Retrospect, a unit of StorCentric company, this week updated its backup and recovery platform to simplify anomaly detection. The Retrospect Backup update uses customizable filters and thresholds that can be tracked via a central console.
In addition, IT teams can now create an immutable instance of a backup that makes it easier to recover from a ransomware attack by making sure a pristine instance of data is always available.
JG Heithcock, general manager for Retrospect, said version 18.5 of Retrospect Backup identifies anomalous behavior indicative of potentially malicious behavior. Tracking those anomalies has become more critical as cybercriminals have become more adept at not encrypting data locally and also injecting malware into the backups organizations rely on to recover from a ransomware attack, he said.
The sooner an IT team detects anomalous behavior the easier it becomes to thwart those attacks, noted Heithcock. Administrators can now also tailor anomaly detection to the policies they have defined for various use cases, he added.
As ransomware attacks become more frequent, organizations are increasingly integrating data protection platforms within their larger overall cybersecurity strategy. The defense-of-last-resort against these attacks is to ensure that backup copies of data encrypted during one of these attacks are readily available. As such, more backup and recovery tools are being deployed on cloud services as part of an effort to limit the devastation caused by ransomware attacks. With this latest release, Retrosoect has also tightened integration with the Microsoft Blob storage service to make it easier to save unstructured data to a cloud platform.
Along with the rise of ransomware comes increased focus on recovery. Every minute that organizations are unable to access data potentially costs them money. The smaller the organization, the less likely they are to be able to absorb the cost of that downtime, noted Heithcock.
Historically, the challenge has been that organizations failed to regularly back up their data, nor do they test their recovery process. It’s not uncommon for organizations to find their backed-up files are, for one reason or another, are corrupted when the time comes to recover that data. In the absence of a pristine copy of their data, many organizations find themselves forced to pay ransoms that get steeper with each attack.
It’s not clear to what degree cybersecurity professionals may be assuming responsibility for backup and recovery as part of a larger data protection strategy. However, it’s generally in their best interest to make sure pristine copies of critical data are always kept readily accessible. After all, it’s not the entry-level IT professional tasked with backing up data that will be held accountable when a ransomware crisis inevitably arises. In fact, cybersecurity and IT professionals would be well-advised to recognize that data protection has become a task in which everyone in the organization has a vested interest.