A Q&A with Prem Ananthakrishnan of Druva
Ransomware is a growing cyber risk threat impacting organizations in all sectors. Having a cloud-based backup solution in place can help organizations mitigate this exposure, promote business continuity in case of a security event and avoid paying a ransom. In this Q&A, Prem Ananthakrishnan of Druva explains how.
How can having a cloud-based backup solution in place help protect against the ransomware threat?
There is a significant advantage to using a cloud-based backup solution as compared with a premises-based solution. For one thing, it’s naturally air-gapped or segmented which isolates data and diminishes threat vectors and the opportunities for the threats to spread. For another in a system like ours, with built in multifactor authentication there is a high level of security before you sign on and you can’t impersonate another user to get in. Another advantage, which is unique to our system, is that we conduct random automated testing of data for consistency and recoverability. If an anomaly is detected, it will flag it immediately. Another highlight of our service is that we offer on-demand recovery so there is a capability to take the backup of a customer system from the cloud dynamically and on demand—for instance, if there is an attack and you need your business up and running while there is an ongoing forensics investigation, you can proceed with no loss of business continuity.
Often in ransomware attacks, the client is forced to pay the extortion because the threat actor has already infected or encrypted the backup data. How can a cloud-based solution overcome this shortcoming? Can data in a remote cloud backup become compromised by malware?
In segmentation, because of that natural air gap you are separating the backup from the system data so from the customer perspective you’d have the confidence that you can quickly get back up and running with your backup system and know that the data won’t be contaminated. You’ve heard stories about MSPs or cloud providers that themselves get compromised when they’re managing data for multiple customers. If you are working only with remote cloud providers, you should look for security features like multifactor authentication and other mechanisms. We also have the assurances of the same security monitoring and rigorous certification used by large federal agencies like NASA, which includes a list of more than 100 controls. So you want to look for that kind of thorough security.
Is this type of loss control solution appropriate (and affordable) for an SME and is it easy to deploy? What are the hallmarks of solid backup solution service providers?
Where you might have to worry is if you had a traditional legacy solution with heavy infrastructure or data stored in tapes or other places—that will take multiple steps. Our solution can get you back up and running in 15 minutes or less. You want a solution that’s automated and 100 percent staffed so you don’t have to worry about making constant patches or upgrades. That keeps it easier for the end user. In a world of big data sets, anomaly detection is huge and an important feature to look for. Ideally you want a system that will help you flag security events and take action, and you want one that will integrate well with the rest of the security chain, especially your incident response, which is something many legacy solutions have struggled with.
In summary…
We want to thank Prem and the Druva organization for their expert opinions on cloud-based backup solutions, network segmentation and mitigating the growing threat of ransomware, now a leading cause of loss among paid out cyber claims. The many cyber risk insurance carrier underwriters we represent are constantly looking out to better understand alterative practices that insureds of any size and in any business sector can deploy to improve cyber risk management.
