By enabling security and protection controls, not only do you make it harder for an attack to spread and the attackers to succeed, but you also establish a highly defensible position. Think of it as your fortress, complete with turrets, a dragon-filled moat, and a read-only snapshot copy of the castle’s bounty.
File permissions, access controls, and expert policies are only as good as the last time they were updated. Constantly monitoring data access helps flag atypical accesses that could indicate your data is under attack.
This transition to using AI, ML, and pattern detection is the bedrock of a data-centric zero-trust model. In a nutshell, the three basic principles of zero-trust architecture are:
- verify explicitly;
- use least-privilege access; and
- assume breach.
Ransomware attacks have become extremely intricate and tactical, even gaining admin credentials for storage and backup software. WORM storage may sound gross, but “write once, read many” could be the only thing standing between you and the hackers who will delete everything unless their demands are met.
WORM storage creates nonrewritable, nonerasable data to prevent files from being altered or deleted until a predetermined or default retention date. Not even admins can delete the data.
Unless attackers have physical access to your environment, your data fabric allows you to play chess while they are still playing checkers.