A Unified, Multilayered Approach to Ransomware Protection

For several years in a row, tech observers have declared it  “the year of ransomware.” That time appears finally to be over. Not because ransomware has peaked — far from it — but because people now seem to realize that hackers have found an attack type so lucrative that they’re going to keep using it again and again. 

By 2025, ransomware attacks are projected to cost businesses up to $10.5 trillion per year in combined lost revenue, brand impact and missed opportunities. And in a 2021 survey, two-thirds of CISOs said they felt that their organizations were at risk of falling victim to a successful cyberattack. 

Often, we find that organizations adopt several tools to beat back ransomware attacks, resulting in convoluted solution environments. Commvault offers a unified, multilayered approach to ransomware protection, helping organizations identify threats, protect their environments, monitor for suspicious activities and respond to (and recover from) attacks.

The first step in multilayered protection is knowing what assets you’re trying to protect. Commvault Command Center offers a single dashboard that identifies risk exposure and coverage status, allowing security professionals to instantly identify potential gaps. 

Also, Commvault uses zero-trust principles to give organizations complete control over who has access to data and systems, and eliminates accidental or malicious insider threats by requiring dual authorization for administrative changes. 

So many successful cyberattacks stem from simple issues such as password hygiene, or a lack of multifactor authentication. By identifying these problems early in their cybersecurity journeys, organizations can save themselves significant time, money and effort later on.

After organizations identify potential vulnerabilities, they must take proactive steps to protect their environments from attack. Commvault supports this process by isolating networks and data management using multitenancy functionality and by securely air gapping backups. 

Some industry observers have called Commvault’s Metallic Recovery Reserve an “easy button” to help organizations secure data and control costs. The feature is fully integrated with Commvault software, allowing data to be written directly to cloud storage without the need for cloud-based compute resources.

Organizations need to be alerted when suspicious activity occurs within their networks. But many cybersecurity professionals struggle with “alert fatigue.” Bombarded by false alarms, these workers become overwhelmed trying to identify true threats amidst the noise. 

Commvault utilizes artificial intelligence and machine learning to weed out false positives, allowing organizations to focus their attention where it’s needed most. 

Commvault also makes use of “honeypot” decoy files. Because these are essentially fake files that would never be changed or deleted by a legitimate user, any activity on them will instantly alert an organization to the presence of malicious actors.

It may not be a fresh take, but it’s well worn for a reason: Cyberattacks are a matter of when, not if. Businesses simply must be prepared to respond to these attacks quickly and recover from them in a way that mitigates damage as much as possible. 

Commvault enables response and recovery by isolating suspicious files to minimize ransomware spread, retaining the last known good copy of backups and automating the recovery process. 

No organization can completely insulate itself from ransomware attacks. But by investing in tools that provide multilayered protection, organizations can ensure that they are ready to face them.

Story by Matt Cross, a channel sales engineer at Commvault with more than 15 years of tech industry experience. He works closely with CDW solution architects and account managers to provide comprehensive data management solutions to their customers.