Ransomware is generally considered a security problem, a security problem that has its resolution in maintaining regular backups. If you ask any expert about how to deal with ransomware, they will tell you emphatically that backing up your systems and data, along with user education, good patching practices, and running AV, are four of the most important actions you can take to protect yourself and your company from ransomware attacks. These recommendations, along with conducting tabletop exercises, should 100% be part of your plan. However, have you thought about what happens if there is a seam between your original data and your backups? What do you do if an individual user's laptop is infected during the process? What happens if the attack isn’t detected and results in missing or locked up data which becomes part of the backup dataset?
The solution for many companies is to layer multiple security products—on the endpoint, inside networks, around applications—thereby increasing the chances of catching and stopping an attack before it causes downtime, leads to stolen or missing data, affects data integrity issues, and more. Yet it doesn’t address the critical question: How do you harden backups, themselves, when there is potential for attackers to exploit a weakness in the process?
Acronis is well known for its highly-capable data backup and recovery offerings. Founded in 2006, the company has steadily grown its portfolio and become a leader in the space. Recently, though, the company has expanded outside its niche, recognizing through customer engagements the need for a more integrated solution, one that includes security control. As digitization has expanded the cyber attack surface, the need for more effective solutions has arisen. Acronis felt the market deserved a solution that could help verify the authenticity and integrity of data being fed into backup solutions, including their own.
As such, Acronis Cyber Protect is launching in general availability (GA) in Q1 2020. On a preview call with the team, Ed and I had the opportunity to learn more about what’s only a sneak peek and in beta at present. “We built Acronis Cyber Protect,” said Pavel Egorikhin, Director of Technical Product Marketing, “because the digital world needs protection. Networks and cyber criminals are getting more sophisticated and the security ramifications are huge. Companies may have dozens of tools deployed—AV, remote access management, patch management software—but with every tool, there is gap. Acronis was built on cyber protection, leveraging the synergy of backup, AI-based anti-malware, security, and management tools.”
Starting from the goal of reliable, hardened backup and recovery capabilities, Acronis worked backward to build an all-in-one tool that includes anti-malware/ransomware/cryptomining protection; discovery of devices and data, remote access management tools, and Blockchain notarization; system monitoring; vulnerability assessments; and patch management. The idea is to start with prevention and move through the lifecycle, from endpoint to backups. “Even if you have a machine that doesn’t have a vulnerability at the time of backup,” said Egorikhin, “after the restoration, you could find yourself with an infection. Having one end-to-end solution reduces the risk of that happening.”
Further, Acronis Cyber Protect centralizes malware and vulnerability scans, automatically backs up endpoints before patching to enable quick rollbacks (when/if necessary), and provides a data protection map through a single management console. Their Operation Centers monitor the security landscape and release alerts, allowing for auto-adjustment of policies. The tool deploys via an agent, meaning that organizations don’t have to install multiple agents, which reinforces the company’s theme of reducing companies’ digital footprints.
Acronis will offer the new product initially through the many managed service provider relationships they’ve forged over the years. It will then be offered directly to enterprise customers and SMBs. The main value proposition for SMBs will be the ability to leverage enterprise protection tools without the need for expensive security experts, exponential cost (because it’s a bundled offering), and management overhead. And let’s not forget that the product is not only a security offering; the company’s concept is that the technology is “built on top of industry-leading backup.” While it’s most common to think of security solutions fitting into the identify, protect, and detect stages of cyber security management, it’s crucial to not overlook the importance of securing backups, themselves.
One challenge Acronis will have to overcome is their earned reputation as a backup provider, but we at TAG Cyber think this is worth a look. Although we haven’t tested Acronis Cyber Protect, if you’re in the market for a data lifecycle management security tool, give Acronis a call and ask for early access. Then let us know what you think—we’re excited to see where this is heading.