Bangalore: Nutanix announced additional ransomware protections in the company’s cloud platform that includes new threat monitoring and detection, as well as more granular data replication and robust access controls all natively built into the Nutanix stack.
These new capabilities build on Nutanix’s data services for network security, files and objects storage, virtualization, and business continuity to help enterprises prevent, detect and recover against ransomware attacks across multiple cloud environments.
These capabilities make it easier to implement security and business continuity best practices at the infrastructure level, rather than rely on a complex matrix of bolt-on security products.
Ransomware has evolved beyond the commodity; widespread attacks intended to infect a single endpoint to include more advanced techniques, such as fileless malware and data exfiltration […]. These new strains of ransomware make prevention and planning more important than ever to prevent ransomware attacks.”
Organizations, especially those with large remote user populations or hybrid work environments, can no longer rely on a single action or tool to protect themselves. They need to ensure their IT infrastructure allows them to best respond to these incidents.
Balakrishnan Anantharaman, VP and MD-Sales, India and SAARC, Nutanix said, “53 percent of the respondents in our third annual Enterprise Cloud Index report for India stated they are migrating to cloud-enabled infrastructure to improve their security postures and be better prepared. Security is core to Nutanix’s design and with these new updates to the Nutanix cloud platform, Nutanix can drastically simplify the process of protecting infrastructure and implementing a recovery solution which will, in turn, lower operational cost and the time needed to resume business operations without having to pay a costly ransom.”
Detect and Recover From Network and Data Threats
The Nutanix cloud platform now delivers anomaly detection based on machine learning and IP reputation services with the company’s security networking operations and monitoring solution, Flow Security Central, a feature with Nutanix Flow.
Flow Security Central helps identify known attack vectors, including potential ransomware, at the network level before reaching the application and data layers. Specifically, Flow Security Central now monitors networks for anomalies, malicious behavior, as well as common network attacks that propagate by searching for additional vulnerable targets. Flow Security Central also monitors endpoints to identify traffic coming from disreputable locations, something especially helpful for defending Virtual Desktop Infrastructure (VDI) deployments that are prime targets for initial ransomware infection and spread.
Protect Data and Applications
To further protect application data from ransomware attacks, the Nutanix cloud platform now includes new features within the object storage solution, Nutanix Objects. Objects includes more granular permissions to access object data for primary and secondary storage. Specifically, Nutanix Objects now offers the ability to configure Write Once Read Many (WORM) policies for individual files and objects selected by an IT team to help guard against unauthorized deletion or encryption of data, thwarting many common ransomware attacks. These WORM protections can be automated by simply classifying data under a “legal hold” to prevent tampering or malicious destruction. Additionally, Objects’ locking features were reviewed and attested to by Cohasset Associates as meeting the non-rewritable, and non-erasable storage requirements for electronic records as specified under the relevant SEC, FINRA, and CFTC regulations .
Objects now also provides data access permissions at a granular bucket level so IT administrators can better secure multi-tenant environments. Lastly, the Nutanix platform now delivers support for Microsoft Windows Credential Guard for virtual machines and virtual desktops running on the AHV hypervisor. Credential Guard adds operating system (OS) protection from malware using credential theft attacks on Microsoft OS environments, a common vector used by ransomware to gain administrative privileges.
Ensure Business Continuity
While detection and prevention are both key aspects of an effective strategy to protect against malware and ransomware, all companies should have a plan to ensure business continuity in the event of an attack.