Dave Brown

Combatting Ransomware with Continuous Data Protection

How your organization can build proven, trusted, and sound practices into your existing data protection schemes with software-defined storage.

Ransomware targets your organization’s most valuable asset: its data. While it’s a relatively new threat (first major attack in 2012), ransomware attacks increased nearly 120% in the first quarter of 2019.

As the fastest growing cybercrime category, ransomware’s top targets are the healthcare industry, financial sector, and state and federal government, specifically due to old and unpatched systems.

Unfortunately, most existing solutions are not fully effective, which helps explain why these attacks not only continue, but also grow in frequency and audacity. As the cybercrime landscape continues to evolve, businesses are increasingly exposed to higher levels of risk and are often forced to consider preventative solutions. But your business can’t do much once an attack happens. In fact, 77% of organizations infected with ransomware were running up-to-date endpoint protection.

Going Beyond Data Protection

Preventative endpoint security solutions can be disruptive, consuming existing valuable resources from your system. They can also be impractical due to these resource constraints or operating system incompatibility. While backups and snapshots are crucial to business continuity and disaster recovery, sometimes the Recovery Point Objective (RPO) isn’t sufficient to meet your business needs, or comply with specific policies. Daily or hourly backups may not be enough for mission-critical systems.

A business is attacked by ransomware every 14 seconds, and with global ransomware costs expected to reach $20B by 2021 (a 57X increase from 2015), your organization needs cost-effective, robust data protection solutions that can stand up to these increasingly sophisticated attacks.

Enter Continuous Data Protection, or CDP. CDP tracks every single change on the disk and allows you to rewind back to any point in time with by-the-second granularity. Just like having a DVR or TiVo at home to wind back to that walk-off home run, epic slam dunk or last-minute catch in the end zone, CDP allows you to take your systems back in time to seconds before a ransomware attack. And it can be done in less than 10 minutes.

Ransomware attack? What ransomware attack?

And with ransoms getting into the millions of dollars, just one thwarted incident with CDP can deliver a 100%+ ROI.

Safeguarding the Core of Your Business

DataCore’s core capabilities around heterogenous pooling of all block storage assets from any storage, vendor or model means that your organization can add CDP to its existing storage environment, non-intrusively and completely transparent to the host/system. This level of flexibility enables simplified protection across the entire storage infrastructure with the capability to roll back a given virtual or physical host’s disks to just before an incident or malware attack. Additionally, it aids with forensics and incident analysis by instantly creating multiple images from different points in time before the incident occurred.

CDP can be applied to a single disk, multiple disks, and groups of disks. A given CDP log can be up to a TB in size, allowing for a sizable window of rollback. At the same time, this is not a replacement for standard (like Commvault and Networker) and newer generation (VEEAM) backup products, they still have their place in the data center for overall data management lifecycle, but CDP acts as a great complement to that model.

CDP is not a series of snapshots, which would leave gaps in the data restoral process. It records every write operation on a given data disk, just like a transaction/redo log does for a database, where if the database were to crash with uncommitted writes, the job of the transaction/redo log is to commit all those uncommitted writes to restore database consistency.

The CDP feature in DataCore’s SANsymphony product has a one-second restoral granularity, with no limit on the number of rollbacks you create. If you go back two minutes and 30 seconds for example and want to get closer, no problem, just make another at 2:25 or 2:35. If those aren’t good enough, make more. All of these will likely result in much less production loss, and related financial loss due to lost data and/or simply data reentry, and a high likelihood of ZERO data loss.

This depth in data protection and truly flexible approach to storage infrastructure provides organizations with a solid foundation for a complete data management platform.

In today’s always-on digital world, no data means no business. Don’t let ransomware stop your business in its tracks, visit https://www.datacore.com/products/software-defined-storage/cdp/ to learn more, or request a live demo or fully-functional free trial.

Get a Live Demo

Talk with a solution advisor about how DataCore SDS can make your storage infrastructure modern, performant, and flexible.

Request Live Demo