The increasingly pervasive ransomware epidemic has exposed the grim reality that many organizations aren’t securing their hybrid cloud infrastructures from bad actors who traverse from one cloud platform to the next looking for backed-up data. Unprotected hybrid cloud infrastructures leave valuable data and applications, including Microsoft 365, vulnerable to ransomware and a wide range of cyberattacks. During this week’s Microsoft Insights event, Rubrik and Microsoft provided examples of how their collaboration is stopping ransomware attacks and breach attempts.
Succeeding at zero trust cloud management
Getting hybrid cloud security right at the infrastructure and platform level at scale is hard. At a minimum, any zero trust cloud management system or platform needs to be designed on top of strong authentication, authorization, and accounting (AAA) framework or model for cybersecurity. AAA is essential for any zero trust hybrid cloud security platform to succeed. It will also need federated authentication and support for multifactor authentication (MFA) with single sign-on (SSO). There also needs to be role-based access controls that are granular and detailed to define the least privileged access and support for identity access management (IAM). Add to this the need for build-in use activity audit logs, and the framework emerges of what a true zero trust hybrid cloud management system looks like.
Rubrik’s zero trust architecture is designed to excel in each of the core areas and has proven itself reliable in Microsoft Azure deployments. In August, Microsoft made an equity investment in Rubrik to accelerate the company’s ongoing efforts to defend Microsoft Azure customers from ransomware attacks and repeated attempts to breach Azure platforms and exfiltrate data. In investing, Microsoft committed to sharing go-to-market activities and co-engineering projects to deliver integrated zero trust data protection solutions built on Microsoft Azure. During this week’s Ignite 2021 conference, the product demonstrations show how tightly integrated Rubrik and Microsoft 365, Azure, and other products are.
Rubrik’s ongoing co-development with Microsoft delivers solid results, as seen during the Ignite presentation today. Rubrik can scale up to protect any amount of Azure VMs, managed disks across hybrid cloud configurations, secure Microsoft Exchange, OneDrive, SharePoint, and Teams. The following diagram explains how Rubrik and Microsoft integrated infrastructure to close the gaps hybrid cloud configurations create.
The more secure the cloud data, the easier the recovery
Rubrik writes data into Azure in an encrypted state using a customer-supplier key, and encrypts data in flight and rest. The Rubrik platform does this to protect data from attackers and rogue administrators by requiring both Rubrik permission and the organization’s encryption key to unlock the data. Further, protecting the Azure-stored data, Rubrik requires anyone attempting to access any location to have a secure key from the Azure Key Vault. A big plus for the Rubrik and Azure partnership is how well these workflows span hybrid cloud configurations, regardless if all clouds are running Microsoft Azure or not.
What’s noteworthy about the advances Microsoft and Rubrik demonstrated today are the following key takeaways regarding their zero trust architecture, DataGuardian, and the core set of technologies is based on that continue to become more integrated into the Azure architecture:
- Their immutable data platform is shutting down ransomware attempts – Data managed by Rubrik is never available in a read/write state to the client. This is true even during a restore or Live Mount operation. Additionally, since data cannot be overwritten, even infected data later ingested by Rubrik cannot infect other existing files or folders.
- Declarative policy engine scales well in Azure deployments – Rubrik allows administrators to abstract low-end tasks required to build and maintain data protection to focus on adding value at a more strategic level across the organization.
- A threat engine that works – As Rubrik collects each backup snapshot’s metadata, we leverage machine learning to build out a full perspective of what is going on with the workload. The deep neural network (DNN) is trained to identify trends across all samples and classify new data by their similarities without requiring human input. The result is that Rubrik detects anomalies, analyzes the threat, and helps accelerate recovery with a few clicks.
- Secure API-first architecture – Having an API-Driven Architecture means that every action in the Rubrik user interface (UI) has a corresponding API that is documented and available for use.
All these factors combine to streamline the recovery process in the event of a ransomware attack. The following graphic shared today at Microsoft Ignite displays how:
Hybrid cloud configurations require abstract thinking
Securing hybrid cloud configurations is comparable to enrolling in a graduate degree program in computer science or math. It’s challenging, requires the ability to see abstract concepts and integrate them – and make it all scale and deliver solid, correct answers simultaneously. Rubrik and Microsoft show they have solved the immediate challenges of a hybrid cloud configuration. Now on to the more chaotic world, CIOs and chief information security officers (CISOs) face with legacy apps and platforms that don’t behave well by today’s security and enterprise computing standards.