Skip to content

Access Streamlined: User and Group Provisioning for NordPass Enterprise

User and Group Provisioning is available for organizations with NordPass Enterprise plan. This feature sets out to make user onboarding, offboarding, and group management in NordPass effortless. Keep reading to discover what user and group provisioning is, why it matters, and how it can benefit your business.

Contents:

What is User and Group Provisioning?

In today’s digital world, any organization wishing to stay secure and compliant with regulatory standards is required to regulate user access privileges to organizational resources in one way or another. 

To ensure that such regulations are effective and efficient, many companies rely on what’s called user or group provisioning. In a broad sense, user and group provisioning, along with deprovisioning, refers to the creation, maintenance, and management of user and group rights and privileges when accessing resources in the organization’s internal and third-party systems. The tools and processes behind this are designed to ensure that user accounts are created, granted appropriate privileges, managed, and monitored throughout the user’s tenure in the organization. This comprehensive approach also extends to the creation of groups tailored to grant specific permissions for company accounts.

Why does User and Group Provisioning matter?

There are more than a few benefits when it comes to user and group provisioning. First and foremost, user and group provisioning enhances the effectiveness and efficiency of user and group administration and management since it drastically reduces the amount of time required to create a user.

Additionally, provisioning systems such as Microsoft Entra ID (formerly Azure AD) have a centralized user database with information about active and inactive users within the organization. This, in turn, allows for internal as well as third-party audits to be carried out in a much more efficient manner.

Discover how simple and effective corporate password security can be with NordPass Enterprise.

Learn more

Finally, and most importantly, user and group provisioning enhances the overall user experience. With the help of provisioning tools such as Microsoft Entra ID, new users can be onboarded and offboarded quickly and easily. This not only saves a lot of time but also helps new users adapt to new digital environments faster.

User and Group Provisioning in NordPass Enterprise

The NordPass Enterprise plan allows for unlimited access provisioning for employees or their groups using Microsoft Entra ID. Getting started is simple: All you have to do is set up user provisioning and then group provisioning in the NordPass Admin Panel and the company’s Entra ID account.

Moreover, after the setup, Entra ID becomes the single source of truth for user and group management: The change applied in Microsoft’s platform is automatically extended to NordPass.

About Version 2 Digital

Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About NordLayer
NordLayer is an adaptive network access security solution for modern businesses – from the world’s most trusted cybersecurity brand, Nord Security.

The web has become a chaotic space where safety and trust have been compromised by cybercrime and data protection issues. Therefore, our team has a global mission to shape a more trusted and peaceful online future for people everywhere.

How XDR and MDR help secure your tomorrow against ransomware

Locating XDR and MDR in a prevention-first approach to security.

“How could this happen?”

This is what both executives and Security Operations Center (SOC) teams of enterprises might keep asking themselves after a successful ransomware attack.

The story is often the same – a random phishing email finds its way into the inbox of an employee, who then proceeds to provide personally identifiable information, including work account details, to a seemingly legitimate-looking entity.

Social engineering and email scams remain some of the top threats facing businesses worldwide, with ESET Research finding phishing and fraud trojans at the top of email threat detections.

Recently, Insomniac Games, a subsidiary of PlayStation Studios, was compromised by the Rhysida ransomware, ending up with terabytes of leaked data, as the studio refused to pay the ransom asked of them (which, despite the result, is a legitimate strategy, since threat actors are not the most trustworthy of entities).

Is there an approach to security that could have prevented an attack like this? Let’s explore a prevention-first approach employing Extended Detection and Response (XDR) or Managed Detection and Response (MDR).

Persistent threats persistently threaten established businesses

Just as fairy tales tell of big villains that kidnap princesses and valiant heroes running to save them, the same is true for ransomware and cyberattacks in general.

However, instead of dragons trying to burn down castles, we’re discussing dangerous forms of malware deployed to penetrate and occupy them. Valiant heroes, in the form of security specialists, then try to hold what was supposed to be a rather secure castle with all the defensive bells and whistles available … apart from that big gaping hole right under the north-facing castle walls, obscured by a green bush.
Perhaps the metaphor went a bit too far, but the idea is clear – there will always be certain vulnerabilities, unprotected threat surfaces/vectors, or gaps in defenses that might not be as obvious at first sight as we would assume.

Threat actors will always try to gain entry to a business’s internal systems because that’s where to find the most important access rights/files/data that are dear to the managers and CEOs. That value can be enumerated in millions and in some cases even billions of (dollars, Euros/other). And crooks know that, so they will keep trying their best to pull the chair from under the people tasked with securing businesses.

Consider the SolarWinds and the MOVEit supply chain attacks, for example. The former happened in 2020 because of understated and poorly communicated vulnerabilities, while the latter, in 2023, was caused by hackers exploiting a flaw within the file transfer software, gaining access to sensitive customer data.

The result of the MOVEit hack? According to Emsisoft’s estimate, USD 15 billion in damages. This after having impacted around 2,726 organizations. They say you can’t put a price on many things, like health and safety … however, this is not the case for cybersecurity.

Regarding both attacks, it didn’t matter whether a particular business was targeted, since due to the nature of a supply-chain attack, any partner/client can sustain collateral damage, often having their information accessed and leaked as a result. Therefore, it can be said that as far as a supply-chain attack is concerned, no one in it is safe … unless they take some specific precautions, such as by investing in XDR or an MDR service.

Vulnerabilities in and out

Now, zero-day vulnerabilities are tough to prevent, since they usually crop up due to flaws in software that not even the developer may know about – hence the name.

Vulnerabilities can be disclosed, and subsequently recorded, by organizations like MITRE, which maintains the registry of common vulnerabilities and exposures (CVEs).

One way to prevent the exploitation of vulnerabilities is to always keep systems and apps up to date, such as with security updates, or by patching vulnerabilities through patch management functions, which are often a requirement of cyber insurance nowadays.

The reason vulnerabilities are so important in the grand scheme of things is that successful patching and updates are make or break for the management of a company’s threat surfaces. Security admins have to demonstrate effectiveness here, both in the office and for employees working hybrid or fully remotely. This is true regardless of how device use expands beyond the limits of company premises and must even extend security to areas and activities security admins may not see. This brings with it a whole slew of problems, including potential new vulnerabilities, the resulting incidents, and users being targeted who have access to critical internal networks and data through their computers, phones, or tablets.

This fact is driven home, especially as cloud-based tools become the norm. As a result, cloud security has become a key component of prevention, since most companies now use products like SharePoint or other cloud-powered internal data repositories and sharing networks. And what’s more, both the benefits and the risks trickle down to cloud-powered apps like Office 365 or Google Workspace Suite, meaning that the more connection there is between an internal server and an external user, the more opportunities there are for exploitation. This is very evident when we look at cases where, for example, Microsoft Teams was used to share malware through external accounts that did not even belong to the targeted organization.

Monitoring an extended network

Cloud security is important, but it is not enough, especially from the perspective of a security admin who might want to have a deeper understanding of their company network, with specific alerts, rules, and triggers that would highlight and specify issues arising during crucial moments – like when an attacker is trying to exploit one of the company’s assets.

Skilled admins would probably pick an XDR solution to gain an understanding of their environment, with access to quick remediation of potential incidents. This is all well and nice – when an organization has the necessary resources to purchase and maintain such a solution.

Sure, XDR tasks can be made easier by employing effective and intuitive software solutions like the ones offered via ESET Inspect, which makes the lives of security admins easier by coming pre-loaded with certain rules, with further enhancement being rather easy to configure thanks to its elegant interface. But that takes time, and it also asks the admin to know their environment enough to recognize which rules need to be configured, customized, and set up in a prioritized manner.

From there, capabilities like the automatic incident creator found in ESET Inspect can work wonders to speed up incident remediation, giving the admin more time and room to focus on other important matters.

But is that enough? Can XDR prevent ransomware attacks such as the one that targeted the above-mentioned game studio?

Time to stop ransomware

Indeed, while using XDR is one way to stop the execution of ransomware, the admins need to be fast enough to respond on time, stopping the threat in all locations, and killing it as soon as possible by knowing where the breach occurred.

XDR can help with that, as it offers a granular view of a company’s environment. During the MOVEit saga, for example, ESET Inspect managed to detect the compromise and supply admins with logs pertaining to it.

And if that is not enough, or a company requires more professional help to rapidly address mitigation and remediation needs, services including a larger capacity of security experts supplied with professional software –MDR solutions – are where it’s at.

MDR is a lot like XDR, but it adds another dimension – it is a service that also employs real-life experts to manage company cybersecurity. While XDR is a great pick for businesses with enough personnel, institutional knowledge, and capacity to tackle complex threats, MDR pushes security to greater heights as it supplies experts with deep knowledge of both the security tool at hand (XDR) and the threat environment.

This means high-level support in case of an incident, be it a random weekday, holiday, or weekend, as MDR is a 24/7/365 service. So, in case a ransomware attack happens when most of a business is out, the MDR team can still immediately respond to a threat despite the lack of in-house staff.

This rings true even for small and medium-size businesses (SMBs), which can lack such staff by design, due to limited resources. Regardless, SMBs face the same threats as large enterprises, including ransomware. And in such cases, quick action is always necessary.

Closing time

It’s one thing to stop an ongoing incident, but it’s an entirely different thing to proactively prevent an incident from happening in the first place.

XDR and MDR are both excellent choices in the fight against ransomware and related threats, as they empower companies to be on the lookout for even the most insidious threats.

And while all the components of a security platform such as ESET PROTECT help in protecting specific environments, a detection and response solution, whether in-house or as a service, combines all of this into a single view. It provides a refined and clear understanding of the security apparatus of a company, giving admins the right tools to respond and remediate on time.

About Version 2 Digital

Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About ESET
For 30 years, ESET® has been developing industry-leading IT security software and services for businesses and consumers worldwide. With solutions ranging from endpoint security to encryption and two-factor authentication, ESET’s high-performing, easy-to-use products give individuals and businesses the peace of mind to enjoy the full potential of their technology. ESET unobtrusively protects and monitors 24/7, updating defenses in real time to keep users safe and businesses running without interruption. Evolving threats require an evolving IT security company. Backed by R&D facilities worldwide, ESET became the first IT security company to earn 100 Virus Bulletin VB100 awards, identifying every single “in-the-wild” malware without interruption since 2003.

A Closer Look at the SEC Cybersecurity Rule on Disclosure

On July 26, 2023, the U.S. Securities and Exchange Commission (SEC) adopted new rules that significantly enhance how public companies must handle and disclose cybersecurity incidents and their overall cybersecurity risk management. This initiative is crucial in promoting transparency and protecting investors from the adverse effects of cybersecurity threats. One of the technological strategies that can be pivotal in complying with these new regulations is Network Access Control (NAC). Here’s a detailed look at the new requirements and how NAC systems can be integrated to ensure compliance.

Key Provisions of the SEC’s New Cybersecurity Disclosure Rule

The newly adopted SEC rules require public companies to report material cybersecurity incidents within four business days of their determination as being “material.” Companies must provide a comprehensive description of the incident, detailing its nature, scope, and timing, as well as the impact or potential impact on the company.

Additionally, the regulations, encapsulated under Regulation S-K Item 106, necessitate annual disclosures that elaborate on the processes a company uses to assess, identify, and manage cybersecurity threats. This includes detailing the roles of the board of directors and management in overseeing these risks.

The Role of Network Access Control (NAC) in Complying with SEC Rules

Network Access Control (NAC) systems are critical in managing access to network resources, ensuring that only authorized and compliant devices are allowed network access, and thereby significantly reducing the potential for unauthorized or harmful entries that could lead to cybersecurity incidents. Here’s how NAC can fit into the SEC’s new cybersecurity framework:

  1. Prevention of Unauthorized Access: By enforcing policies for user and device access, NAC can prevent unauthorized access, an essential factor in mitigating the risks of cybersecurity incidents that must be disclosed under the new SEC rules.
  2. Enhanced Incident Detection and Response: NAC systems can monitor and log access activities within the network, providing an audit trail that can be crucial for detecting and responding to cybersecurity incidents swiftly. This capability supports the requirement for timely reporting as stipulated by the SEC.
  3. Assessment and Management of Cyber Risks: NAC helps in identifying and categorizing devices connected to a network, assessing their compliance with security policies, and managing their access. This ongoing assessment and management align with the SEC’s requirements for companies to describe their processes for managing cybersecurity risks.
  4. Supporting Compliance and Reporting: NAC systems can generate comprehensive reports on network access and security incidents, providing the necessary documentation that companies can use to support their compliance with the new SEC regulations. These reports can be crucial during audits and inspections to demonstrate adherence to prescribed cybersecurity practices.

Looking Ahead

The SEC’s new rules on cybersecurity disclosures set a clear path for how public companies should manage and report cybersecurity incidents and their overall cybersecurity strategies. Network Access Control (NAC) systems offer robust solutions that can help companies meet these new requirements efficiently. By integrating NAC into their cybersecurity frameworks, companies can enhance their security measures, ensure compliance with regulatory requirements, and protect their stakeholders from the potentially devastating effects of cybersecurity breaches. This strategic approach not only aligns with the SEC’s mandate but also strengthens the company’s overall cybersecurity posture.

About Version 2 Digital

Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About Portnox
Portnox provides simple-to-deploy, operate and maintain network access control, security and visibility solutions. Portnox software can be deployed on-premises, as a cloud-delivered service, or in hybrid mode. It is agentless and vendor-agnostic, allowing organizations to maximize their existing network and cybersecurity investments. Hundreds of enterprises around the world rely on Portnox for network visibility, cybersecurity policy enforcement and regulatory compliance. The company has been recognized for its innovations by Info Security Products Guide, Cyber Security Excellence Awards, IoT Innovator Awards, Computing Security Awards, Best of Interop ITX and Cyber Defense Magazine. Portnox has offices in the U.S., Europe and Asia. For information visit http://www.portnox.com, and follow us on Twitter and LinkedIn.。

How VIAS3D achieved peace of mind by securing flexible remote working

VIAS3D stands as a pioneering force in the software sales and support field. It offers comprehensive simulation solutions across various industries, such as aerospace, defense, oil and gas, electromagnetic manufacturing, and more. 

Since its start in 2015, the company has grown from a small team of five to a global workforce of 250 employees spread across seven countries.

VIAS3D prides itself on tackling the toughest problems for its clients, ranging from design and part manufacturing simulations to optimizing assembly line efficiency through advanced software solutions like Delmia and Abaqus.

While working on solutions for its clients, VIAS3D must find the right tools for its own network security. The company’s IT manager, Robert Brazzell, shares their journey of enabling the team to feel secure while out of the office and protect the network using NordLayer.

The challenge

Tackling unsecure connections in the face of remote work

Key pain points

With adopting a fully remote work policy triggered by the pandemic, VIAS3D faced new challenges. Specifically, the company struggled with maintaining secure and reliable connections for its globally dispersed team.

“Before, we really didn’t need a VPN when everybody was staying at the same IP address all the time. But once people felt more comfortable traveling, we noticed increasing vulnerabilities. We needed to create security through obscurity.”

Click to tweet

As employees embraced the flexibility of remote work, moving from static office environments to dynamic remote settings, the company noticed an increase in unreliable connections and security vulnerabilities. This was particularly noticeable when employees accessed the network from public Wi-Fi networks during travel or work from cafes and parks.

“With a fairly lax hybrid model, we wanted that extra layer of security anytime employees were working someplace a little bit more pleasant than their home office.”

Click to tweet

This new way of working required a robust solution to ensure data security and connectivity reliability, essential for sustaining the company’s operations and client service delivery.

The solution

Building safety via credibility and flexibility

Main criteria choosing the solution

To address the challenges, VIAS3D opted for NordLayer, drawn by its strong reputation for secure network access and superior connectivity speed.

“We already knew NordLayer was about the industry standard, and a quick glance shows you that it has the fastest connectivity, which is very important. So any other outliers that we assessed were almost non-contenders.”

Click to tweet

The selection process was straightforward, given NordLayer’s industry-standard status and the company’s prior positive experience with NordVPN.

“We were using NordVPN selectively about a year before getting NordLayer, which heavily influenced our hand in adopting the solution company-wide.”

Click to tweet

The implementation of NordLayer was seamless. It was facilitated by its compatibility with then-Azure AD (now Entra ID), which allowed for easy distribution and self-adoption among employees.

“We pushed NordLayer out through Azure AD—everybody got an email and got excited about the new toy. It pretty much was a system of self-adoption”

Click to tweet

This move was not just about adopting a new tool—it was a strategic decision to empower the remote workforce with a secure and efficient working environment.

Why choose NordLayer

NordLayer was selected for its comprehensive security features, ease of implementation, and exceptional support. The platform’s fast connectivity was a key factor, ensuring that remote employees could work efficiently without sacrificing security.

How NordLayer covers the performance and security needs of remote teams

it managers users

Furthermore, NordLayer’s reputation for reliability and the positive experience with NordVPN, which was previously used by the company, cemented its choice as the optimal cybersecurity solution.

The outcome

Secured connections and peace of mind

The benefits of implementing NordLayer

The integration of NordLayer into vias3ds’ operations has significantly bolstered the company’s cybersecurity posture, allowing IT managers like Robert to sleep better at night, knowing their employees are protected regardless of their location.

While the integration of NordLayer didn’t directly lead to process efficiencies or significant time savings, the value it added in terms of securing remote connections was immense.

“It’s just textbook security through obscurity. It makes me feel a lot better when I hear about them connecting to a public network in an airport, knowing that NordLayer is there to protect them.”

Click to tweet

IT managers and employees alike now enjoy peace of mind, knowing they are protected regardless of where they choose to work.

This outcome underscores the importance of proactive cybersecurity measures in today’s remote and flexible working environments. It ensures businesses can operate securely and without interruption.

Top cybersecurity tips

Robert emphasizes the importance of constant vigilance, open communication, and a discerning eye as crucial to maintaining cybersecurity.

Pro cybersecurity tips

For VIAS3D, adopting NordLayer was not just about implementing a VPN solution but about creating a secure and efficient working environment for a global team embracing the new normal of remote work.

Through this partnership, VIAS3D has not only enhanced its cybersecurity framework but also reinforced its commitment to providing its team with the tools they need to succeed in a flexible and secure manner.

This case study demonstrates the importance of selecting the right cybersecurity solutions to meet the unique challenges of today’s dynamic work environments, ensuring that companies like VIAS3D can continue to innovate and lead in their respective industries.

About Version 2 Digital

Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About NordLayer
NordLayer is an adaptive network access security solution for modern businesses – from the world’s most trusted cybersecurity brand, Nord Security.

The web has become a chaotic space where safety and trust have been compromised by cybercrime and data protection issues. Therefore, our team has a global mission to shape a more trusted and peaceful online future for people everywhere.

Why you need immutable data protection in your ransomware strategy

And why a lean, purpose-built tech stack is the way to do it

Immutability is a key feature that plays a pivotal role in safeguarding data integrity, boosting data resilience, and protecting data against threats, including ransomware, but certain considerations need to be addressed when evaluating backup solutions. Let’s look into the concept of data immutability, its significance, and what it means for Keepit’s SaaS data protection platform.

Data immutability definition: Why it’s important

Immutable storage operates on a simple principle: Data can only be added. Once data is written, it can’t be changed, effectively locking it and preventing any unauthorized tampering or deletion. In the context of data protection, this means that once data is stored immutably, it remains unchanged and is safeguarded against unauthorized modifications or deletions, ensuring data integrity at all times.

How an immutable backup solution will enhance your overall security posture

The importance of data immutability in data protection is multifaceted. Here’s a quick rundown of some of the main drivers for deploying a solution leveraging data immutable technology:

  • Data integrity: First, immutability ensures that data remains in its original, unaltered state, preserving its integrity. This is critical for basically all industries.
  • Ransomware defense: In the battle against ransomware, data immutability offers a robust defense. Here’s why: Even if ransomware infiltrates a system, it cannot manipulate or delete immutable data. Because of this, it’s providing a secure fallback option for data recovery.
  • Compliance and legal requirements: Since regulatory bodies require organizations to maintain unaltered records for a specified period of time, having a backup solution that guarantees this is vital. In this way, immutability helps organizations meet these compliance requirements.
  • Historical data preservation: Immutability enables organizations to keep historical data records that are unchangeable. This is valuable for auditing, investigations, and analysis of past data.

 

So, which features should you look for when evaluating backup options that all offer immutability? First, I’d say simplicity, because it’s not always simple.

“Simplicity as a shield”

Who doesn’t like a good acronym hijacking: Software as a service (SaaS) meets “simplicity as a shield.” Our solution distinguishes itself in data backup and recovery by having the most efficient tech stack. It’s cloud native and purpose built for SaaS data storage with the clear security goal of keeping data tamper proof and always immutable.

But what does simplicity mean for defining immutability and how it impacts a data protection strategy? Or alternatively, what does complexity mean for immutability? Let’s look at both, starting with the latter.

Vulnerabilities for backup providers with complex adaptations

Many backup providers have legacy systems that were initially designed for on-premises environments. In order to adapt to storing cloud data, these providers had to implement bolt-on solutions via additional layers to their old, on-prem tech stack, resulting in a much more complex architecture.

There are two main considerations that I want to discuss, from a security standpoint, with cloud adaptions to on-premises solutions: First, the complexity is significantly increased with the added layers required to retrofit an on-premises deployment for the cloud, thereby increasing the attack surface and potential attacker entry points; Second, these bolted-on layers often have immutability as a configuration, not baked into the architecture.

While these top layers often offer options for manual configuration to achieve immutability, this configurability and added complexity create potential entry points for attackers. Effectively, this results in more entry points — more “doors” that bad actors will come knocking on to see if someone forgot to lock up. (Read about why backups are key ransomware targets.)

To make matters worse, the complexity added by having those extra layers makes comprehensive testing challenging. More potential entry points with less comprehensive testing means a larger attack surface to protect and test to ensure that they’re secured. That’s not great for data integrity, ransomware defense, or historical data preservation.

In solutions deploying these bolt-on cloud adaptations to “modernize” legacy systems, attackers can exploit these optional higher levels (I say optional since these levels only exist because they’re modifying an on-prem solution for the cloud). These retrofitted legacy systems can be (and should be) thought of as having more potential access points for threats.

Retrofitted complexity: The Achilles’ Heel of many backup solutions? 

“Defenders need to be perfect all of the time, while the attacker only needs to succeed once.” 

-Popular security axiom 

 

So, where does all this lead to? As a result of these legacy on-premises systems being retrofitted for cloud data, cybercriminals are finding easier entry points into the targeted environment, gaining access (Think: social engineering like phishing) into the ecosystem at these more vulnerable higher levels (where the stakes perhaps don’t seem so severe) before drilling down through the layers to lower-level access with their highjacked rights. 

 

Here they can then gain entry to the lowest, most-important (and secure) levels to corrupt, encrypt, or otherwise destroy backup data — attackers typically assume access at a higher level, but the main concern here is that if the assumption that the higher the level you go, the easier entry is, then those solutions with the highest complexity would also be the most vulnerable. 

 

To say it another way: The deeper the layer of attempted entry, the fewer chances for access and exploitation. Therefore, less complex solutions — “less complex” meaning something good because you’re more deliberate on the design — have fewer options to exploit and can be tested much more holistically. That’s a win win. 

 

There are three notions I want to keep top of mind:

  • Typically, higher levels can be immutable, but sometimes these must be configured manually. 
  • Attackers use these “immutable optional” higher levels as easier entry points and then drill down to the immutable, lower-level access points with assumed access rights they acquired. 
  • Having fewer layers means a smaller attack surface for exploitation. Simple is a good thing because it means you’re more deliberate on the design (and can test more holistically). 

 

What an efficient tech stack means for cyberattack defense 

Unlike legacy systems with bloated, bolted-on complexities, Keepit’s purpose-built and streamlined architecture minimizes potential access points for threats. The leanness of our software means having fewer layers of complexity and therefore having fewer points of entry for threat actors. Not only that, but since it’s simpler, we can test holistically (and testing is key). 

 

Put simply, Keepit has fewer layers since our tech stack is purpose built for cloud data storage. In this way, it avoids a lot of the complexity other backup providers “need” to have but only because they’re running legacy systems from the on-premises days with bolt-on cloud modifications. 

 

The level of leanness, efficiency, and simplicity we’ve achieved directly adds to the strength of immutability in our solution. 

 

We’re able to achieve this because we designed our solution for the cloud, in the cloud, and to do “one thing” extremely well, and that’s to protect and store cloud SaaS data securely on an independent cloud, air gapped, so customers can always have access to clean backup copies of their data. 

 

Simplicity is key: Fewer layers are much more secure 

SpaceX, the company that revolutionized commercial spaceflight, has a philosophy that states “the best part is no part,” which resonates here. By embracing simplicity and efficiency in design, Keepit aligns with a principle that’s also reaching for the sky (well, the cloud at least) — it’s a design choice that enhances security, boosts efficiency and agility, and integrates seamlessly with a multitude of SaaS applications due to its API-only design. 

 

Software can be infinitely complex, with no way to test everything (among other issues, like development and maintenance). From a security standpoint, if your solution is too complex, there’s just no way you could test sufficiently. And so, simplicity is key. That’s my philosophy and the philosophy behind Keepit. 

 

Immutable by default 

Deep at the core of the Keepit platform, there’s simply no way to overwrite data in storage: It’s just not possible. Like the backup tapes of the past, our disk-based storage systems do not offer a mechanism for modifying backup data. Hypothetically, even if an attacker — or a malicious insider — were to gain access, they just couldn’t do anything there. That’s immutability. 

 

So, our approach disrupts the pattern ransomware attackers are exploiting in other backup solutions. By providing a more secure foundation through not only avoiding these superfluous layers, but by being designed specifically for cloud backup data storage, we leverage immutability through simplicity. 

 

In addition to immutability, we leverage a number of other data protection best-practice security methods. 

 

Adding to immutability: Data protection best practices 

Some of our other security methods deployed for data resilience and data immutability are the immediate encryption of backup data, incremental backup, and data deduplication.

The Keepit solution is running on a vendor-independent, tamper-proof and air-gapped cloud infrastructure. Our cloud offers true backup, where data is stored separately from the primary production data set, regardless of if the data is in Microsoft Azure storage, AWS, Gcloud, or otherwise. 

“True backup” is air gapped in line with the 321 backup rule, meaning your ability to recover clean backup copies is always there, regardless of the status of your SaaS vendor.

To sum up what makes Keepit’s approach to data immutability uniquely strong against ransomware and other cyberthreats:

  • Cloud native: Our tech stack is purpose-built for cloud data storage, so we avoid unnecessary layers of complexity and the associated vulnerabilities with legacy systems. 
  • Efficient tech stack: Our efficient tech stack minimizes potential access points and reduces the overall attack surface. 
  • Holistic testing: The simplicity of our solution (remember, simple is good) allows for more holistic testing, ensuring a robust and secure environment. 
  • Immutability: Administrative access cannot overrule or unconfigure the immutability as it is baked into the solution from the ground up, so even if a customer account is fully compromised, the immutable data storage will retain the historical backup data in pristine condition.

Where to go next

This post is part three of a five-part series on ransomware resilience. Read part one “Why backups are key ransomware targets” and part two “Why air gapping is your best defense.” Check back soon to catch the fourth installment of the series, where we’ll discuss the importance of SaaS data protection for identity systems like Microsoft Entra ID. 

 

Want to keep learning? Watch our on-demand webinar co-hosted with Enterprise Strategy Group (ESG) entitled “Surviving ransomware: 2023 data protection insights and strategies.” Learn how to be data resilient in the face of cyberattacks. 

About Version 2 Digital

Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About Keepit
At Keepit, we believe in a digital future where all software is delivered as a service. Keepit’s mission is to protect data in the cloud Keepit is a software company specializing in Cloud-to-Cloud data backup and recovery. Deriving from +20 year experience in building best-in-class data protection and hosting services, Keepit is pioneering the way to secure and protect cloud data at scale.

×

Hello!

Click one of our contacts below to chat on WhatsApp

Social Chat is free, download and try it now here!

×