Published on TechTarget.com. Read the full article here.
“The attackers are smart, innovative and well-funded, making it difficult for IT shops to stay one step ahead,” said Krista Macomber, senior analyst at Evaluator Group. “A ransomware resiliency strategy spans many areas of IT and really needs to be unique to the business.”
Evaluator Group’s Macomber advised administrators to implement strong access control in the backup environment, including multifactor authentication, role-based access control and two-person concurrence for critical administrative actions.
“This is especially important as data extortion becomes more popular,” she said.
“Encryption of data at rest and in flight and immutability are also checkbox items. Several vendors have recently launched cloud-based vaults that are intended to offer an alternative to tape, offering some isolation or air gapping but with faster recovery times and less administrative hassle,” Macomber added. “These are definitely worth considering.”