zero-trust paradigm, then you minimise that risk as much as at all possible. This keeps backups the bulwark against ransomware that they are supposed to be.
Discussion about this post