The rapid evolution of threats has kept organizations’ SecOps teams busy making response plans for all probable security incidents. In this fight against pervasive threats, only security systems that have low to zero vulnerabilities stand a chance. Rubrik presented the Rubrik Zero Trust Architecture at the recent Security Field Day event that prevents attacks and enables accelerated recovery. Rubrik’s architecture’s biggest advantage? It’s missing the inherent vulnerabilities of a traditional Zero Trust data protection model.
A Change of Plan
Following the steps of the recent attacks, new details have emerged that now shed light on the path of ransomware attacks. Once past the initial point of breach, attackers are using lateral movement to traverse deeper into the network. But a change in behavior is becoming clearer in the new attack plans. Instead of stopping at data exfiltration and a ransom note, attackers are moving on to disabling backup platforms deleting and expiring them, making the option of a recovery impossible.
To the frustration of organizations, assembling a first-rate security team with the finest people and investing in the latest technologies haven’t gone a long way towards stopping ransomware attacks. Breaches remain rampant as organizations grapple with growing security OPEX.
Rubrik Defending against Modern Attacks
Rubrik tends to do security a little differently than most security providers. Only 7 years in business, Rubrik has spent a great deal of resource and focus on researching ransomware attacks and building powerful response strategies. With most attacks happening Friday evenings and in the wee hours of Saturdays, Rubrik understands the importance of having response services on the ready at the times of most desperate needs, day or night.
Rubrik key strategy in the fight against ransomware is to secure backups so that attackers cannot leverage these platforms to exfiltrate data or leave them compromised in an event of attack. By determining and analyzing the blast radius of an attack, it helps find answers to questions at the time of forensics about assets that were at risk and data that was stolen. To conclude, it figures out a recovery point and automates a tailored recovery that works best in a given case.
Rubrik’s Zero Trust Data Protection- Preventing Breaches and Securing Backups
At the Security Field Day event in March, Joshua Stenhouse, Field CTO for Cyber Resilience at Rubrik presented the Rubrik Zero Trust Architecture. As a part of the ransomware response team, it is Stenhouse’s job to identify and respond to attacks on a daily basis. At the presentation, he dissected the anatomy of a modern ransomware attack and explained how Rubrik approaches the problem with the enhanced Rubrik Zero Trust Architecture.
Rubrik Zero Trust Architecture is built to deliver pre and post-infection protection. Combining threat intelligence with analysis, visibility and management, it is a next-generation architecture that is predicated on the idea that an infrastructure or any components in it can be potentially breached and therefore needs protection.
Using native immutability with retention lock and a logical air gap technology, it enables fast and full recovery, but without escalating the security costs. Rubrik Zero Trust Architecture involves a highly secured data storage technique that cannot be illegally accessed, mounted or at all tampered with. The architecture, with built-in MFA, at rest and in flight encryption and an immutable file system keeps data enclosed and unavailable to anybody with unauthorized access in the network.
By removing the possibility of disaggregating backup software from backup storage with its single-vendor model, Rubrik’s Zero Trust Data architecture escapes the biggest flaw of a traditional architecture of its kind- data accessibility via standard storage protocol. By storing all of the ingested data in its own proprietary file system, it goes around the standard NFS and SMBs, thus making it impossible for attackers to gain access to a file system or backup from a compromised server in the environment.
It is evident from above that Rubrik has made Zero Trust better. Rubrik’s Zero Trust Data Protection may be divorced from the traditional architecture that vendors swear by, but it dovetails with the present requirements of ransomware protection proving the theory that when standardized, a single vendor can bring the best of two worlds. With zero trust security embedded at its core, the Rubrik Zero Trust Data Protection platform has an absurd amount of security features packed into it. With its use, businesses can achieve the three major milestones in ransomware security- enhance default backup posture, overall reduce the attack surface and prevent ransomware events.