Sponsored Session: Securing S3 Backups Against Ransomware

Object storage is a popular destination for backups in the cloud-native ecosystem, and it can be used to create immutable backups. Immutable backups are an important part of any data protection strategy, and treating blobs as immutable is an important requirement when implementing immutable backups. The S3 API provides the primitives needed for creating immutable backups with a feature called object locking.

• Object storage is scalable, simple, and robust, making it a perfect target for backups in the cloud-native space.
• Immutable backups are important for data protection, and treating blobs as immutable is a best practice.
• The S3 API provides the primitives needed for creating immutable backups with a feature called object locking.
• To use object locking, your bucket must be configured with versioning, and you'll need to set object locking parameters in your API requests.
• Object locking ensures immutability and prevents modification of backup data from both internal and external threats.

Ransomware has become more mainstream and vicious in how it attacks, and it's getting even more intelligent in how it attacks. Accidental deletion, policy gaps, and security threats are the top three things causing data loss. Immutable backups are important for preventing failure scenarios and ensuring legal and compliance requirements are met. In particular, targeted Kubernetes use cases are vulnerable to external security threats and insider threats, such as the Hildegard ransomware that targets cloud and container infrastructure to mine for cryptocurrency and exfiltrate sensitive data.

Sharing of Personal Information with Sponsors In order to facilitate networking and business relationships at the event, you may choose to visit a third partyʼs virtual booth or to access sponsored content. You are never required to visit third party booths or to access sponsored content. When visiting a booth (e.g. by clicking on a third partyʼs logo in the Solutions Showcase or exhibitor directory, and any actions within the booth thereafter including viewing resources), when accessing sponsored sessions in the Sponsor Theater, or by participating in sponsored activities, the third party will receive some of your registration data. This data includes your first name, last name, title, company, address, email, standard demographics questions (i.e. job function, industry), and details about the sponsored content or resources you interacted with. If you choose to interact with a virtual booth or access sponsored content, you are explicitly consenting to receipt and use of such data by the third-party recipients, which will be subject to their own privacy policies.When backing up cloud-native data, there is no better place than object storage. From databases to data protection applications, the cloud-native landscape is littered with projects that backup data to object storage. With all this mission-critical data being stored in object storage it’s no wonder that it’s become a high-value target for cyber criminals. This, in combination with the rising popularity of cryptocurrency, means that ransomware protection is now a requirement for IT departments of any size.The S3 protocol has become the de-facto standard API for interacting with Object Storage. It is implemented by nearly all object storage providers and consumed by modern cloud native applications. Thankfully it provides all the primitives needed to develop a robust strategy to protect against ransomware attacks.In this session, we’ll walk through how backups saved in an S3-compatible can be made ransomware resistant. We’ll show which APIs are used and how to configure the buckets. If you’re considering backing up data in object storage and your data is too valuable to lose, then this talk is for you!