Ransomware Webinar: Insider Threats, and Enhanced Data Protection

Insider threats may once have only applied to disgruntled employees, or perhaps accidental deletions or modifications due to carelessness or over-delegation of administrative privileges. It generally referred to an actual person, but in today’s technological world an insider threat can be much more. Watch the Ransomware Webinar below to find out more about the three types of insider threat.

Types of Insider Threat

Compromised

This is the act of using another person’s credentials to access information and resources, often without the knowledge of the user. These can access backup systems, create back doors, and are difficult to detect because the user is a known entity.

Negligent (or uninformed, unaware, accidental)

These are users who are not properly educated on security practices and fall prey to things such as phishing emails, are unaware of the impact of their actions, or simply have too many rights and accidentally delete or negatively impact data.

Malicious

Malicious employees are dangerous for many reasons. While employed, they have access to data, proprietary information, financials, etc., that could be used for personal gain or against the company. A common tactic is for ‘revenge’ when employees willfully destroy or modify data to hurt or hamper a company’s efforts in the market or its general operations. Contractors and vendors who work within a facility and have access to network resources can also provide information related to security practices or even actual data to outside sources.
Hackers and other insider threats know that, in order for their attack to be successful, the target or victim must not be able to restore data to circumvent their activities. They specifically go after remote and cloud backups first, then work their way back to local files and workloads. By cutting off the access to backup files, they force companies to pay ransoms or meet other demands.

How can Enhanced Data Protection help?

In an effort to help curb insider threats, Veeam™ released a feature called Insider Protection and made it available to Veeam Cloud & Service Providers. The inherent challenge for the customer is that it typically requires more frequent, full backups in order to reduce the risk of losing an entire backup chain. This becomes cost-prohibitive, as it requires more disk space in the cloud backup repository.

Global Data Vault recognized this challenge and, instead of charging customers more for additional disk space required to implement Insider Protection, applied additional development in our cloud infrastructure to create a “gap” and a hidden repository. The Enhanced Data Protection repository keeps the full chain of backup files intact so that we can guarantee quick and complete recovery without having to attempt to rebuild metadata or piece together any missing parts of the chain. This repository is not visible to, or accessible from, a customer’s network and is impervious to insider threats.

More Global Data Vault Webinars

Insider Threat Webinar

Insider Threat Webinar

Insider Threat Webinar: Why You May Be At Risk Insider Threats and Enhanced Data Protection – joint webinar with BitLyft What is an insider threat and how do they affect businesses? How do I defend and protect myself against insider threats and malware? Learn how to...

Cloud Backup Webinar: What Matters, What Happens

Cloud Backup Webinar: What Matters, What Happens

Cloud Backup Webinar: What Matters, What HappensCloud backups allow a company to send their data to another location in case it becomes compromised, quickly restore data and maintain business continuity. In this cloud backup webinar and discussion, we will answer many...

Cybersecurity Webinar – A Complete Solution

Cybersecurity Webinar – A Complete Solution

Cybersecurity Webinar – A Complete Solution Cybersecurity, offsite backups, and cloud-based disaster recovery are all common terms these days. It is challenging to find a solution that works well together yet still allows you to focus on your business rather than...