5 Guidelines for Ransomware Prevention (part 1 of 2)

Growing up in the San Fernando Valley, CA meant summer vacations were driving to the Bay Area, with a final destination at Chico where we had family friends. The Auto Club was the first stop before the trip.  We picked up the AAA California State Map and Travel Guide, then highlighted our route up Interstate 5, with side trips along the way.

Even though we have GPS today, there is nothing like a paper map to keep us on track. One of our recent vacations started in Atlanta, down the I-75 corridor to Disney World in Orlando, with plenty of rest stops along the way highlighted in yellow. One of our memorable stops was at Lake City, Florida where the I-10 and I-75 intersect. A notable crossroad where the I-10 starts in California and ends in Florida lies just sixty miles to the East.

Paying the Ransom

Also known as “The Gateway to Florida,” Lake City became very notable this summer by paying 42-bitcoins to a ransomware hacker. A pricy $500,000 price tag that small, local governments cannot afford.

Unfortunately, with small IT budgets and lack of a ransomware “sliver bullet,” we will continue to see attacks like this in the future in other cities around the world.

A Roadmap for Ransomware Prevention

Last year, I attended the NCTA Cyber Prevention Tech Talk presented by the FBI, Bank of America, MetLife and Peak 10 Hosting. The team of experts provided five basic guidelines to reduce cyber-attacks. Their conclusion was the majority of IT Systems lack basic protection, or that it might be difficult to implement such guidelines.

While this may be true in some situations, Zadara’s built-in protective measures makes it easy to implement the recommended guidelines to protect against ransomware attacks. In addition to the five basic steps, we have two more strategies to provide early detection if systems are compromised.

Data Protection Guidelines

The Zadara Enterprise Storage Cloud has two key concepts which are used to isolate and compartmentalize data to protect it from internal and external compromise.  The multi-tenant nature isolates resources to specific clients and deployment of software defined storage – in Virtual Private Storage Arrays (VPSA) – providing the first layer of protection known as an Air Gap.

Zadara’s patent assigns physical drives, vCPUs and networking to prevent cross-pollination of data and commingling of assets.  This strategy effectively provides the Air Gap.

Air Gap Protection

With storage, an Air Gap implies isolation of critical components, such as accounting, from day-to-day operations and user shares, as well as test and dev.  If one system becomes infected, the other has an Air Gap to prevent further contamination.

Zadara provides Air Gaps in many ways:

  • Network Isolation
  • Virtual Private Storage Arrays
  • Server Records
  • Out-of-band Management Network

Zadara’s multi-tenant architecture enforces Air Gaps between tenants. This way, isolation occurs naturally within a private VLANs.  Further isolation is employed by using SR-IOV technology to isolate core infrastructure from VPSAs.

Even within a VPSA, share isolation is simply implemented with server records.  Server records specify which

hosts have access to what share.  This can be configured as a one-to-one or many-to-one relationship using subnet or CIDR notation.

Since the Enterprise Data Cloud is managed 24×7, there is an out-of-band management layer isolated from VPSAs. The management layer provides our Operation Team a method to monitor and rapidly respond to issues that may arise.

Part Two

Read part two of our Ransomware guidelines

Please follow and like us:

This Post Has One Comment

Leave a Reply

Close Menu