Building Cyber Recovery Capabilities Into Your Data Protection Strategy

Gary Austin
September 22, 2020
Blogs | Cybersecurity | Managed Services

Ransomware attacks are increasing in frequency and sophistication. Before data is encrypted or destroyed, attackers go after the infrastructures that store and protect your company’s information—this a real problem affecting many organizations. As a result, many storage platforms have features that focus on Ransomware detection, prevention, and recovery. Over the following weeks, I will look at many of these products to sift through the datasheets, highlight relevant information, and help you build cyber recovery capabilities into your data protection strategy.

I’ll start with the PowerMax from DellEMC as it was the first platform I helped a customer implement in a storage-based Cyber Recovery solution.

DellEMC

PowerMax – TimeFinder SnapVX provides the ability to create immutable snapshots with Secure snaps. Many vendors define immutable data as data that is impossible to alter, but not all solutions protect the data’s retention. When invoked, secure snapshots have a retention period that can be an absolute value or relative from the time of creation. Customers are, by design, unable to alter the retention settings of SnapVX Secure snaps. Even if an attacker gains administrative access to a customer’s PowerMax solution, data saved with Secure snapshots is 100% immutable. 

I do have a couple of warnings to admins out there looking to use SnapVX Secure snapshots. The feature works brilliantly. Therefore, my advice is to measure twice, cut/snap once, be sure to verify syntax in any commands or scripts, gain a thorough understanding of change rates, and carefully plan for the required storage and factor in peak change rates for the duration of Secure snaps. PowerMax prioritizes the durability of Secure snapshots above even the availability of the production data, which makes sense. How immutable is something if you can delete it?

I should note there is one exception to the immutability of SnapVX Secure snapshots on PowerMax. In the case of emergencies, Dell EMC can terminate SnapVX Secure snapshots, but not without customer validation, which requires a signed data loss waiver which, from my understanding, requires signatures and validation from board members or officers.

Only use SnapVX Secure snapshots when necessary, do your homework when it comes to capacity management, and work closely with DellEMC or a partner like Converge Technology Solutions to keep your data secure.

Follow Us

Recent Posts

What’s on the Horizon for Cybersecurity in 2024?

Another year is behind us, a year filled with remarkable advancements, jaw-dropping breaches, and the good guys still struggling to keep up with the bad guys. Before jumping into how 2024 may shape out or diving right into the doom and gloom of what went wrong in...

Streamlining Cybersecurity Using the DOD Replicator Initiative

The Department of Defense (DOD) has taken a bold step in addressing the need for more innovation and capabilities in fighting modern adversaries. Deputy Secretary of Defense Kathleen Hicks recently introduced the department’s new Replicator initiative intended to use...

Want To Read More?

Categories

You May Also Like…

Let’s Talk