Think about the amount of information that is available today. It amounts to hundreds of zettabytes.
Yet, the bulk of security attention is aimed at the network perimeter or endpoint devices. Storage and backup need as much protection as other systems.
Here are some of the top security assessment trends that are related to storage systems, backup, and cloud storage:
1. Storage security automation
Continuity Software released a shocking report detailing the extent of vulnerabilities and unpatched systems that exist as the norm among enterprise backup and storage systems.
The report details as many as 6,300 discrete security issues detected across commonly used storage and backup systems.
“The typical enterprise storage device has 15 vulnerabilities,” said Doron Pinhas, CTO, Continuity.
“Out of those 15 vulnerabilities, three are high or critical risk.”
His organization provides a way to assess storage and backup systems for vulnerabilities that are typically missed by patch management and vulnerability scanning tools. He also believes organizations need to look for ways to add automation to help reduce the growing overhead involved in repeatable assessments.
2. Protecting government and critical infrastructure systems
Following the Colonial Pipeline ransomware attack in 2021, the U.S. government has been reevaluating its approach to security postures for critical infrastructure operators across the nation.
The Department of Homeland Security continues to roll out new requirements for high-profile industries, with the most recent updates coming for the energy and transportation sectors.
Beyond those sectors, they’re expected to tighten requirements across the remainder of the 16 critical infrastructure sectors. This includes the safeguarding of storage and backup systems.
“It is paramount that organizations operating in these high-profile areas avoid getting caught flat-footed by staying ahead of their physical and cybersecurity positions and auditing their procedures and protocol across both cyber and physical spaces,” said Daren Trousdell, chairman and CEO, NowVertical Group.
“Regularly conducting simple reviews of your safety and security approach can help you stay ahead of the curve and avoid getting hit with fines, citations, or even an attack.”
3. Cloud data protection
Given the heavy reliance on virtual tools to support hybrid work environments across the globe, increasing adoption of SaaS tools, and continued growth of enterprise data volumes, it is inevitable that cybersecurity threats will persist and become increasingly complex.
It’s nearly impossible to prevent all the ways bad actors can infiltrate networks, exploit unknown vulnerabilities, and target company data and backups to extort money from organizations. Security preparedness and assessment strategies are critical in preventing breaches.
The most well-protected companies are organizations that deploy security strategies that include not just prevention and detection, but also data protection, backup, and recovery as well.
However, many companies have yet to uncover the proper way to leverage the cloud to effectively back up and store all their data. This puts their data at risk in the face of growing security concerns, said Andrew Smith, senior manager of strategy and market intelligence, Wasabi Technologies.
He believes the cloud has a big role to play in preventing cyberthreats. He expects to see an influx in IT and security decision makers adopting cloud-based backup strategies as a central tenet of their overall data security strategy.
“Today’s cloud storage solutions can provide additional security measures to overcome modern security challenges, such as human error, phishing attacks, ransomware, and other threats to sensitive corporate data,” Smith said.
“Cloud storage has capabilities to help mitigate the effects of ransomware attacks.”
Object-level immutability, for instance, can prevent data from being tampered with, modified, or deleted by anyone, even a systems administrator. Furthermore, with a multicloud strategy, organizations can leverage one cloud as a primary provider and a second cloud as a backup or disaster recovery location to improve data resilience in the event of a cloud outage/downtime.
Cloud data needs to be included in ongoing security assessments to identify where data is located and who has access. Cloud data management and protection features, like cross-region replication and object lock/immutability, are becoming important tools for security and infrastructure admins in their battle to prevent data loss and downtime due to malware and ransomware attacks, Smith said.
4. The rise of the data officer
Organizations have been plagued by copies of data leaking outside the organization or not being protected properly across different server, storage, and cloud systems.
Molly Presley, SVP of marketing at Hammerspace, sees the role of the data officer expanding as one of the ways organizations will learn to pay more attention to storage, backup, and data security and prevent data leaks.
“The data officer will become increasingly important in designing IT architectures that provide an audit trail that includes assurances on the handling of data copies as well as policies that ensure all global data is secured and protected properly,” Presley said.
5. Check backups
Sophisticated ransomware actors now understand that their attacks can be foiled by secondary copies of data that exists in traditional data backups.
Consequently, new attack vectors are targeting backup data through deletion or data encryption, with an estimated 68% of attacks using this pernicious approach.
“Teams need to assess if backup data is stored in a secure, hardened, immutable way, such as with object storage that will make backups impervious to ransomware and eliminate another avenue of exploit,” said Paul Speciale, chief product officer, Scality.
Security assessment should examine the backup architecture to verify the big three of ransomware protection: that backups are 1) immutable, meaning an entry cannot be deleted, modified, or overwritten for a time period specified by the administrator; 2) distributed; and 3) encrypted.
Speciale said that object storage fits all three, making it particularly well-suited for secondary storage or backup ransomware protection. Object storage is also API-driven, which means that ransomware scripts can search for and automatically encrypt files the way they could on a Windows Server. To be able to find the data, an attacker would need to know the individual APIs for that particular object storage solution, which is unlikely.