Sign in to my dashboard Create an account
Menu

Data protection is important; data recovery is critical

person working on laptop with external monitors
Table Of Contents

Share this page

Shuja Mirza
Shuja Mirza
194 views

In our connected world, the widespread adoption of technology has revolutionized the way organizations deliver data-based services. Whether it’s consumers relying on online platforms or governments serving citizens, the importance of data—the lifeblood of these services—cannot be overstated. Protecting this data is paramount, because any malicious access leading to its modification, theft, encryption, or deletion can result in catastrophic consequences with a profound societal impact.

Organizations have long recognized the necessity of protecting their data, implementing various security measures to safeguard this second most critical asset (with people being the first). However, when malicious actors breach an organization’s network, they can exfiltrate, encrypt, delete, or even subtly modify data. At the very least, they can disrupt data access, causing service outages. Over the years, multiple approaches—from network security to data-centric security—have been employed to mitigate these risks. Yet the evolving sophistication of cyberthreats has tested these defenses like never before.

Increased sophistication of cyberthreats

Cybercriminals now operate in well-coordinated teams, relentlessly targeting data repositories to gain unauthorized access. Often, their goal is to demand ransom; sometimes, it’s simply to demonstrate their prowess and dominance over organizational defenses. As these threats become more advanced, security professionals face mounting pressure to stay ahead of the curve. The industry’s response has been varied, and opinions differ on whether current strategies are meeting the expectations of data custodians.

One recent and stark example of the critical need for robust data protection and recovery strategies occurred in April 2023, when one of the leading medical institutes in India—the All India Institute of Medical Science (AIIMS)—faced a severe ransomware attack. The attackers infiltrated the hospital’s IT systems, encrypting critical data and demanding a hefty ransom for its decryption. This incident crippled the hospital’s digital operations, affecting patient care and administrative functions. The attack on AIIMS underscored the vulnerabilities in the healthcare sector and highlighted the importance of not only having strong security measures in place but also ensuring effective data recovery strategies to mitigate the impact of such incidents.

NetApp’s best-in-class security practices

At NetApp, we believe in the positive reinforcement of security practices and have adapted to this new era of cyberwarfare. Our approach has become more sophisticated, involving cutting-edge technology to thwart attacks and support our customers during cybercrime incidents. By designing our solutions with data protection at the core, NetApp offers a robust suite of tools and techniques to prevent data breaches.

NetApp provides the following key security features.

Logging and auditing

  • Remote syslog
  • Security information event management (SIEM) system
  • Full file-access auditing (native or external)

Secure administration

  • Role-based access control (RBAC)
  • Certificate authentication for REST API
  • Token-based authentication for automation
    • OAuth 2.0 support, eliminating the need for passwords
    • REST API and Ansible support

Multifactor authentication (MFA)

  • System Manager (ADFS, Cisco Duo, Shibboleth)
  • Hardware token support for SSH with FIDO2 and Personal Identity Verification (PIV)
  • SSH MFA for Active Directory users
  • Cisco Duo for SSH
  • Time-based one-time password, or TOTP (Microsoft and Google Authenticator)
  • SSH certificate revocation support

Multi-admin verification (MAV)

  • Tackles insider threats and stolen credentials

NetApp’s Ransomware Recovery Guarantee program

Although prevention is essential, the ability to recover from an attack is even more critical. NetApp’s commitment to data recovery is demonstrated by our Ransomware Recovery Guarantee program, based on the Zero Trust model and powered by NetApp® ONTAP®, the world’s leading data management software for storage. With this approach, only authorized users can access data—even administrators cannot destroy it—and all activities are logged in tamperproof, auditable records.

NetApp’s comprehensive strategy—detection, protection, and recovery—keeps data secure in the face of cyberthreats. For instance, the NetApp Cloud Insights monitoring tool can detect abnormal user behavior and storage changes, issuing real-time alerts if an attack is suspected. Our storage systems can then take automated actions, such as locking data repositories, dropping network connections, and creating instant, immutable NetApp Snapshot™ copies.

Seamless recovery is achieved through early detection, secure data repositories, and the ability to restore data to its original state swiftly. The Ransomware Recovery Guarantee program offers a reliable and rapid way to recover from cyberattacks, providing resilience and continuity for your information assets. By leveraging Snapshot copies, whether local or remote, you can restore data in a minute, if not seconds, regardless of size.

NetApp safeguards data on premises and in the cloud with minimal infrastructure costs.

To explore the details of the NetApp Ransomware Recovery Guarantee, read its terms and conditions.

NetApp’s solutions also comply with regulatory standards such as NIST, HIPAA, GDPR, PCI DSS, and FIPS, continually innovating and earning certifications from third-party agencies to host sensitive data securely.

Conclusion

In a world where cyberthreats are ever-present, protecting data is crucial, but the ability to recover it swiftly and effectively is what truly supports the resilience and continuity of services. At NetApp, we are dedicated to both.

Shuja Mirza

Shuja Mirza is the Director for Solutions Engineering for the India & SAARC region. He is an experienced IT leader, with expertise in areas of data management, data storage, cloud, and digital transformation. In his 23-year-long career, he has worked on projects under the ministries of Electronics & Information Technology, Finance, Telecom, Power, and External Affairs and in many projects across Public Sector Undertakings (PSUs).

View all Posts by Shuja Mirza

Next Steps

Drift chat loading