ST2403
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
STRATEGY: DATA INTEGRITY<br />
"The absence of collaboration between storage and security, whether on the vendor side<br />
or the end-user side, has resulted in numerous hours of downtime, substantial revenue<br />
losses, and tarnished public reputation. This issue has manifested repeatedly over the past<br />
few years. What is imperative is a transformative shift - a change in the way enterprise<br />
storage collaborates with security, a shift in how corporate data is safeguarded, and a<br />
redefinition of resilience in anticipation of potential cyber-attacks."<br />
operational disruption, and substantial data<br />
loss when achieving a clean recovery<br />
becomes challenging.<br />
The absence of collaboration between storage<br />
and security, whether on the vendor side or the<br />
end-user side, has resulted in numerous hours<br />
of downtime, substantial revenue losses, and<br />
tarnished public reputation. This issue has<br />
manifested repeatedly over the past few years.<br />
What is imperative is a transformative shift - a<br />
change in the way enterprise storage<br />
collaborates with security, a shift in how<br />
corporate data is safeguarded, and a<br />
redefinition of resilience in anticipation of<br />
potential cyber-attacks.<br />
A NEW FOCUS ON INTEGRITY<br />
Data resiliency initiatives represent a pivotal step<br />
towards unifying enterprise storage and security.<br />
With this strategic focus, new and valuable<br />
features will be integrated into storage<br />
platforms, fostering collaboration within the IT<br />
organisation. However, these initiatives alone<br />
are insufficient. The linchpin for uniting these<br />
disciplines lies in prioritising data integrity.<br />
Data integrity ensures that data remains free<br />
from corruption, facilitating effective<br />
restoration and minimising data loss. Beyond<br />
these benefits, it furnishes deep analytical<br />
insights capable of revealing even the most<br />
concealed and hidden data corruptions. By<br />
emphasising data integrity, organisations can<br />
enhance cyber capabilities across primary and<br />
secondary storage platforms, providing<br />
detailed forensics into attacks and quickly<br />
establishing know good recovery options.<br />
This, in turn, enables security, storage, and<br />
data protection teams to refine their efforts in<br />
minimising operational interruptions and<br />
cyber liability at a time of chaos.<br />
Data integrity surpasses a superficial<br />
examination aimed at detecting malicious<br />
activity. It extends beyond routine checks for<br />
appended file extensions included .encrypted or<br />
.lol, unusual changes in daily file thresholds, or<br />
elevated compression rates in backups, which<br />
may indicate data encryption. While these<br />
methods are intriguing, they are susceptible to<br />
evasion by malicious actors armed with<br />
sophisticated ransomware variants.<br />
True data integrity demands a more profound<br />
analysis, leveraging advanced approaches such<br />
as content-based security analytics and AI-based<br />
machine learning. This in-depth inspection not<br />
only ensures the integrity of the data but also<br />
yields valuable telemetry data. This information<br />
can be utilised by data protection teams to<br />
identify what needs restoration and by security<br />
teams to understand the nature of the incident,<br />
enabling them to deploy effective tools against<br />
similar malicious activities in the future.<br />
The necessity for a detailed level of data<br />
integrity becomes evident when considering the<br />
latest ransomware variants. Contemporary<br />
strains often employ lightweight encryption<br />
algorithms, leaving minimal evidence of<br />
corruption. Some utilise intermittent encryption<br />
algorithms, which in response requires a<br />
thorough inspection within files and databases<br />
content to confidently detect. Additionally,<br />
certain variants engage in slow corruption,<br />
deliberately falling below threshold analysis<br />
triggers.<br />
ROBUST AND RESILIENT<br />
Achieving a high level of data integrity demands<br />
deep, content-based inspections of files and<br />
databases. Advanced analytics, validating<br />
headers of databases, assessing content<br />
structure, and uncovering hidden internal<br />
encryption, become critical. Integrating this<br />
advanced level of data integrity with both<br />
primary and secondary storage platforms<br />
emerges as the sole, effective approach to<br />
ensure robust cyber resiliency.<br />
The ransomware challenge is a grave and<br />
continually evolving threat. Bad actors are now<br />
employing advanced technologies like GenAI to<br />
craft super variants that corrupt data while<br />
leaving behind minimal evidence. The<br />
imperative for data integrity becomes<br />
increasingly critical in establishing a high level of<br />
resiliency. Such resiliency is essential for<br />
organisations to swiftly recover, minimise data<br />
loss, and prevent public exposure in the event of<br />
a ransomware attack.<br />
If Gartner's predictions prove to be accurate,<br />
the use of this type of cyberstorage capabilities<br />
to recover from ransomware attacks will be<br />
mainstream in a few years. However, many<br />
organisations cannot wait that long as the battle<br />
continues to ramp up and cause serious impacts<br />
across the globe.<br />
More info: www.indexengines.com<br />
www.storagemagazine.co.uk<br />
@STMagAndAwards Mar/Apr 2024<br />
STORAGE<br />
MAGAZINE<br />
23