Protect and backup your data against Ransomware using cloud services

 Protect your data against ransomware using Cloud Services

A fast and efficient way to protect your on-premises data against ransomware using cloud services.

In this blog, we will demonstrate strategies for moving your on-premises data to the cloud to back it up and protect it against ransomware. First, note that all cloud services use encryption both at rest and during transport. We will demonstrate possibilities across most famous cloud providers with which we are partnering.

Among the AWS cloud services available, we have selected two that are very fast and simple 

1. Backup from onprem to AWS Cloud using AWS Datasync and S3 Glacier Flexible Retrieval. 

This option involves creating an AWS account with S3 Glacier Flexible Retrieval 20 TB/month and the AWS DataSync service. The AWS DataSync Agent will be deployed into your infrastructure, which requires a VM instance. A cron job will also be set up to manage the backups.

 2. Amazon FSx for Windows File Server

The solution consists of creating an AWS. In this account, Amazon FSx for Windows File Server will be created. We must emphasize that all services are by default set with encryption.  

Next, Amazon FSx for Windows File Server will be created in AWS. Amazon FSx provides multiple levels of security and compliance to ensure the protection of your data. It automatically encrypts data at rest (for both file systems and backups) using keys managed in AWS Key Management Service (AWS KMS). Data in transit is also automatically encrypted using SMB Kerberos session keys. The system has been assessed for compliance with ISO, PCI-DSS, and SOC certifications and is eligible for use with HIPAA.  

Amazon FSx provides access control at the file and folder level using Windows access control lists (ACLs). At the file system level, it uses Amazon Virtual Private Cloud (Amazon VPC) security groups. Additionally, it provides access control at the API level using AWS Identity and Access Management (IAM) access policies. Users accessing the file systems are authenticated via Microsoft Active Directory. Amazon FSx integrates with AWS CloudTrail to monitor and log your API calls, allowing you to track actions taken by users on your Amazon FSx resources.  

Moreover, it protects your data by creating highly durable backups of your file system automatically on a daily basis and allows you to create additional backups at any time.  

Amazon FSx for Windows File Server is a fully managed file storage service from AWS that provides scalable, high-performance shared storage for Windows using the SMB protocol. It is designed to support Windows-based workloads and applications that require shared file storage.  

Key Features of FSx for Windows File Server  

• Fully Managed Service – AWS takes care of backups, updates, and scaling.  

• Supports SMB & NTFS – Provides native compatibility with SMB (2.0, 3.0, 3.1.1) and NTFS permissions, just like an on-prem Windows file server.  

• Active Directory (AD) Integration – Works with AWS Managed Microsoft AD or your on-prem AD for authentication and access control.  

• Performance & Scalability – Supports throughput up to tens of GBps and millions of IOPS, ideal for high-performance applications.  

• Data Deduplication – Helps optimize storage costs by eliminating redundant data.  

• Backups & Snapshots – Automated backups for data protection.  

• Encryption & Security – Data is encrypted both at rest and in transit using AWS Key Management Service (KMS).  

3. Backup data from onprem to OCI cloud

Oracle Cloud Infrastructure Storage Gateway is used to migrate data from on-premises applications that can write data to an NFS target to Oracle Cloud Infrastructure Object Storage. You can use Oracle Cloud Infrastructure FastConnect for secure and efficient transfer.

Along with backing up data written to the NFS target, you can also back up other data (such as data from a database) to Object Storage directly. Setting up Storage Gateway is a simple operation with the following steps:

Install Storage Gateway on an Oracle Cloud Infrastructure Compute instance in Oracle Cloud Infrastructure or on-premises.

With easy backups, the Storage Gateway provides the following features:

• Automated object deletion: When you delete files on the Storage Gateway file system, the corresponding object in Object Storage is automatically deleted.
• Cache pinning: Pin files to the file system cache for quick access.
• Health check: Automated check of services and resources, local storage, file system cache, metadata storage, and log storage.
• Cloud sync: Integrated utility to store and retrieve files from Object Storage.

 4. Azure Backup to protect data against ransomware

Azure Backup helps protect your critical business systems and backup data against a ransomware attack by implementing preventive measures and providing tools that protect your organization from every step that attackers take to infiltrate your systems. It provides security to your backup environment, both when your data is in transit and at rest.

In addition to various security features offered by default, you can also leverage several enhanced features that can provide you with highest levels of security for your backed-up data. Learn more about security in Azure Backup. Also, learn about how backups can help you protect backups against ransomware better and how Azure helps you ensure rapid recovery.

 Conclusion

CCW is an IT consulting company with over 30 years of experience and more than 15 years of expertise in cloud computing. As an independent, cloud-agnostic expert, we specialize in designing, implementing, and consulting on cloud computing solutions tailored to your specific needs. We will propose, design, and implement a backup and disaster recovery solution that best fits your existing infrastructure, requirements, size, and budget. Contact us today!