With each software update in Version 6, ExaGrid has been adding additional layers of security to its Tiered Backup Storage, which already guards against external threats by utilizing a non-network-facing repository tier (tiered air gap) with delayed deletes and immutable data objects where backup data is stored for longer-term retention that cannot be accessed by threat actors and cannot be modified by malicious attacks.
In Version 6.3, ExaGrid strengthens security for protection against internal threats such as rogue admins, with a greater emphasis and more control and visibility via existing role-based access control (RBAC) functionality, which is comprised of Backup Operator(s), who have limitations such as any deletions of shares; the Admin(s), who are allowed to do any administrative operation; and Security Officer(s) who cannot do the day-to-day operations, but are the only users that can approve changes that would affect retained backups.
Key updates in ExaGrid Version 6.3 release:
· Admin and Security Officer roles are fully compartmentalized
o Admins cannot complete sensitive data management action (such as deleting data/shares) without the Security Officer’s approval
o Adding these roles to users can only be done by a user that already has the role - so a rogue admin cannot bypass Security Officer approval of sensitive data management actions
· Key operations require Security Officer approval to protect against internal threats, such as:
o Share deletes
o De-replication (when a rogue admin turns off replication to remote site)
o Changes to the Retention-Time Lock delayed delete time
· Root access tightened - changes or viewing requires Security Officer approval
As of Version 6.3, only Admins can delete a share, and in addition, all share deletes require a separate Security Officer’s approval, giving the Security Officer the ability to approve, deny or specify a delay period for the delete of a share.
In addition, RBAC roles are more secure as users with the Admin role can only create/change/delete users and roles other than the Security Officer, users with the Admin and Security Officer roles cannot create/modify each other, and only those with the Security Officer role can delete other Security Officers (and there must always be at least one Security Officer identified). For added security, two-factor authentication (2FA) is turned on by default. It can be turned off; however, a log is kept that 2FA was turned off.
“We know that security is top of mind for everyone in IT,” said Bill Andrews, President and CEO of ExaGrid. “ExaGrid continues to evaluate and update the security features offered for our Tiered Backup Storage solution, as we know that data is not truly protected by backups if the backup solution itself is vulnerable to threat actors. We are committed to provide the industry’s most comprehensive security and best ransomware recovery, so that our customers’ data remains protected and available for recovery in any situation.”
ExaGrid provides Tiered Backup Storage with a unique disk-cache Landing Zone, long-term retention repository, and scale-out architecture. ExaGrid’s Landing Zone provides for the fastest backups, restores, and instant VM recoveries. The Repository Tier offers the lowest cost for long-term retention. ExaGrid’s scale-out architecture includes full appliances and ensures a fixed-length backup window as data grows, eliminating expensive forklift upgrades and product obsolescence. ExaGrid offers the only two-tiered backup storage approach with a non-network-facing tier, delayed deletes, and immutable objects to recover from ransomware attacks.
ExaGrid has physical sales and pre-sales systems engineers in the following countries: Argentina, Australia, Benelux, Brazil, Canada, Chile, CIS, Colombia, Czech Republic, France, Germany, Hong Kong, India, Israel, Italy, Japan, Mexico, Nordics, Poland, Portugal, Qatar, Saudi Arabia, Singapore, South Africa, South Korea, Spain, Turkey, United Arab Emirates, United Kingdom, United States, and other regions.
Visit us at exagrid.com and connect with us on LinkedIn. See what our customers have to say about their own ExaGrid experiences and learn why they now spend significantly less time on backup storage in our customer success stories. ExaGrid is proud of our +81 NPS score!
ExaGrid is a registered trademark of ExaGrid Systems, Inc. All other trademarks are the property of their respective holders.
View source version on businesswire.com: https://www.businesswire.com/news/home/20230620491864/en/
This news is a press release from the provider. Korea Newswire is committed to verifying the transparency of providers and eliminating content errors. You can receive press releases from this company or in industries of interest via email and RSS for free. Subscribe>
News provided byExaGrid Systems, Inc.