The last several weeks have presented a number of widespread challenges for organizations around the globe. Employees are grappling with the new realities of working remotely, and companies are equally challenged to provide increased support for new, remote workforces. As managers learn to engage employees no longer just a few desks away, IT is diligently working to make sure the technology that workers need the most is available.

Amongst the many challenges, IT is empowering security teams to secure the assets needed for their colleagues to work remotely.

Over the last couple of weeks, there have been increased reports of cyber-espionage and attacks. Specifically, security firm FireEye has noted increases in activity from the hacking group APT41.

As employees work from home or other remote locations, it becomes more challenging to protect your company’s data assets from potential loss. Phishing campaigns have increased as bad actors seek opportunities to take advantage of an already bad situation and introduce exploits to access critical corporate assets. Once in, bad actors can introduce ransomware to encrypt and hold data assets hostage in hopes of extorting bitcoin payments in exchange for the decryption keys.

How SafeMode Snapshots Fight Ransomware

Once ransomware is introduced into an organization, it’s too late. If you choose not to pay the ransom, your encrypted data may be unrecoverable. The ransom must be paid.

The alternative is to restore all data from backups. This makes a few assumptions:

  • Backups of the data are available
  • Your backups aren’t encrypted

This also assumes that backups haven’t simply been deleted. To make ransomware recovery impossible, attackers have increasingly targeted backup software and backup copies for deletion, thereby forcing desperate ransom payments.

With this in mind, Pure Storage® developed SafeMode snapshots with the explicit purpose of protecting backup data and metadata and minimizing loss of data. The result: You keep your last line of defense safe¹.

SafeMode snapshots is a built-in FlashBlade® feature that creates read-only snapshots of backup data and associated metadata catalogs after you’ve performed a backup. You can recover data directly from these snapshots, helping you successfully restore data in the event of attacks by ransomware and even rogue admins.

SafeMode on FlashBlade object storage offers the following benefits:

  • Enhanced protection: Ransomware can’t eradicate (delete), modify, or encrypt SafeMode snapshots. In addition, only an authorized designee from your organization can work directly with Pure Technical Support to configure the feature, modify policy, or manually eradicate snapshots. This means even if your backup and/or storage credentials are compromised by a hacker, they can’t delete your backups.
  • Backup integration: Utilize the same snapshot process regardless of the backup product or native utility used to manage data protection processes. Your operations don’t have to change.
  • Flexibility: Snapshot cadence and retention scheduling are customizable.
  • Rapid restore: Leverage a massively parallel architecture and elastic performance that scales with data to speed backup and recovery. A ransomware attack may delete all of your data, creating an extensive ransomware recovery need. In these scenarios, restore speed becomes critical.
  • Investment protection: FlashBlade includes SafeMode snapshots at no extra charge. Your Pure subscription or maintenance support contract cover enhancements.

Protect Your Data with SafeMode Snapshots

We know you’re going the extra mile to help your remote workforce, your users, and your customers—and we want to do the same for you.

In these trying times, Pure is working with our customers to come up with an operating model that will serve any need. We’re here to support you and your organization and to help you engineer a solution that will meet your technical and financial needs.

  1. SafeMode is not intended to prevent ransomware attacks.