Advanced Cyber-Resilient Data Protection: Comprehensive Features and Capabilities
1. Preemptive Defense:
Stop Ransomware and Malware Before They Strike
Cybercriminals are increasingly embedding trojan horse malware into systems months before launching a ransomware attack, aiming to compromise your backups and prevent their use as a defense.
Our solution addresses this threat with its advanced bidirectional malware scanning. It performs two crucial scans:
During Backup
All files are scanned in real-time. If any malware is detected, the affected files are immediately quarantined to prevent contamination of the backup repository.
During Restore
In the event of a ransomware attack where the production environment is encrypted, it’s essential to restore a clean version of the data. Tigris conducts a second, in-depth scan during the restore process. This step identifies and quarantines any previously dormant ransomware, ensuring that malicious software doesn’t have the chance to re-infect your production environment.
2. Content Disarm & Reconstruction:
Content Disarm and Reconstruction (CDR) is a cutting-edge feature that disassembles documents, removes any potentially malicious code, and then reconstructs the file, ensuring it remains functional without the embedded threat.
While CDR is a relatively new addition to security practices, it is typically deployed at the gateway to intercept incoming files. However, all it takes is one malicious file slipping through your “secure” front door to initiate an attack.
By integrating CDR into both the backup and restore processes, we provide an additional layer of protection for your data. You can:
Scan Backups
Identify potentially malicious or unauthorized content based on predefined security policies during the backup process.
Active Content Reporting
Flag active content during backups for review, allowing you to take preemptive action.
Restore Safely
Filter, block, or remove malicious content during the restore process based on your customized policy settings, ensuring that only safe, clean files are recovered.
By incorporating CDR into your backup strategy, we ensure that your backed-up and restored data is free from hidden threats, enhancing your organization’s resilience against sophisticated attacks.
3. Protection from Stolen Credentials:
If attackers are able to gain access to administrator credentials by phishing, then they can do direct damage to your backup settings and files.
Multifactor Authentication (MFA) provides an extra layer of access security that requires users to authenticate when they log in or attempt to perform a potentially destructive action that can lead to a loss of data, like the deletion of backup repositories. It also enables password-less access to the Management Console and supervisor authorization for specific activities.
Multiperson Approval (MPA) complements MFA by requiring additional individuals to agree to an action by another user that can result in the loss of data. Tasks that require MPA are configurable at the account level and a threshold can be set to determine how many additional approvals are required before the task may be completed.
4. Soft Delete:
In the unlikely event that an attacker can gain access to the Asigra Management Console, you can interfere with their ability to permanently delete backup data.
With Soft Delete, the admin console will report that a backup job deletion attempt has succeeded, but a copy of the deleted backup job remains available for recovery by backup admins.
True deletions require a two-step process that is hidden from attackers unfamiliar with your backup console.
5. Protection Against Double & Triple Ransom Threats:
An increasingly used tactic is for attackers to not only encrypt data but download a copy for themselves to use as a secondary ransom threat. If the ransom isn’t paid, they threaten to release the unencrypted data on the dark web.
While attackers may target your primary data storage repositories, your backup data is also a target and, without sufficient protection, may be easier to steal from than your primary storage.
Virtual Vault prevents backup data from being used for this purpose by using strong AES-256-bit encryption in-flight and at-rest.
While attackers may target your primary data storage repositories, your backup data is also a target and without sufficient protection may be easier to steal from then your primary storage.
Virtual Vault prevents backup data from being used for this purpose by using strong AES-256-bit encryption in-flight and at-rest.