Trilio Introduces Comprehensive Ransomware Protection and Recoverability for Cloud-Native Applications

Trilio Introduces Comprehensive Ransomware Protection and Recoverability for Cloud-Native Applications

September 17, 2021 Off By David

Trilio announced the release of TrilioVault for Kubernetes (TVK) v2.5, which offers a comprehensive approach to ransomware protection and recoverability in alignment with the National Institute of Standards and Technology (NIST) Cybersecurity Framework and in support of Zero-Trust architectures.

Enterprises and organizations alike understand the damage caused by ransomware and have come up with various strategies to mitigate risk and facilitate recovery. Keeping backup copies of data and “point-in-time captures” are the most effective means of thwarting ransomware attacks, since there’s no need to pay to recover data if there’s another copy of the data safe and sound. However, attackers can also target the backups.

Attackers frequently try to penetrate the backup system either through the administrative console or the storage media itself in order to modify and delete point-in-time data. As a result, organizations can lose data and not even know about it until later. This greatly inhibits an enterprise’s ability to restore business operations after their data is held ransom.

Trilio is leveraging the NIST Cybersecurity Framework to align its capabilities and approach, specifically the best practices detailed in the Data Integrity projects of the National Cybersecurity Center of Excellence (NCCoE) at NIST. The three main components of the framework include Identify and ProtectDetect and Mitigate, and Recover. All TVK ransomware protection features today and beyond will align to this framework.

Today, Trilio announced the following capabilities with TVK v2.5 to provide comprehensive ransomware protection:

  • Backup Immutability: Ability to create immutable backups to protect against any malicious attempts to modify or delete the backups. The immutability capability works with S3-based object-locking features so that backups cannot be deleted from the target during the retention period. When the retention period is up, the backups are automatically cleared by the S3 object-locking mechanism which is controlled by TVK. Trilio enables users to set policies at the application level to give flexibility and control which is beneficial in a multi-cloud deployment. This granular level of control is in contrast to other solutions which only allow target-level retention which creates administrative overhead.
  • Encryption: Ability to encrypt TVK backups with a Linux Unified Key Setup (LUKS) encryption format that uses an AES-256 cipher algorithm so encrypted backups cannot be read or stolen. The TVK implementation includes at-rest and in-flight encryption. TVK leverages Key Management Systems (KMS) so Kubernetes users are in control of the encryption and the associated keys for the applications which is advantageous in multi-cloud deployments. This approach is aligned with Zero-Trust architectures and is in contrast to other solutions that only allow target-level encryption which may pose security risks.

“Trilio is committed to the challenge of solving the exponentially growing problem of ransomware attacks – and intends to do so in the most complete manner possible through alignment to cybersecurity best practices,” said David Safaii, CEO of Trilio. “TrilioVault for Kubernetes offers features that enable protection and recovery from ransomware, giving our customers the peace of mind that comes from knowing that Trilio’s enterprise-class technology is running continuously to keep their environments safe and protected across potential attack vectors and levels.”

Additionally, Trilio also announced the following features in TVK v2.5:

  • Multi-Namespace Backup Support: Ability to capture multiple namespaces in a single backup instead of doing multiple backups of multiple namespaces. This reduces the amount of management overhead and helps customers who want to efficiently protect clusters. In contrast to other solutions, TVK enables users to manage multiple namespaces as a consolidated object and each namespace capture as an individual object providing simplified management.
  • Backup Target Support: TVK now offers the ability to natively store data in Azure Blob and GCP Object Storage giving Microsoft or Google customers full support of their ecosystem of infrastructure products.
  • Authentication Support: TVK now supports OIDC, LDAP and cloud authentication providers. Customers with existing Identity Access Management (IAM) tools typically like to continue using their existing authentication products to avoid complicated security reviews.

“As container production deployments grow, there’s a need for data protection that includes detection and defense against ransomware, as traditional data protection methods may not scale well in containerized environments,” said Lucas Mearian, research manager, IDC. “Trilio’s product is a solution designed to protect and recover against ransomware attacks based on its point-in-time backups and restores to combat data corruption issues or other malicious activity on production data. TrilioVault for Kubernetes v2.5 includes data encryption and immutable backups via an object-locking mechanism on storage media intended to prevent backups from being overwritten or deleted.”User Explains TVK Value

V3Main Technologies has been using TrilioVault for Kubernetes for backup, restore and migration operations across multiple Kubernetes distributions and multiple clouds, including AWS EKS, Google GKE and Azure AKS with plans to deploy Red Hat OpenShift as well.

“Overall, the concept is to take a backup from one cluster, restore it to the target, and then place it on a different cluster-no matter what platform, cloud or infrastructure you’re using,” said Venkat Maddikayala, president of V3Main Technologies. “That’s the thing that saves me a lot of effort because it takes a lot of time to configure a new cluster with on-demand workloads. There’s tremendous value in the efficiency of operations, time and cost savings for our team. We’re looking forward to taking advantage of the new capabilities to protect against Ransomware attacks as well.”