Zero Trust in storage: Protecting the bulwark

Seventy-three percent - that's the percentage of organizations that have been affected by at least two ransomware attacks in the past year, according to the Veeam Ransomware Trends Report 2022. In most cases, the criminals' path into the corporate network leads through the weakest element of the digital defense: humans. Phishing remains the means of choice for hackers and data thieves to gain unauthorized access - as confirmed by the latest Verizon Data Breach Report. While backups are often able to act as a last bulwark against extortionists, the right credentials can crack even this bastion. As a result, companies must become increasingly aware that their own employees also pose an unwanted threat. The best way to manage this risk is through Zero Trust.
Focus on processes instead of hardware
Zero Trust is not a standalone product, but a paradigm that is woven into the corporate culture. IT administrators must weigh which employees should have access to which content, applications, networks and data. This goes double for storage, because: Backups are, in many situations, the lifeline that can keep companies running. However, if this anchor is damaged, downtime increases rapidly and recovery is made nearly impossible. Therefore, roles and rights related to storage must be assigned with appropriate caution. Only dedicated staff and storage administrators should have the ability to access backups. But what happens if a user account of these very administrators falls into the wrong hands?
Immutability as a key tool
The only way to permanently protect backups from the wrong hands is immutability. In the area of storage, this means storing backups in an immutable, read-only manner, so to speak. This prevents all data and backups from being encrypted even in the event of infiltration by ransomware groups, for example. The options for setting up an immutable backup range from air-gapped solutions to the AWS S3 Object Lock - arguments for the different variants can be found quickly. However, it is important that they are implemented as a fixed part of the backup strategy. This guarantees that the reassurance provided by backups remains intact throughout if access falls into the wrong hands, and data can always be restored in the event of an emergency.
Zero Trust in modern data protection is a process
Implementing Zero Trust in storage is a process that takes time and then needs to be looked at regularly to ensure continuous security. Phishing will certainly continue to be one of the biggest threats to organizations and their data, as the employee will remain the biggest risk to the defense. However, if roles and privileges have been assigned according to the zero-trust paradigm, then you minimize that risk as much as at all possible. This keeps backups the bulwark against ransomware that they are supposed to be.
-- Contact us at [email protected]
-
Collaboration to Transform Waste into Resources Dr. Winnie Tang
Over the past decade, the amount of waste produced by Hong Kong residents has remained high. According to government data, the per capita municipal solid waste disposal rate per day in Hong Kong
-
Is certainty a sin? Brian YS Wong
A few weeks back, I watched one of the most widely anticipated releases of 2024 – Conclave, a riveting political thriller directed by Edward Berger. Without giving too much away, I would settle for
-
Why Carpe Diem Brian YS Wong
“Carpe Diem” – we are told. To seize the day, is a moral prerogative. We must expend each and every hour, minute, and second with due care and caution, paying conscientious heed to the fact that our
-
British doctor’s autobiography describes remarkable life in HK Mark O'Neill
Dr John Mackay arrived in Hong Kong in 1963 and has lived here ever since. For 30 years. he was one of the city’s most respected physicians in one of the largest medical practices and then chose a
-
To build Hong Kong into an AI training base Dr. Winnie Tang
Since 2022, the Government has introduced a number of measures to compete for talents, and this year's Policy Address has made more persistent efforts to nurture local and lure I&T talent from all