Around the Storage Block
cancel
Showing results for 
Search instead for 
Did you mean: 

Your Company’s Data Is Ransomware’s Favorite Target

StorageExpert

 

Ransomware is a lucrative and increasingly popular “business model” targeting SMBs. You don’t have to be a security expert to secure your company’s file data and help mitigate the risk of a malware infection. Here's how HPE StoreEasy Storage can help.

It seems like every week we hear about massive security breaches, attacks, or unintentional leaks that compromise user data and expose it to a number of threats.

Not only do such threats feel invasive, once a company is impacted by a criminal breach, it may be incredibly difficult to detect until the damage has already been done. Some forms of malware get access to your data, copies it to their repository, and then wipes it from yours – holding it hostage until the user or organization pays for their data’s safe return.

Another common approach is to distribute a file or executable that, when opened, encrypts all of the data it can access, leaving behind a text file or prompt demanding a user or organization pay the attacker bitcoins to receive the encryATSB-mar-17-17-blog img.pngption key and regain access to their data. Common distribution methods include email attachments or links to files hosted on common public cloud file sharing platforms. 

It’s such a lucrative and increasingly popular business that crafty criminals have developed “ransomware-as-a-service” platforms for anyone to generate and distribute their own ransomware, with a cut of each ransom taken by the developer.

Because attackers often target small businesses requesting a Bitcoin payment around $7001 USD, many victims will often just pay up and hope they regain access to their data – whether it was wiped or encrypted. Unfortunately, there’s no guarantee a company will get their data back, and the FBI has advised the public not to pay unless it’s absolutely critical, which it often is – as our files and data are absolutely essential to how we work and retain our competitive advantage and base of customers.

Proactive avoidance is the best strategy against ransomware

Your proactive avoidance strategy should include endpoint protection that can detect and quarantine suspicious files, disabling macros in Microsoft Office, educating users on security and privacy practices to minimize risk, blocking certain file extensions from PCs and storage (whether on-prem, cloud, or a mix of the two).

The 3-2-1 rule of data protection

It should also include backing up your data constantly using the tried-and-true 3-2-1 method: three different copies of data, two different types of storage media, with one backup copy stored offsite.

For many companies and industries, on-premises infrastructure is still the best answer for storing sensitive data from both a security, oversight, and backup perspective. Though public cloud services are increasingly popular for SMBs looking for file sharing solutions, there are numerous advantages to retaining your unstructured file data on-prem, often including the ability to recover from an attack more quickly. HPE StoreEasy Storage delivers the flexibility companies small and large require out of their network-attached storage, along with granular controls for protecting data against simple human error and criminal attacks.

HPE StoreEasy helps mitigate threats

According to a 2016 study on the cost of data breaches by Ponemon Institute2, the largest financial consequence to organizations who experienced a data breach is loss of customers. StoreEasy includes multilayered security as standard for you to protect your file data at the physical and logical levels – without needing specialist expertise – to help mitigate ever-evolving threats.

  • A lockable bezel protects against unauthorized physical tampering, while Smart Carriers for each drive indicate when they should not be removed to prevent data loss from human error.
  • BitLocker Drive encryption ensures no one without the encryption key can read the data written to StoreEasy drives even if physically stolen.
  • Endpoint assurance and encryption secures data-in-flight using SMB 3.1.1 clients through pre-authentication integrity checks and signing to ensure a connection hasn’t been tampered with or eavesdropped on by malicious parties. NFSv4.1 uses Kerberos authentication and integrity checks in heterogeneous environments.
  • Dynamic Access Control ensures only the users you authorize can access files, and allows you to audit who has accessed files for compliance purposes. Pairing file classification with Dynamic Access Control means you can automate access policies across your organization.
  • Active Directory Rights Management Services applies automatic encryption for sensitive Microsoft Office documents through file management tasks, preventing unauthorized users from access files even when removed from StoreEasy shares and sent via email.
  • File screening allows admins to prevent users from storing prohibited file formats on StoreEasy shares, including executable programs.
  • Windows Defender is automatically enabled to protect against malware exposure and infections, though customers are additionally able to install and run their desired antivirus on StoreEasy directly.
  • Leverage the Microsoft Azure cloud as your off-site backup target in your 3-2-1 strategy using StoreEasy’s OS integration.
  • Veeam’s integration with StoreEasy lets you backup to HPE StoreOnce with deduplication for efficient storage utilization and fault isolation for data as well as backing up to StoreEver tape storage or to the cloud for long-term off-site data archival. This strategy enables you to meet the 3-2-1 rule of data protection. Veeam software products are now available from HPE via the HPE Complete program so you can source all components of the 3-2-1 best practice data protection ecosystem from a single vendor.

A solid data loss protection and threat mitigation strategy

Securing your organization and your customer data against threats requires an approach that allows granularity with security. It also should include data protection controls that won’t inhibit your users from accessing the files they need and won’t compromise your intellectual property. Investing in proactive data loss protection and threat mitigation through physical security, encryption, endpoint protection, backup solutions, employee training and more will undoubtedly help organizations avoid finding out the cost of a breach or malware infection and the resulting loss of business.

To learn more about HPE StoreEasy Storage and other IT solutions for SMBs to enterprise organizations, contact your HPE account manager or partner, or find one here.

 

Victoria Bunte_HPE Storage.jpeg

 Meet Around the Storage Block blogger Victoria Bunte, Worldwide Product Manager, Storage & Big Data.

 

 

 

1Trend Micro study, ZDNet, “Two Thirds of Companies Pay Ransomware Demands But Not Everyone Gets Their Data Back.” September 2016

2 Ponemon Institute, 2016 Cost of Data Breach Study: Global Analysis

 

 

  • SMB
  • StoreEasy
0 Kudos
About the Author

StorageExpert

Our team of Hewlett Packard Enterprise storage experts helps you to dive deep into relevant infrastructure topics.

Events
See posts for dates
ONline
Connect Worldwide Events - 2017
Connect Worldwide is Hewlett Packard Enterprise’s largest independent technology user community, and has more than 70,000 global members. Visit this p...
Read more
Each Month in 2017
Online
Software Expert Days - 2017
Join us online to talk directly with our Software experts during online Expert Days. Find information here about past, current, and upcoming Expert Da...
Read more
View all