Established organizations can benefit by storing more data in an archive than on primary storage. As data ages it is naturally accessed less frequently and therefore migrating it to cheaper, slower access archive storage becomes common-sense. To protect primary data from ransomware is often difficult and expensive, involving third party software. Conversely, when employing QStar Archive Manager, archived data is securely protected without an additional third-party cost.
How Our Archive Manager Helps To Protect Your Data
Archive Manager protects data stored on tape or cloud through a number of simple configuration settings. One option uses write-once read-many (WORM) or retention management on the SMB share or NFS mount. Another provides a mount-on-date option for content written to a standard read / write share or mount, but using a sequential method to store data, such that older versions are not automatically overwritten.
Archive Manager presents the archive file system through either a Windows SMB share or Linux NFS mount. When using explorer and command line searches, the resulting file information is provided from the Archive Manager database of file metadata. As the archive filesystem is a view provided by QStar, it is possible to add features that a standard file system does not, such as retention management.
When using retention management, files are stored as Read-Only for a set period of time, after which the file reverts to standard read / write and can be deleted. During that period – any ransomware attack would be useless. Ransomware tries to rewrite all files in an encrypted format, requiring users to pay a ransom to decrypt the files. Any file in Read-Only status cannot be overwritten or deleted. The same applies for WORM, however, in this case there is no end to the Read-only status.
The Mount-on-date option allows a file system to be mounted to a previous point in time. For ransomware, this would be before the encryption of the data. This will only apply to tape or cloud using a sequential writing process which appends new content rather than overwriting. Archive Manager can mount to a previous time and show the files as they existed at that time, so ignoring the encrypted data, which can be identified and deleted.
Do You Want To Learn More?
For more information, please see the new QStar white paper on Ransomware Protection.