Asigra Cloud Backup is seeking to protect a type of data that’s becoming more susceptible to ransomware attacks: backups.
The updated Asigra backup software, Cloud Backup 14, has embedded malware engines in the backup and recovery stream to prevent ransomware from getting into backups, Asigra executive vice president Eran Farajun said. The engines are designed to identify a virus, quarantine it, and notify the customer.
Getting ‘ahead of the game’
Asigra has been quiet in terms of major releases in the last 18 months. However, Farajun said the company has been taking note of the convergence of security and backup technology, thanks in part to ransomware.
“The market has evolved,” Farajun said. “Version 14 aims to address some of those shifts.”
Asigra has partnered with several IT security software vendors, which the company is not identifying, to provide the multiple layers of security technology within its cloud backup software.
The Asigra backup software uses what Asigra calls “bi-directional malware detection.” Real-time scans of files isolate the malicious code.
Variable repository naming provides a moving target so malware has a harder time identifying and deleting backups.
Asigra Cloud Backup also includes two-factor authentication. Deleting backup data from repositories requires a second authentication.
New ransomware variants are increasingly targeting backup data, in addition to primary storage. Asigra backup is fighting what the vendor has coined the “Attack-Loop,” which is the method taken by ransomware in infiltrating backups and staying dormant until the data is recovered back to the network following an attack on primary storage.
In this respect, Asigra is proactive in its effort to confirm backups don’t have ransomware, said Edwin Yuen, analyst at Enterprise Strategy Group.
“It’s clearly an area where you have to work together,” Yuen said of the combination of cybersecurity and data protection. “Asigra is a little ahead of the game by producing these features now.”
Yuen said he expects more data protection vendors to take on this specific problem.
Eran Farajunexecutive vice president, Asigra
Others have built-in ransomware protection features. Acronis software uses machine learning to help prevent ransomware viruses from corrupting data, attempting to detect suspicious application behavior before files are corrupted. The Quorum onQ Ransomware Edition appliance takes snapshots of servers and provides server-level recovery. Unitrends physical and virtual appliances use predictive analytics to determine the probability that ransomware has attacked.
While simply having backups used to be an effective strategy against ransomware, “the bad guys don’t sit still,” Farajun said. “This is a cat and mouse game.”
GDPR and data management features included
The updated Asigra backup product also aids compliance with the General Data Protection Regulation (GDPR), which goes into effect May 25, 2018. One of the biggest elements of GDPR is the “right to be forgotten,” in which data subjects can request personally identifiable data be erased from a company’s storage, including backups.
Asigra Cloud Backup includes content search and eDiscovery that enables the identification of data so that it can be migrated, curated and deleted.
GDPR should cause IT professionals to think about how much they’re using image-based backups versus file backups, Farajun said. Images could create more manual work relative to GDPR compliance.
“GDPR wants you to manage data responsibly,” Farajun said.
Asigra has also added data management functionality — based on its instant recovery — that enables backed up data for additional uses, including DevOps, test and development, and search and analytics.
“We think [data management] is a feature, not a company and not a market,” Farajun said.
Version 14 of the Asigra backup product will be generally available June 15.