UPDATED 12:00 EST / AUGUST 10 2017

INFRA

Immutable object storage may be best ransomware defense, says analyst

An ounce of prevention is worth a pound of cure. Security officers know it, but so do hackers; hence the growth of cleverly camouflaged ransomware. WannaCry ransomware infected more than 230,000 computers by getting users to click on innocent-looking links to breaking news or even fake WannaCry protection offers.

“You can’t prevent someone from clicking on a link,” said Edward Haletky (pictured), principal analyst at The Virtualization Practice LLC.

Prevention, of course, has its place in any security strategy, Haletky said in an interview at this year’s VeeamOn in New Orleans, Louisiana. However, it’s just one of several crucial layers, he told Stu Miniman (@stu) and Dave Vellante (@dvellante), co-hosts of theCUBE, SiliconANGLE Media’s mobile livestreaming studio. (* Disclosure below.)

On the front end, organizations should mitigate risk as much as possible. Measures may include anti-phishing tools or policies against accepting encrypted payloads, Haletky stated.

The mid-tier of the security architecture should focus on data protection, detection and legal holds, he explained. The legal hold is basically a “do-not-delete” mark on the recover point previous to the current one. The point is to save the extra restore point in case the current one has corruptions that are not yet detectable.

Object of the game

Storing backups on an immutable target further fortifies them against breach, according to Haletky. The best immutable source today is object storage with versioned rights, he added. Every version written is immutable, meaning it is non-rewritable and cannot be changed.

A user may restore from a target provided by backup software, for instance. “But let’s say that gets corrupted. Now I can go back to the object store as the ultimate source,” he said.

Immutable object storage is not quite the final security stage. “It’s the pre-archive; it’s kind of like, ‘OK, put it there, and then I may archive that off on a retention schedule,'” he concluded.

Watch the complete video interview below, and be sure to check out more of SiliconANGLE’s and theCUBE’s coverage of VeeamOn 2017. (* Disclosure: TheCUBE is a paid media partner for VeeamOn 2017. Neither Veeam Software Inc. nor other sponsors have editorial influence on theCUBE or SiliconANGLE.)

Photo: SiliconANGLE

A message from John Furrier, co-founder of SiliconANGLE:

Support our mission to keep content open and free by engaging with theCUBE community. Join theCUBE’s Alumni Trust Network, where technology leaders connect, share intelligence and create opportunities.

  • 15M+ viewers of theCUBE videos, powering conversations across AI, cloud, cybersecurity and more
  • 11.4k+ theCUBE alumni — Connect with more than 11,400 tech and business leaders shaping the future through a unique trusted-based network.
About SiliconANGLE Media
SiliconANGLE Media is a recognized leader in digital media innovation, uniting breakthrough technology, strategic insights and real-time audience engagement. As the parent company of SiliconANGLE, theCUBE Network, theCUBE Research, CUBE365, theCUBE AI and theCUBE SuperStudios — with flagship locations in Silicon Valley and the New York Stock Exchange — SiliconANGLE Media operates at the intersection of media, technology and AI.

Founded by tech visionaries John Furrier and Dave Vellante, SiliconANGLE Media has built a dynamic ecosystem of industry-leading digital media brands that reach 15+ million elite tech professionals. Our new proprietary theCUBE AI Video Cloud is breaking ground in audience interaction, leveraging theCUBEai.com neural network to help technology companies make data-driven decisions and stay at the forefront of industry conversations.

Cookies

We employ the use of cookies. Find out more.