Five ways modern backup combats ransomware: Key insights from the Gartner® report

Ransomware is a prolific and global threat — posing significant risks to organizations of all sizes with high-profile cyberattacks increasing year over year. Moreover, these infections are growing in sophistication and complexity, which has compelled data protection vendors, service providers and the businesses they protect to examine cyberdefense measures and product features with more careful attention.

No single solution can guarantee 100% protection from ransomware. But the need for enhanced products continues to grow, according to infrastructure and operations (I&O) leaders who are responsible for preventing, protecting and recovering data center infrastructures from ransomware attacks.

With this in mind, today’s industry leaders must explore new product features to enhance the fight against ransomware threats. Independent industry research analyst firm, Gartner issued a report in 2022 called, “Detect, Protect, Recover: How Modern Backup Applications Can Protect You From Ransomware.” In this report, Gartner says, “Infrastructure and operations leaders responsible for data protection must carefully evaluate new ransomware-related features when choosing backup platforms. Here, we highlight features that aid in detecting ransomware attacks, protecting the backup repository and accelerating recovery.”

Because ransomware criminals are laser focused on exfiltrating critical data, the security of backups is imperative to achieving rapid recovery. At Acronis, we’ve highlighted five key takeaways from Gartner report:

Malware scanning is useful retroactively when new signatures for previously undetectable malware become available. Retroactive scans go back through existing backup data to determine when systems were penetrated, and provide an indicator of the most recent clean backup.

Features such as immutability of backup storage, secure login to the backup system and the removal of singular authority for critical system configuration changes configuration are crucial in protecting the backup system against attack.

Protecting the backup system by ensuring that modern backup features are used. This may include multifactor authentication (MFA), elimination of simple network sharing protocols such as Common Internet File System (CIFS) and separation of administrative roles.

Organizations have used the 3-2-1 backup rule to protect backups for many years, but many organizations are extending this to 3-2-1-1, where the additional copy is immutable.

When dealing with large quantities of data for multiple applications, it’s necessary to restore the data in the correct order to meet recovery time objectives (RTOs).

Gartner, Detect, Protect, Recover: How Modern Backup Applications Can Protect You From Ransomware, Nik Simpson, Ron Blair, 14 December 2022.

GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and is used herein with permission. All rights reserved.

Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research — including any warranties of merchantability or fitness for a particular purpose.

To unlock more ransomware mitigation key findings, read the full Gartner report: “Detect, Protect, Recover: How Modern Backup Applications Can Protect You From Ransomware.”