Leverage the Cloud to Minimize the Impact of Ransomware

The Many Vectors of Data Loss Malware Ransomware and other targeted attacks that can result in permanent data loss Departing Employees Potential for IP theft and deletion as employees depart Malicious Insiders Examples include disgruntled employee or mal-intentioned contractor Accidental Deletion Accidental overwriting of information or inadvertent deletion of project folders

Ransomware Attacks are Pervasive Ransomware Variants Grew by 30x in 2016 A company gets hit every 40 seconds 50% of organizations attacked by ransomware are hit more than once Phishing email attachments are the #1 delivery vehicle Source: Proofpoint (https://www.proofpoint.com/sites/default/files/proofpoint_q4_threat_report-final-cm.pdf) Barkly: https://blog.barkly.com/new-ransomware-trends-2017 Druva Annual Ransomware Report: https://go.druva.com/2017-Survey-Ransomware-Report.html

Ransomware: Multiple Attack Vectors & Data Impacted Entry Point Impacted Data Sources Source: Osterman Research: https://www.malwarebytes.com/pdf/white-papers/UnderstandingTheDepthOfRansomwareIntheUS.pdf?aliId=27024699 Druva Annual Ransomware Report: https://go.druva.com/2017-Survey-Ransomware-Report.html

Myth: Paying Ransom Guarantees Your Data Back Only 42% of companies report being able to fully recover data after an attack Kansas Heart Hospital was hit with a ransomware attack on 18th of May 2016 “It paid the ransom, but then attackers tried to extort a second payment.” Source: Network World http://www.networkworld.com/article/3073495/security/kansas-heart-hospital-hit-with-ransomware-paid-but-attackers-demanded-2nd-ransom.html Source: Barkly https://blog.barkly.com/ransomware-statistics-2016

The New Reality: It’s About Disruption, Not Just Money “Through 2020, more than 50% of ransomware will specifically target businesses and focus on the disruption of business, rather than the encryption of data.” Report: Simple Lessons You Must Learn from WannaCry, June 29 2017

A Three Pronged Approach to Greater Success / Recovery Internal Awareness: Education, education, education… Regular testing Prevention: Anti-malware and anti-virus software Email filtering, firewall, web-blocking Recoverability: Backup religiously Ensure data storage isolation Use Anomaly detection

Case Study: Ransomware Recovery On-Premises Scenario: Global manufacturing company suffers ransomware attack infecting 60% of endpoint devices and critical infrastructure including Active Directory, email and backup servers across 30+ locations Challenges: Latency means malware may be in the system – but IT not aware until it has spread Malware was able to traverse network, spreading to servers and other critical infrastructure Recovery unable to begin until infrastructure secured and operating normally Recovery: Site-by-site rebuild of server infrastructure When recoverable, each backup server requires 2-3 hours to rebuild per location End-user data inaccessible until backup solution recovery completed Endpoints must be re-installed before data restoration can begin

Leverage the Cloud for Stronger Ransomware Protection For IT: Offsite storage location creates additional layer of protection Separation of data and metadata makes it more difficult to corrupt Data reduction due to global deduplication means less data traverses the network and provides higher RPO for end-users Automatic data monitoring provides early detection and notification of any event affecting large amounts of data For End Users: Data is accessible 24/7– even when a device is infected Self restore offers fast recovery and eases burden on IT

Case Study: Ransomware Recovery in the Cloud Scenario: Global manufacturing company experiences ransomware attack affecting 10,000 devices, about 30% of their workforce Recovery: End-users access data as needed while infected devices are re-imaged Data is restored from the cloud on-demand by IT and end users

End-user Data Protection and Governance

Simplify: Data Protection Endpoint Backup, Recovery and Archival Cloud Application Data Protection Data Loss Prevention for Endpoints Ensure data is safe from loss or breach View and manage all end-user data through a single pane of glass Minimize downtime during device refreshes or malware recovery

Streamline: Data Governance Collect custodian data distributed across many locations and preserve as long as necessary Comply with regional, industry and corporate data privacy regulations Investigative search across all users, devices, and storage locations eDiscovery Enablement and Legal Hold Enterprise Search Defensible Deletion

Transform: Data Intelligence Identify and remediate risks to sensitive data throughout the organization Gain visibility into data movement and footprint Minimize the business impact of malware or insider threat Proactive Compliance Unusual Data Activity Data Insights

4,000+ 25PB+ Enterprise Customers Data Under Management “ We now efficiently manage the full lifecycle of data across time, device and geography. Druva makes this possible. “ Top 5 Gartner #1 Amazon Storage Partner In Cloud Data Protection Shah Nawaz Director of IT, Shire * Druva delivers a cloud platform that enables organizations to not only protect their fragmented data for recoverability, but also to gain better understanding of their information to address the bigger challenges facing business today – be that compliance, data loss, data theft, privacy or legal requests. * Today Druva has over 4,000 customers utilizing our solution to address their data challenges, many of these companies are large, well known enterprises often dealing with data into the 100s of Terabytes. * We've also been acknowledged by Gartner three years in a row as the leading vendor in cloud data protection.