Ransomware and CTERA
Ransomware can delete backup copies. How can I be sure my backups with CTERA are secure and cannot be encrypted or overwritten?
Security is our top priority. The CTERA Enterprise File Services Platform was designed from the ground up to fully protect data from attacks or unauthorized access. Any attacker or malware is prevented from accessing backup files because data is encrypted in-transit and at-rest. Therefore, data connections to the file or object storage storing the files are fully secure; an attacker who encrypts the local disk cannot also encrypt the backups.
Additionally, the CTERA platform provides snapshots of your files in each backup job. You can set the snapshot scheduling to daily or even hourly, depending on your organization’s needs. With snapshots, you don’t have to worry about corrupt files overwriting clean files. Each snapshot is independent of other snapshots – so if you realize your system was infected on Tuesday, you can choose to roll back to Monday’s snapshot and restore your system to a clean point in time.
CTERA offers a solution after an attack has occurred. Why do I need CTERA if I want to stop attacks before they occur?
CTERA recommends that you employ the proper security measures around your organizational perimeter, such as patching your systems and getting up to date on all updates; training your workforce on ransomware; deploy anti-virus platforms, etc. These will help reduce the risk of ransomware infiltrating your organization.
But no security plan is foolproof, and proper data backup is a vital component to ransomware protection as well. You will want to back up all files and systems to avoid paying a ransom to recover from crypto events. CTERA and our customers have been fortunate to catch and recover from some very serious ransomware crypto-lock events. With the right data protection tools, they’ve successfully saved themselves from paying $100,000s in ransom and minimized the period of business outage.
Time is short. How long will it take to back up all my data?
CTERA utilizes state-of-the-art data compression de-duplication. The total backup time will depend on your network connectivity and the amount of data being backed up, but CTERA will back you up as quickly as possible.
How long would it take if my organization were attacked by ransomware and I needed to recover all of my files?
CTERA provides comprehensive restore tools that are quick and easy to use. Administrators have the ability to roll back to any previous version of files and recover their systems to an uninfected state. Organizations using CTERA data protection tools are generally up and running in the shortest time possible.
Can our organization stay productive even while our users' data is being restored?
Yes. CTERA enables users to quickly ‘failover’ to the cloud, enabling quick and easy access to files directly on the CTERA Portal. Employees can immediately continue to work in the cloud while their workstations are being restored.
Doesn't adding sync to ransomware recovery add risk? What if infected files sync to other users and machines; wouldn't the attack spread quickly?
The benefits of a global file sync and data protection platform like CTERA’s – where all data is under one umbrella with centralized governance, global file scanning (antivirus), and global rollback – outweigh the disadvantages of potentially syncing harmful files.
A centralized system like CTERA covers all devices, locations, and users, which means you don’t need separate remediation for every single device or user as an attack occurs. When an attack occurs, you have a complete picture of all the exposure, and with versioning and backup, you can rollback to the most recent safe point.