The adage, “An ounce of prevention is worth a pound of cure,” applies just as much to the world of cybersecurity as it does to health. When it comes to cyber attacks, there’s always a before, a during, and an after—and you should be ready for each phase. While prevention is certainly critical for the “before” of an attack, in this post we’ll talk about bouncing back after a cyberattack. Because when it comes to cyber attacks, it’s often a question of “when, not if.”
Navigating “After” a Cyberattack
Even with the best security tools and network architectures, it just takes one inadvertent click or an unprotected IoT device to unleash a world of pain throughout an enterprise. If your data is locked and inaccessible, it becomes virtually impossible for your business to continue operating. Even if you do pay the ransom, there’s no guarantee you’ll get your data back.
You can’t rely solely on your backup software and processes to help if the attack penetrates the storage infrastructure where your backups are held. With the volume of data enterprises generate every minute of every day, and the relatively low speeds that traditional backups operate at, you may have to roll back and restore data from weeks ago to find a clean backup.
How to Be Recovery-ready After an Attack
This means solving two related, underlying problems:
- Providing an extra level of protection from attacks that are successful in penetrating your defenses
- Increasing the speed of backup and restore so that you don’t have to roll back so far to get clean restore data in the event of a ransomware attack
Pure Storage® FlashBlade® provides a solution to both of these problems with SafeMode™ snapshots and Rapid Restore.
Firstly, Rapid Restore dramatically increases the speed of restoring data with up to 270TB/hr data-recovery performance without the need to change your backup software. That alone changes the data recovery equation, and SafeMode snapshots take it a step further.
With SafeMode snapshots, you create read-only snapshots of backup data and associated metadata catalogs immediately after you’ve performed a full backup. You can then recover data directly from those snapshots.
Snapshots can’t be deleted, modified, or encrypted by ransomware or even a rogue system admin. FlashBlade works natively with Commvault, Veeam, and Veritas so you can utilise the same snapshot process regardless of your backup product or native utility. You can also customize snapshot cadence schedules. In addition, only an authorized designee from your organisation can work directly with Pure technical support to configure, modify policy, or eradicate snapshots. As a result, the protection level is extremely high.
Learn more about Rapid Restore solutions.
