Druva introduced a curated recovery technology, leveraging intelligent automation, for accelerated ransomware recovery. Adding to Druva’s Accelerated Ransomware Recovery module, Druva Curated Recovery mitigates the impact of a ransomware attack, building an uncorrupted, unencrypted and malware-free recovery point to ensure a successful recovery before one is ever initiated. Combining this comprehensive ransomware recovery module with Druva’s built-in security framework, businesses can now protect critical data and recover faster with confidence.
Ransomware is one of the most popular methods used by hackers and malicious actors, and the average ransomware payment has surpassed $240,000 according to a new survey from IDC. Its lucrative nature has incentivized bad actors to expand the scope of their attacks, including the introduction of new variants designed specifically to encrypt or delete backup data, destroying organizations’ last line of defense and further incentivizing payment.
Traditional recovery from such an attack requires identifying a single point in time prior to the infection. However, because ransomware often enters a system months before it is detected, administrators are often forced to manually search for the most recent, unaffected versions of individual files or data sets.
Now, by reviewing a comprehensive set of recovery points, Druva Curated Recovery can help identify the latest clean version of each file through recent changes, replacing a weeks-long, resource-intensive process with a simplified recovery workflow. Using Druva’s intelligent automation platform, IT teams can easily find the most recent clean version of all their data and return operations to normal faster.
“Being the victim of a ransomware attack doesn’t need to be a choice between paying an exorbitant ransom or halting operations while IT teams go through an intensive, manual recovery process,” said Jaspreet Singh, founder and CEO, Druva. “There’s no compelling reason to be held hostage by ineffective data protection technology. With our newest capabilities, every customer can gain the peace of mind of restoring their data with confidence.”
In addition to Druva’s Accelerated Ransomware Recovery, the Druva Cloud Platform offers a built-in security framework and multi-layer approach which is designed to be resilient against ransomware. The platform’s zero trust architecture ensures only customers have access to their data, while features such as excess deletion prevention stops ransomware from permanently deleting backups.
“The threat of ransomware is not something we, or our customers can afford to ignore, thus we continue to evaluate technologies to ensure we have the best solutions to offer our clients,” said Juan Gomez, Director of Data Management and Protection at Technologent. “Data protection and Security are converging, and in our evaluations, Druva’s architecture clearly sets it apart, and its ransomware recovery capabilities are outstanding. The Druva Curated Recovery is innovative, and we are eager to help our clients take advantage of this new capability.”
“Many years ago, we fell victim to a ransomware attack, which disrupted our operations, but more importantly served as a pivotal moment in the rethinking of our security and operations,” said Hugo Flores, Director, Information Technology & Special Projects, CDL Electric. “In that first instance, without any insights, we restored the data and also brought back the ransomware, forcing us to restart the whole process. At our current size, such an event would have a catastrophic impact on our organization. With technologies like Druva, with its ability to rapidly recover, we are confident we can minimize such disruptions and get back to business quickly.”
“Ransomware can sit in systems undetected for weeks or months at a time, making it incredibly difficult to recover with clean, uninfected files,” said Adam Kailian, IT Systems Administrator, Build Group. “Druva Curated Recovery gives us the peace of mind that we have clean backups readily available if we ever need to restore from a ransomware attack. Combined with the fact that Druva can also help us quickly identify anomalies in our backups, brings a lot of value to our organization.”
About Accelerated Ransomware Recovery
Druva’s Accelerated Ransomware Recovery brings Druva Cloud Platform customers powerful capabilities to reduce data loss via intelligent automation and orchestration, as well as integrations with security information and event management (SIEM) and security orchestration, automation and response (SOAR) tools:
- Access insights: Understand location and identity for all access attempts to gain situational awareness
- Anomaly detection: Gain data-level insights on file changes, creation, recovery, and deletion. Users can create alerts for anomalous activity and use anomaly information to identify the timeframe of an attack
- Quarantine: Quickly quarantine infected systems and snapshots
- Recovery scans: Scan snapshots for known malware and customer-provided indicators of compromise before restoring to avoid reinfection
- Curated snapshots: Automatically recover the most recent clean version of every file within a specified time frame, dramatically reducing recovery time