Taking a Singular Approach to Protecting from Ransomware Attacks

Bringing together backup and cybersecurity software and delivering them as a single solution used to strike me an improbable combination. After all, what was the business driver to bring them together? Then ransomware changed everything. Suddenly, the idea that an organization had good but compromised backups did not seem so far-fetched. This created the need for singular data and threat protection solutions that Acronis Cyber Protect helps exemplify.

It’s Preposterous

The idea that backup and cybersecurity software would ever successfully merge seemed preposterous even a few years ago. Large providers such as EMC (now part of Dell) and Symantec (which previously owned Veritas) tried it with little to no success. If anything, they accomplished the exact opposite objective. They did not demonstrate a compelling business justification to deliver and manage these two technologies as one solution.

Ransomware Became the Business Justification

AdobeStock 120860234 business case resizedThe prior merger attempts between these backup and cybersecurity software largely occurred before ransomware entered the scene. While ransomware initially only attacked and encrypted production data, it evolved to target backup software and backup targets. These attacks methods included:

  • Deleting or encrypting backup targets to make restores and recoveries impossible
  • Accessing and logging into the backup software itself to compromise backup processes
  • Infesting production data over a period of days, weeks, or months. When ransomware then did detonate and restores did occur, the restores re-introduced ransomware back into the environment.

These attacks created a new demand for backup and cybersecurity software to do more than peacefully co-exist. The two technologies needed to integrate with one another to leverage the other’s strengths. It is this specific need that Acronis with its Cyber Protect offering successfully begins to address.

Simple Yet Sophisticated

Acronis certainly does not represent the only provider to offer both backup and cybersecurity software in its portfolio. Other providers also recognize the growing demand organizations have for the integration of these two software offerings. However, Acronis takes a simpler yet more sophisticated approach to deliver its offering. It does so in at least the following two ways:

Eliminates Communication Breakdowns

Many of Acronis’ competitors also offer cybersecurity features as part of their backup software or in the offerings. Some offer or support backup data immutability. Some scan for ransomware as data is backed up, in the backups, during recoveries, or some combination thereof. Some use two-factor authentication to validate backup administrator logins and any changes or deletions of backup data.
However, scanning backup data for ransomware independent from production data may have an undesirable side effect. The security department may detect ransomware in the production data and should inform the backup administrators of their discovery. The same communication must occur from the backup administrators to the security administrators if backup admins detect ransomware in the backups.
Acronis helps to mitigate this potential for communication breakdowns. It scans both backup and production data and presents the combined results through a single interface. The approach alerts all concerned parties as to the presence of ransomware in the environment.

Single Touch Point

Organizations look to minimize how often they touch their physical and virtual servers and the amount of software installed on them. Currently, most providers that deliver both backup and cybersecurity software must use different agents for each software offering. They may also need to manage each offering through different management consoles, though management options vary by provider.
Acronis tackles these challenges in two ways. First, it delivers both its backup and cybersecurity software using a single agent. This eliminates the need for organizations or managed service providers (MSPs), Acronis’ target audience, to deploy different software agents on each server.
Second, Acronis exposes the APIs for both the backup and cybersecurity components of its agent. This positions organizations and MSPs to manage both backup and cybersecurity from a single console.
Organizations and MSPs may then write code to programmatically take advantage of these APIs, However, Acronis has already written and provides the integration for a dozen commonly used professional service automation (PSA) and remote monitoring and management (RMM) tools. Using this integration, organizations and MSPs may deploy and manage Acronis Cyber Protect through their existing management console.

A Singular Approach

Acronis’ singular approach to delivering data protection and cybersecurity software largely came about due to ransomware’s prevalence. No organization or MSP may assume it is immune from a ransomware attack. Rather, everyone should take the position it is a matter of when, not if, they experience such an event.
Acronis’ technique of merging data protection and cybersecurity represents a vision of where these two technologies are likely headed. Denying a ransomware attack will occur or missing one due to a communication breakdown between departments helps no one. It only increases the probability a ransomware attack negatively impacts an organization or MSP.
No foolproof method yet exists to eliminate the possibility of a ransomware attack. However, new processes and techniques do exist that help mitigate the possibility of its negative impact on an organization. The Acronis Cyber Protect platform exemplifies how organizations and MSPs can effectively deliver and manage data and threat protection together as one.

Click Here to Signup for the DCIG Newsletter!


DCIG Newsletter Signup

Thank you for your interest in DCIG research and analysis.

Please sign up for the free DCIG Newsletter to have new analysis delivered to your inbox each week.