Cyberattacks are on the rise – it’s estimated that one takes place every 11 seconds. Not only can this hamper business process, but it can also be quite costly, too – according to Accenture, the average cost of a cyberattack is approximately $13M.
Establishing a cyber resiliency strategy
Cyber Resiliency refers to the capacity for an organization to protect, detect, respond to, and recover from a cyber-attack with minimal impact. An effective cyber resiliency strategy involves using all the best practices involved in protecting data: right level of access controls, immutable copies of data, anti-virus, and anti-malware.
Every company in every industry has a need for a cyber resiliency strategy. A major part of that strategy is determining which business processes are most important; specifically, which data sets, data types, applications, databases, and foundational technologies should be protected.
Help your customers identify what data needs the most protection
A gap-analysis helps to explain to customers why specific steps are required to mitigate critical risks for the organization.
1. What assets do I have? (HW & SW & content classification)
2. Where are my assets?
3. Who has access to these assets?
4. Why is this access required?
5. When & how is it accessed?
6. Is there a known vulnerability risk?
7. Am I bound to compliancy regulations (GDPR, PCI, SOX, HIPAA, …)?
8. What’s the governance model?
There are two major types of storage solutions — unstructured data and structured data. Unstructured data refers to anything that’s not in a structured database. This covers everything from email, images and documents to videos, social media and application-related data like logs. Structured data, meanwhile, refers to the use of a standardized format to collect and organize data.
While the two data types differ, a single cyber protection strategy can serve both. In fact, for management purposes, it behooves an organization to have a single strategy in place.
Here, though, it is worth noting that finding a solution for managing unstructured data has been a challenge. Next-gen apps capable of handling fast growing unstructured data require extreme performance from cutting-edge solutions like all-flash storage. This, in turn, increases budget pressure for organizations to commit new capital and OPEX that these powerful systems require.
For this post, we are going to primarily focus on protecting unstructured data against cyberattacks.
PowerScale is a solution from Dell Technologies that enables organizations of different sizes to manage their unstructured data in a flexible manner. At its core, PowerScale consists of a scale-out file system. This means that the solution can scale when the organization needs to handle more data.
Along with this flexibility PowerScale also comes with a list of protection, detection, auto-respond, and recovery features to protect your customer’s valuable file data. In fact, there is even an AI component that helps recognize patterns of attack.
A closer look at PowerScale
Superna Eyeglass Ransomware Defender for Dell EMC PowerScale and ECS systems further boosts the cyber resiliency of unstructured data by providing customers with comprehensive capabilities to protect data, detect attack events in real-time, and recover from cyber-attacks.
In addition to these capabilities, Ransomware Defender also serves as last resort protection, providing a copy of the data in a cyber vault that is isolated from the production environment. After the initial replication of data to the cyber vault, an air-gap is maintained between the production environment and the vault copy. Any additional incremental replication is performed intermittently by closing the airgap after ensuring there are no known events that indicate a security breach on the production site.
The key is responsiveness
The earlier a team can detect an attack the better they can respond and recover from it. Ransomware Defender can provide your customers with the ability to configure event triggers based on patterns of data access that are indicative of a cyberattack, including:
• Detecting for mass deletion of data
• Mass encryption of data
• Unauthorized network access
• A marked deviation of user behavior from historical data access pattern
• And more
All of these events can be captured with alerts and used for root cause analysis of security breaches. Additionally, automated tasks can be setup respond to events indicating a high probability of a cyberattack like terminating replication to cyber vault or denying access to certain users as well as taking additional snapshots of the vault copy of the data can be setup to.
Learn more
If you want to get more details about Dell’s capabilities to protect your customer’s data against cybercrime, feel free to plan a meeting with an unstructured data solution specialist.