ACTIFIO DATA-DRIVEN SOLUTION
Cyber Resiliency + Ransomware
A holistic approach to deterring and rapidly recovering from cyber attacks.
Minimize the business impact of ransomware / cyber attacks by recovering quickly with immutable backups
The average cost of a data breach is $3.92 million (source: Forbes & IBM study). The question for most CIOs is how to minimize the number of cyber attacks, and if attacked, how to rapidly recover to ensure minimal business impact.
As daily security incidents create new challenges, we at Actifio see threats not only against production data but also against secondary copies of data used for backup, disaster recovery, analytics, and more.
With the increasing incidents of ransomware, malware, phishing, and denial of service attacks, Actifio recognizes the need for a holistic approach to both protect data and rapidly recover from a cyber attack incident.
Legacy backup architecture introduces very large recovery times, and high operational burden while recovering from ransomware attacks.
The First Challenge
Ensure proper role-based access control and immutable backups.
The Next Challenge
Immediately after a ransomware / cyber attack, it is critical to very quickly identify a good point-in-time backup image that is not infected. Legacy backup/recovery architecture that uses sequential restores from many points-in-time introduces many hours and days of delays.
The Third Challenge
Perform rapid recoveries of the infected servers. The legacy backup/recovery architecture of rehydrating data from backups introduces many hours or days of delays.
HOW Actifio HELPS
Actifio provides immutable backups and rapid recoveries in minutes
Hardened Linux VM appliance
Actifio software is available as a hardened Linux VM appliance that limits external access, unlike appliances built on Windows that are susceptible to ransomware.
Role-Based Access Control (RBAC)
AD/LDAP users can be assigned different roles in Actifio. This ensures that non-admin users can not change backup retention or expire backups.
Retention lock at the software layer
When this feature is enabled, even an administrator can not change retention / expire backup images. This keeps the backups immutable from accidental deletions or a malicious user.
WORM at a storage layer
This feature ensures that backups can not be deleted by users who get access to the storage infrastructure storing the backups.
Actifio delivers instant mount and recovery to reduce the RTO. The mounts are always “virtual” snapshots of a backup. Thus even if the mount gets infected, the original backup remains immutable.
Detect Pristine Image Rapidly
Actifio enables users to mount a backup image from multiple points-in-time simultaneously to multiple test machines. Each mount can then be used to detect ransomware infection with high performance. This parallel approach reduces the time to identify pristine point-in-time.
Instant Mount & Migrate
Mount the pristine point-in-time backup images of multi-TB servers, file systems, databases in minutes so users are productive. As an option, in the background, Actifio can migrate the data seamlessly from the mounted backup image to a different storage tier.
Backups are encrypted in-flight and at-rest by Actifio under the file system. This ensures that users who have access to storage subsystems can never access the data.
Instant Mount from Cloud
Users can mount a backup image from S3 compatible cloud object storage from a remote site back to the primary site in minutes without having to wait for the data rehydration. This enables users to recover from much older points in time in just minutes.
Reduction of Surface Area of Attack
Actifio helps reduce the number of physical copies of production applications and hence the surface area of attack with its unique capability to reuse its backups directly for test/dev/analytics environments while not consuming any extra physical storage.