IBM FlashSystems – Steps to Cyber Incident Recovery (Vault)
With traditional cyber security environments, after an initial compromise is detected, it can take up to two weeks until a complete platform recovery is achieved. However, IBM’s FlashSystems shrink that time down to a matter of hours and their early detection and faster response approach gets you back up and running quicker than you ever imagined. This air-gapped protection approach follows the following steps:
Make copies of your data
With this new technology, businesses can prevent data tampering or deletion for any reason by enabling the creation of immutable point-in-time copies of data for a production volume. These can quickly be restored with immutable copy of data on 500 systems from multiple vendors – to aid quick recovery and response. Immutable copies create a logical air gap – meaning you have an archive of untouchable data at your fingertips, to be rolled back out when a ransomware attack strikes.
Test the copies
It is at this stage where IBM FlashSystems ensure you haven’t taken a copy of corrupted data, and blueprint for testing and recovery is built. These Safeguarded copies are invisible to hackers, hidden and protected from being modified or deleted by user error, malicious destruction, or ransomware attacks. The data, within these copies, can only be used after a Safeguarded copy is recovered to a separate recovery volume.
Behind the scenes, copies of your data are regularly taken, as well as testing the mechanisms for restoring from historic backup. You dictate the frequency of these automated tests to fortify your business’s storage infrastructure. This ensures that when the time comes, data protection precision has been achieved, when you weren’t even thinking about it.