IT providers of all shapes and sizes, ranging from object storage vendors though backup and recovery software vendors, are evolving their portfolios and market messaging to address ransomware. The imminence and impact of ransomware threats has catapulted cyber-security – and in particular cyber-recovery – to become arguably the hottest topic pertaining to IT.
C-Suite executives are pressuring IT organizations to validate and demonstrate cyber resiliency. This is a tall order, because of the nature of ransomware. Ransomware is not a typical disaster. It is infiltrating not only production environments, but also targets protection environments. Strains of ransomware are designed to penetrate and lay dormant before executing malicious activity, so that IT does not have visibility into when the attack occurred. This not only delays the recovery process, but it also creates the risk of re-infection if infected files are restored into production. Finally, getting back up and running as quickly as possible to mitigate the hit to business productivity is critical. Adding another hurdle, ransomware is blurring typical boundaries and responsibilities between IT operations and security teams, creating a new requirement for joint collaboration. In order to address these cyber resiliency requirements, automation, predictability and visibility are table stakes.
Last week’s VMware Explore conference reflected the prominence of ransomware resiliency, across the show floor and as well as in the conference’s keynote and breakout sessions. Notably, VMware itself introduced a new Ransomware Recovery solution that adds a number of capabilities to VMware Cloud Disaster Recovery, in order to create a “ransomware recovery-as-a-service” offering.
Key attributes of the VMware Ransomware Recovery solution include:
- The ability to identify and validate recovery point candidates, supported by:
- Malware scanning from VMware Carbon Black
- Analysis of behavioral patterns such as VMDK rate of change, to identify anomalous activity that could indicate an attack.
- An isolated cloud-based recovery environment coupled with network isolation to prevent re-infection of production workloads.
- Guided recovery workflows executed via the VMware Cloud DR user interface
VMware is Helping to Mitigate Business Repercussions from Ransomware Attacks
VMware Ransomware Recovery caters to VMware’s large base of virtualization admins with important checkmark capabilities for cyber-resiliency.
The new service helps to mitigate data loss by increasing visibility into the VMware environment while streamlining recovery from a ransomware attack.
The as-a-service delivery and recovery playbooks reduces the need for manual configuration and the chance of human error. It also allows for faster recovery especially in the event of turnover within and collaboration between data protection and security teams. The service is complemented by other VMware capabilities including the company’s Scale Out Cloud Filesystem, which allows for the storage of immutable snapshots, as well as the ability to instantly power on VMs for fast vulnerability assessment.
Author Information
Krista Case brings over 15 years of experience providing research and advisory services and creating thought leadership content. Her vantage point spans technology and vendor portfolio developments; customer buying behavior trends; and vendor ecosystems, go-to-market positioning, and business models. Her work has appeared in major publications including eWeek, TechTarget and The Register.
