Deep Multi-Factor Authentication provides mission-critical layers of protection to secure policy settings and controls to prevent backup data deletions or malicious encryption caused by the use of malware (including ransomware) by criminal organizations or human error.
“At an alarming rate, transnational organized crime groups are leveraging specialist providers of cybercrime tools and services to conduct a wide range of crimes, including ransomware campaigns,” says the US Secret Service Cyber Investigations Advisory Board (CIAB). "Criminals are increasingly sharing resources and information and reinvesting their illicit profits into the development of new, even more destructive capabilities."
With advanced ransomware a primary threat to backup data and the viability of business operations, protection against destructive cyberattacks has become an increasing priority for organizations and managed service providers retraining their focus on reducing the damage caused by such events. In the most recent ransomware attacks on backup data, ransomware first entered the network and was then backed up, where it remained silent and undetected before detonating. Then, when a recovery was required from the infected backup set, the system restored that long-hidden, dormant ransomware, triggering a costly Attack-Loop™ that took down the IT department. In other cases, ransomware has deleted the entire backup repository.
Since backup data is the last line of defense when responding to these attacks, administrators have nothing to rely on when ransomware removes the ability of an organization to recover.
More about Asigra Cloud Backup® with Deep MFA:
- Deep MFA (Multi-Factor Authentication) - This form of app-centric MFA-enabled passwordless sign-in is available throughout the software stack to protect sensitive data at multiple levels in the system. Once logged in via MFA, administrators will be able to configure access to control which users can sign into the Asigra Management Console and other mission critical areas of the application without using a password.
- Deep MFA Immutable Retention - Immutable retention prevents malware or any unauthorized source from deleting, modifying, or encrypting backup data from object storage during the immutable retention period. The software provides greater control over permissions to delete data from a backup set, protecting the DS-System (primary backup repository). It also disables the empty trash setting unless authorized and controls the number of days deleted data remains in the trash folder before it is permanently deleted.
- Deep MFA Secure Setup Wizard – The Secure Setup Wizard provides management console users with a guided tour through the initial setup process, including configuration of security settings, DS-System and DS-Client connections, users and permissions, and email/alert settings.
- Deep MFA Credentials Management – Asigra Management Console users can now configure and manage their credentials from one location. Once the credentials are saved, users simply select them when creating a backup set rather than manually entering them each time.
"Backup and security professionals continue to be impacted by the unfortunate loss of backup data due to sophisticated hackers using phishing and other tactics to retrieve backup logins," said Fran Howarth, Senior Analyst - Security, Bloor Research. "The layered security enforced by Deep MFA delivers increasingly difficult barriers to unauthorized hackers, systems or personnel. If there is an initial breach, Deep MFA's multi-faceted redundancy makes continued unauthorized access extremely difficult, reducing the chance of a successful attack."
Asigra's Secure Cloud Backup platform converges data protection and cybersecurity for effective malware detection and protection that ensures safe, secure and reliable data recovery. Optimized for MSPs and enterprises, the powerful platform includes the industry’s first zero-day Attack-Loop™ preventative technology using bi-directional malware detection, zero-day exploit protection, variable repository naming, and now Deep MFA for a full defensive suite against advanced ransomware and other cyber-attacks targeting backup data. This is complemented by FIPS 140-2 certification and military-grade data encryption to ensure enterprise-class data security.
"Cybersecurity has become the new battleground in data protection as hackers develop criminally innovative techniques that put legitimate business operations at risk, resulting in either forced ransomware payments or lost data," said Eran Farajun, EVP, Asigra. "Asigra has set the bar for backup data security with Deep MFA. Because it only takes one successful phishing attack to wrestle the login from an unsuspecting administrator, app-centric authentication adds a series of gates to stop attacks and alert the organization before damage occurs."