Thursday, May 25, 2017

How Large Enterprises Can Protect Their Data from Increasing Ransomware Attacks

Ransomware attacks are increasingly making headlines as hackers find ways to access platforms to infect data. Experts worry that new and emerging data platforms provide low-hanging fruit to ransomware attackers.

Nitin Donde, CEO at Talena notes, "By their very nature, Hadoop and NoSQL databases are complex distributed systems with many moving parts, which while making it easy to manage and scale them independently, has also opened them up to the possibility of security attacks at multiple points of vulnerability.

"Most large enterprises deploy several of these systems and as a result, large enterprises are at a significantly increased risk of ransomware attacks. We have seen a spate of recent ransomware attacks on MongoDB, CouchDB and Elastic. By some estimates, the number of systems affected is in the thousands, which is a huge drain on the both capital and time."

In order for enterprises to mitigate and nullify these modern security threats to their business critical data platforms, Nitin recommends companies take the following steps to safeguard their data:
  • Instill the same level of policy rigor that can be taken for granted in traditional record-of-truth platforms such as RDBMSs, email servers and data warehouses. Some of the security frameworks such as Kerberos are complex to implement and maintain for big data platforms, but they will deter and prevent attacks right when they happen.
  • Making timely backups of the data in an efficient and scalable manner is paramount. With the landscape of security threats constantly changing, data backups are an enterprise’s insurance against loss of time and capital as they let you travel back in time in the event of a disaster.
  • Intelligent machine learning: With increasing volume and variety of data, it’s not humanly possible to constantly scan modern platforms for security threats. Intelligent machine learning-driven approaches must supplant humans for detecting anomalous behavior in both the acquisition as well as storage phases of data lifecycle management.