HPE Community
Alliances
1820080 Members
3062 Online
109608 Solutions
New Article ๎ฅ‚
 
Subscribe to RSS Feed
|
mhardi01

Protecting Patient data from Ransomware with HPE Storage

โ€Ž12-13-2024 09:41 AM

Enjoy this guest blog by Nick Jennings, Solutions Engineer, HPE Hybrid Cloud.

Ransomware attacks are a growing threat for IT as they present a get-rich-quick opportunity for criminals who have no respect for the privacy of the impacted businesses and their customers. According to a 2021 global survey, more than one-third of responding health institutions reported at least one ransomware attack in the preceding year, and a third among them reported paying a ransom. In these attacks, access to critical data is blocked through encryption and/or deletion before the attackers attempt to extort large amounts of money from the company in exchange for the encryption keys or to prevent stolen data from being published online.

patient.jpg

The nature of the healthcare industry makes it particularly susceptible to ransomware attacks. Healthcare involves highly sensitive data with personally identifiable information, personal health information, and continuous operation as a critical requirement. With the need for facilities to be connected over the internet, the data and operation requirements make healthcare facilities a prime target for ransomware attacks.

The attacker is successful when theyโ€™ve impacted the ability to restore trustworthy data once itโ€™s been compromised. In a typical ransomware attack, backups and snapshots are either deleted or encrypted to limit the ability to recover lost data quickly, and forcing the use of secondary backups, which can prove tedious and result in significant downtime and loss of sensitive data.

The solution for healthcare data protection with HPE Virtual Lock

To defend against this threat, a comprehensive security strategy should include data protection using live snapshots, data replication, and a solid backup solution. The traditional โ€œ3-2-1-1โ€ rule is to keep at least three copies of data, stored on two different and independent storage devices, with one backup copy off-site and at least one air-gapped backup copy. The air-gapped copy has traditionally been stored in a vault as a physical tape. But the modern alternative is immutable snapshots that meet the airgap requirement but cost less and can be restored quickly.

ImmutableSnaps.png

HPE Virtual Lock software is an existing feature in a number of HPE storage systems, including the new HPE Alletra Storage MP B10000, HPE Alletra 9000, and HPE Primera storage arrays. The feature doesnโ€™t require any additional licensing and provides ongoing protection for missionโ€‘critical data by safeguarding storage system snapshots from accidental or unauthorized deletion or modification. HPE Virtual Lock software is integral to these storage array operating systems and does not require any software or agent installation at the host level.

In an Epic Systems environment, array-level snapshots should be an integral part of a comprehensive security strategy. HPE Virtual Lock software should be used, at a minimum, on the consistency groups that include the production Open Database (ODB) file systems. This will allow for rapid recovery in the event of a cybersecurity attack.

HPE Virtual Lock allows for snapshots to be immutable for a defined period. This makes them tamper-proof and impervious to ransomware for a set retention duration of up to five years. The immutability of the snapshots cannot be decreased, removed, or altered. Hence, the virtually locked snapshots can neither be encrypted by a malicious attacker nor be deletedโ€”even by a system administrator with the highest privileges.

Learn more about HPE Virtual Lock

Thereโ€™s a new whitepaper available to help you learn more about the HPE Virtual Lock feature, with specifics on how it works and even examples of scheduling these immutable snapshots through the HPE Storage system GUI or CLI.  Additional technical resources to help with your research are also included. The new whitepaper, โ€œHPE Virtual Lock software helps protect Epic Systems data against ransomware attacksโ€ is available for download today.

About the author: Meet HPE Storage Blogger Nick Jennings - Nick is the lead engineer on the worldwide Hybrid Cloud solutions Engineering team at HPE. His focus is on storage technology in the healthcare industry.

Mike Harding | Microsoft Solutions Product Management
Hewlett Packard Enterprise
0 Kudos
About the Author

mhardi01

Launching and growing new enterprise technology offerings

The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.