Protection of IT infrastructure data from Ransomware
What is Ransomware?
Why Ransomware protection is critical right now?
Threat in numbers
Ransomware attacks increased by 18% compared to the previous year.
$4.5 million is the average cost of a successful attack.
Three layers of protection: choose your scenario
vCloud Availability creates additional copies of virtual machines (replicas) in a geographically remote cloud data center. These replicas are stored in an powered-off state and are not subject to changes, making them resistant to attacks on your primary infrastructure. Attackers gain access only to the local network, while multiple recovery points in the cloud remain isolated and inaccessible.
How it works:
- vCloud Availability periodically creates exact VM images.
- Replicas are transferred to a cloud data center over a secure connection.
- In the event of a ransomware attack, the local infrastructure may be encrypted, but cloud images remain intact.
Key features:
The solution provides physical and logical separation of data in a remote site, making it inaccessible to most ransomware attacks. However, it is important to note that this is not an absolute guarantee of security: if ransomware operates stealthily and infection occurs before the latest replica is created, the backup may also be compromised. To protect against such “hidden” threats, immutable data solutions are available.
Veeam Cloud Connect transfers backup copies to a secure cloud storage, where Immutable Backup technology makes them impossible to delete or modify for a defined retention period. Object Lock at the cloud level prevents any attempts to alter backup files, even if attackers gain administrative access to your network.
How it works:
- Backups are created with a “read-only” attribute for the entire retention period.
- Object Lock protects backup files from encryption or deletion.
- Veeam securely transfers copies to the cloud via an encrypted SSL/TLS tunnel.
- Even if the backup server is fully compromised, attackers cannot damage cloud copies.
Key features:
The solution provides dual protection through geographic isolation (Cloud Connect) and technological immutability (Object Lock). This ensures backup integrity and flexible recovery options—from individual files to full virtual machines.
SnapLock and SnapMirror are built-in NetApp storage system technologies that create immutable snapshots directly at the storage level and replicate them to a remote site. The solution is based on the WORM (Write Once, Read Many) principle, physically preventing any modification of data.
How it works:
- SnapLock locks snapshot copies from any changes until the defined retention period expires.
- Data becomes immutable, even for administrators with root privileges.
- SnapMirror automatically replicates protected snapshots to a remote storage system in real time.
- Geographic isolation adds an additional barrier against local cyberattacks.
- If recovery is needed, data can be instantly restored from immutable snapshots.
Key features:
Protection is implemented at the hardware level and remains active even if the operating system or applications are compromised. The technology enables instant recovery and ensures reliable data protection throughout the entire data lifecycle, making it ideal for mission-critical business processes.