Malware in Enterprise Backup Environments – DCIG
Cybersecurity approaches from Asigra, Dell, and Rubrik for detecting and responding to malware attacks
This is a Press Release edited by StorageNewsletter.com on July 16, 2019 at 1:56 pmAsigra Inc. announced that DCIG, LLC has published a report titled Creating a Secondary Perimeter to Detect Malware in Your Enterprise Backup Environment.
It provides a comparison of three different approaches for detecting and preventing malware attacks on backup data and which approach may be the most effective for enterprise backup environments.
Recovering lost data with confidence starts with a golden copy of the backup set. To manage the threat that malware presents to backup data today, organizations are deferring to backup providers to help them perform successful recoveries from a confirmed reproducible copy of the data. This golden copy must be free from malware and capable of being returned to its native usable state for use in the enterprise.
In the DCIG report, three methodologies for creating a golden copy are reviewed. The first is the inline scan where incoming and restored backup data are actively screened for malware. The second method is the use of a sandbox, where backups complete as normal but a separate IT sandbox is set up to recover data and tested for malware. Snapshot analysis is the third approach where snapshots of production data are taken and analytics are performed on each snapshot. The results of the analytics will inform which to check for the presence of malware.
Methodologies for Creating a Golden Copy
Summary Comparison
Of the three approaches for stopping malware attacks on backup data, the preferred method is the inline scan of backup and recovery data because of the benefits provided over the competing approaches.
According to DCIG, “inline scans represent the easiest and fastest way for a company to scan its backup data for the presence of known strains of malware as well as position the company to scan recovered data for yet unknown malware signatures.”
The highlighted solution for inline scanning of malware is Asigra Cloud Backup V14, which scans all backup data for malware as part of the backup job and alerts the administrator to its presence in the event it has slipped past perimeter cybersecurity defenses. It then scans data during backup and recovery, improving the chance of detecting malware signatures that were latent or undetectable when the backup occurred.
“The products that Asigra, Dell EMC, and Rubrik offer, and the respective techniques they use to detect the presence of malware in backup repositories, represent the primary methodologies that backup software employs,” said Jerome Wendt, founder and president, DCIG. “Of these three, only Asigra and Rubrik provide a company with the means to automate and simplify the process to detect for malware in backups. Of those two, only Asigra currently makes cybersecurity software available as an optional feature that a company can turn on.“
“Asigra Cloud Backup V14 converges enterprise data protection and cybersecurity, embedding malware engines in the backup and recovery streams to prevent ransomware from impacting the business,” said Eran Farajun, EVP, Asigra. “Asigra identifies any infecting malware strains, quarantines them, then notifies the customer. It is a very comprehensive data protection solution, built from the ground up for distributed IT environments.”