The best way to protect an organization from a ransomware attack is at its source, primary storage. Ransomware works by compromising a user account and then encrypting all the files that the account can access. A compromised superuser account is catastrophic. But to encrypt data files need to be opened, changed and saved again. What if the storage system protected against and provided an audit trail for those activities?
Introducing Nexsan Unity Active Archive
Nexsan designed its Unity Active Archive for use with its Unity Hyper-Unified Storage, a primary storage system that delivers high performance across a variety of use cases including network attached storage (NAS). Unity Active Archive is a storage system designed to store immutable copies of data to meet long term archiving requirements. But this immutability also provides excellent protection against ransomware.
How Unity Active Archive Protects Against Ransomware
Since Unity Hyper-Unified Storage and Unity Active Archive work together, a customer can configure the Hyper-Unified storage system through a policy to send data as it changes in real-time to the Unity Active Archive. The Active Archive stores a read only, immutable copy of each version of the data. If ransomware modifies the file, the encrypted copy of data will be written to the archive but it will not replace the last known good copy.
When a ransomware attack is identified, the IT administrator needs to first suspend the compromised account and kill the spreading of the ransomware virus. Once IT completes that task, the next step is the typically long and arduous recovery process. With Unity Active Archive, the administrator simply needs to restore pointers, small 1K files, instead of the entire file. The business can be back up and running very quickly. As users access these pointers, the entire file is restored in a process that is seamless to the user.
How Unity Active Archive Drives Down Long Term Storage Costs
Unity Active Archive does far more than protect from ransomware. It also lowers the cost of primary storage. The same process for protecting against ransomware can also move data to the archive based on policy. After data is copied to the active archive, a policy can be set to move the data from primary storage based on last access. The file will then be exclusively available in the active archive. The solution places a stub file on the Unity Hyper-Unified storage system so that if the user needs the file it will automatically be recalled.
Considering that 80 percent of data has not been accessed in the last 90 days, most organizations will be able to dramatically cut their primary storage costs as a result of this solution.
How Unity Active Archive Meets Regulatory Requirements
In addition to being at risk for a ransomware attack and having primary storage systems bursting at the seams with old data, organizations also need to adhere to regulatory demands placed on them by a governmental or organizational body. Meeting these regulations requires the business to keep the data for a specified number of years and the organization can prove that it has not been altered. Unity active archive, through policies, can meet these demands. A policy can keep a file or set of files for the required period of time as read-only. It also has an audit log to verify the lack of change.
Ransomware is a thread that all organizations need to have a response to. It requires a unique counter measure that can protect data as it changes and recover thousands of files almost instantly. But ransomware is not the only challenge facing IT and it’s hard for the organization to justify a ransomware-only solution. Active Archive solves three problems. First, it provides real-time protection against ransomware. Second, it reduces the cost of primary storage. Third, it prepares the organization to meet regulatory data retention requirements. The combined resolution of these three problems results in a very rapid return on investment.
Sponsored by Nexsan