Building Cyber Recovery Capabilities Into Your Data Protection Strategy

Gary Austin
September 22, 2020
Blogs | Cybersecurity | Managed Services

Ransomware attacks are increasing in frequency and sophistication. Before data is encrypted or destroyed, attackers go after the infrastructures that store and protect your company’s information—this a real problem affecting many organizations. As a result, many storage platforms have features that focus on Ransomware detection, prevention, and recovery. Over the following weeks, I will look at many of these products to sift through the datasheets, highlight relevant information, and help you build cyber recovery capabilities into your data protection strategy.

I’ll start with the PowerMax from DellEMC as it was the first platform I helped a customer implement in a storage-based Cyber Recovery solution.

DellEMC

PowerMax – TimeFinder SnapVX provides the ability to create immutable snapshots with Secure snaps. Many vendors define immutable data as data that is impossible to alter, but not all solutions protect the data’s retention. When invoked, secure snapshots have a retention period that can be an absolute value or relative from the time of creation. Customers are, by design, unable to alter the retention settings of SnapVX Secure snaps. Even if an attacker gains administrative access to a customer’s PowerMax solution, data saved with Secure snapshots is 100% immutable. 

I do have a couple of warnings to admins out there looking to use SnapVX Secure snapshots. The feature works brilliantly. Therefore, my advice is to measure twice, cut/snap once, be sure to verify syntax in any commands or scripts, gain a thorough understanding of change rates, and carefully plan for the required storage and factor in peak change rates for the duration of Secure snaps. PowerMax prioritizes the durability of Secure snapshots above even the availability of the production data, which makes sense. How immutable is something if you can delete it?

I should note there is one exception to the immutability of SnapVX Secure snapshots on PowerMax. In the case of emergencies, Dell EMC can terminate SnapVX Secure snapshots, but not without customer validation, which requires a signed data loss waiver which, from my understanding, requires signatures and validation from board members or officers.

Only use SnapVX Secure snapshots when necessary, do your homework when it comes to capacity management, and work closely with DellEMC or a partner like Converge Technology Solutions to keep your data secure.

Follow Us

Recent Posts

Inside the 2024 Red Team Penetration Testing Report

In the unending barrage of cyber attacks, keeping pace with current threats is paramount. A proactive approach that includes penetration testing raises the bar higher, finding exploitable weaknesses before attackers can exploit them. Our report condenses 12 months of...

The Sustainability Question

Alright, I’ll admit it – I  enjoy my job. I find every day exciting and see each moment as an opportunity, although I know I’m lucky to admit such a secret, as not everyone has the chance to feel the same way I do. However, I will also admit that getting to this...

Want To Read More?

Categories

You May Also Like…

Let’s Talk