Restoring from backups is often the last resort when data is compromised by ransomware, but savvy criminals are also targeting those backups.
Arcserve enhanced its Sophos partnership to provide cybersecurity aimed at safeguarding backups, preventing cybercriminals from taking out organizations’ last line of ransomware defense. The Secured by Sophos line of Arcserve products, originally consisting of on-premises appliances that integrated Arcserve backup and Sophos security, extended its coverage to SaaS and cloud with two new entries: Arcserve Cloud Backup for Office 365 and Arcserve Unified Data Protection (UDP) Cloud Hybrid.
Arcserve UDP Cloud Hybrid Secured by Sophos is an extension to existing Arcserve software and appliances. It replicates data to the cloud, and the integrated Sophos Intercept X Advanced software scans the copies for malware and other security threats. The Sophos software recognizes the difference between encryption performed by normal backup processes and unauthorized encryption from bad actors.
Arcserve Cloud Backup for Office 365 Secured by Sophos is a stand-alone product for protecting and securing Office 365 data. It also uses Sophos Intercept X Advanced endpoint security, and it can do backup and restore for Microsoft Exchange emails, OneDrive and SharePoint.
Both new products are sold on an annual subscription model, with pricing based on storage and compute.
IDC research director Phil Goodwin described what has been an escalating battle between organizations and cybercriminals. Data protection vendors keep improving their products, and organizations keep learning more about backups. This trend allows companies to quickly and reliably restore their data from backups and avoid paying ransoms. Criminals, in turn, learn to target backups.
“Bad guys are increasingly attacking backup sets,” Goodwin said.
Arcserve’s Secured by Sophos products combines security and backup, specifically protecting backup data from cyberthreats. Organizations can realign their security to encompass backup data, but Arcserve’s products provide security out of the box. Goodwin said Acronis is the only other vendor he could think of that has security integrated into backup, while others such as IBM have data protection and security as separate SKUs.
From a development standpoint, security and data protection call on different skill sets, but both are necessary for combating ransomware. Goodwin said combining the two makes for stronger defense system.
Oussama El-Hilali, CTO at Arcserve, said adding Office 365 to the Secured by Sophos line was important because more businesses are adopting the platform than in the past. There was already an upward trend of businesses putting mission-critical data on SharePoint and OneDrive, but the boost in remote work deployments caused by the COVID-19 pandemic accelerated that.
El-Hilali said the pandemic has increased the need for protecting data in clouds and SaaS applications more for SMBs than enterprises, because larger organizations may have large, on-premises storage arrays they can use. The Office 365 product is sold stand-alone because many smaller businesses only need an Office 365 data protection component, and nothing for on premises.
“The [coronavirus] impact is more visible in the SMB market. A small business is probably using a lot of SaaS, and probably doesn’t have a lot of data on-prem,” El-Hilali said.
Unfortunately, its Office 365’s native data retention, backup and security features are insufficient in a world where many users are accessing their data from endpoint and mobile devices. Goodwin said there is a strong market need, and third parties such as Arcserve are taking that chance.
“There’s a big opportunity there with Office 365 — it’s one of the greatest areas of vulnerability from the perspective of SaaS apps,” Goodwin said.
Go to Original Article