As data piles high in distributed environments, hackers are increasingly targeting backup systems to make off with classified information. The worry that critical data will be exposed to bad actors deepens every day, keeping enterprise security teams sleepless at night.
A New Trend
One of the leading causes of data exfiltration in organizations is ransomware attack. Studies conducted on the recent wave of ransomware attacks against businesses show that attackers are employing double extortion tactic to exploit targets.
As soon as cybercriminals have access to a mission-critical data stack, they encrypt it maliciously, making it inaccessible to the organization. They then hold it for a ransom. The organization has a short window to pay the ransom money and get the asset back, failing which, the attackers publish the information on dark web, or sell it to the highest bidders.
Key Findings
Rubrik Zero Labs, the research and analysis wing of Rubrik, recently released a report on real-life cyber-attacks in which 1600 respondents shared their stats. 7 out of 10 participating companies reported that they paid ransom to get stolen data back. But even less than 2 out of those organizations confirmed that were able to fully recover data after a ransomware encryption.
CIOs say that one of the biggest challenges that enterprises are grappling with in the fight against cyberwarfare, is identifying sensitive information. Data is being shared across enterprise, cloud and SaaS environments every minute. An accidental export can put sensitive user information at risk just as much as a predator hiding in the corner.
A multitude of classified content traverses the company network – PII, PCI, trade secrets, source codes, high-value forms. Living across cloud, this data, whether at rest or in motion, faces an elevated risk of security breach.
A Partnership to Secure Customer Data
Recently, Rubrik and Zscaler, the two of the industry’s frontline cybersecurity companies, have partnered up and jointly launched a double extortion ransomware solution.
The first of its kind, the solution integrates Rubrik Security Cloud with Zscaler’s Index Tool to provide sensitive data loss protection. In the past, data prevention loss (DPL) has been a key strategy in stopping unauthorized data exfiltration. But DPL checks are not 100% effective, if it does not know how to scan and spot sensitive data.
Companies with data estates sprawling across distributed environments, and limited vision, do not have stand a chance of knowing what dataset contains sensitive content that cannot pass the firewall boundaries.
Rubrik and Zscaler’s combined solution provides automatic sensitive data file detection. It tells operators what sensitive data they have, where in the environment they are, and who have access to them.
Optimizing Security Posture with Rubrik and Zscaler
Rubrik’s integration with Zscaler allows classified files from Rubrik Backup to be sent to the Zscaler index tool for fingerprinting into data protection index. The Zscaler Indexed Document Match applies data protection polices to these critical files making them extra safe from exfiltration.
Zscaler’s ability to protect classified data across the data lifecycle – from creation to usage to sharing – provides the extra boost of protection required for critical data.
The solution is quite simple to use. Rubrik can be configured with a compliance policy to target specific objects and types of data. It then scans backup data to spot sensitive content in keeping with the policy it was configured with. This scanning process is light, and has zero impact on production.
The Rubrik Security Cloud feeds all detected sensitive files to the Zscaler Index tool. Zscaler indexed document matching enforces the policies and control the information flow from Rubrik backup, preventing exfiltration to user devices, SaaS applications or cloud platforms.
All policy violations are flagged and alerted on the Zscaler console. An in-depth review of the same is published for administrators, giving them the minutiae of the offending actions.
The solution requires no additional infrastructure to deploy. Classification of data happens out-of-band causing no impact to production.
In Conclusion
Since the past two years, there has been a steady year-over-year increase in reports of ransomware attacks in organizations. In total, potential losses from cyberattacks exceed billions yearly. Cybersecurity experts say that a lot of these attacks could be prevented by just staying vigilant. To sustain and thrive, organizations need to double down on data protection. The Rubrik integration with Zscaler provides improved data loss prevention, and adds that extra layer of protection to confidential and high-value information, making losses from hacking incidents less likely. Extra points for the set-and-forget administration that requires no attention past configuration.
To know more about the solution, head over to Rubrik’s website. Watch Rubrik’s presentations from this past Security Field Day event for a deep-dive of the Rubrik architecture. For more such stories, keep reading here at Gestalt IT.