Tag Archives: ransomware

Safeguard your Veeam backups with Pure Storage FlashBlade® SafeMode

Authors – Lawrence AngRhys Hammond and Dilupa Ranatunga

Introduction  

This is the second part of a three-part blog series on Veeam and Pure Storage FlashBlade. In the previous blog post, we configured a Network File System (NFS) share on a Pure Storage FlashBlade as a Veeam backup repository. In this blog post, we will be focusing on configuring SafeMode snapshots to harden the backup files that are residing on the FlashBlade.

Ransomware attacks continue to rise, with constantly evolving sophistication and complexity. A key part of ransomware resilience strategy is backing up data on a regular basis and implementing a strong line of defence against threats targeting the backup data. Adopting industry standards for data protection such as 3-2-1 rule, offline backups and immutable backup storage are effective techniques to protect backup data sets against malicious attacks. Now let’s discuss how to make your FlashBlade system an immutable backup storage target with SafeMode snapshots.    

A storage snapshot is a point-in-time, image-level view of data that are impervious to ransomware. This immutability makes them an ideal layer of defense against ransomware. The problem with storage snapshots is they can still be removed by rouge admins or attackers if they gain access to the storage array management. In the case of a Pure Storage system, the deleted snapshots are temporarily stored in a ‘destroyed state’ that is similar to a recycle bin. If these snapshots are not recovered in a timely manner, they will be auto-eradicated and can even be manually destroyed prior to the auto-eradication. 

The SafeMode snapshots on the other hand, cannot be deleted, modified, or encrypted either accidentally or intentionally. This prevents the manual and complete eradication (permanent deletion) of data backups that are stored within the FlashBlade. Due to their immutability, the SafeMode snapshots serve as an additional mitigation mechanism against ransomware attacks or rogue administrators.

Continue reading

Facing the threat of cyberattacks: how does your disaster recovery solution stack up?

It’s a message every IT manager dreads.

‘Your personal files are encrypted by CTB-Locker. To decrypt the files, you need to pay 3 bitcoin.’

Yet, unfortunately, getting locked out of your company’s own data – and then being expected to pay a ransom to get it back – is becoming more common as cybercriminals get craftier. Like pesky bed bugs that have become immune to deterrents, ransomware attacks such as CryptoLocker, CryptoWall, Locky, TorrentLocker and Virlock are constantly evolving to sneak past all the new defences that IT security experts are busy building up.

Continue reading