Your Microsoft 365 data is a prime target for ransomware. Attackers know that Microsoft 365 lives directly in the path of business-critical operations now more than ever. As highlighted by Mandiant – one of the industry's leading cyber security firms – this translates to “targeted threat groups investing a lot of time and money into understanding [Microsoft] Office 365 and understanding how to attack it.”
Are You Prepared Against Ransomware?
Even if you take every precaution to protect your organization, you can still fall victim to ransomware. It’s imperative to evaluate how your organization would respond to such an attack.
Through the use of the shared responsibility in the cloud framework and the functionality provided through native tools, you may already know that Microsoft is responsible for keeping its cloud functional, while customers are responsible for protecting their data. The native tools that organizations have traditionally utilized for their data protection efforts fall under the “Govern your Data” section of the Microsoft Information Protection (MIP) framework. This primarily refers to retention policies designed to allow you to “comply with legal or regulatory standards” by helping you “discover, classify and protect sensitive information”, keeping the data you need and deleting what you don’t.
To complement retention efforts, Microsoft provides world-class perimeter defense, controlling access to keep attackers out, and detecting risky behavior. When it comes to cyber disasters, Microsoft also has guidelines in place, with the first step in Microsoft’s “How to recover from a ransomware attack” in the Microsoft 365 documentation to verify your offline backups. This is where Rubrik comes in as a critical component of your security strategy.
Recover Your Critical Data
Say a threat actor or rogue admin utilized delete functionality in your production environment to automatically remove all data from your environment. Or say data is simply lost through accidental deletion. To provide you with the peace of mind your data can be easily recovered, Rubrik creates an isolated and secure backup, with a logical air gap from your 365 accounts. By storing the protected Microsoft 365 data in a separate, secure account managed by Rubrik, backup data is kept intact and readily available exactly when it is needed for recovery.
The logical air gap enforces multiple data protection functionalities:
Authentication – Multi-factor Authentication (MFA) safeguards the system from attackers gaining access, even when credentials are compromised.
Authorization – Fine grained Role-based Access Control (RBAC) enables the principle of least privilege to prevent users from moving laterally within the system to gain unauthorized access to resources.
Audit logging – Operations are logged and can be monitored locally or shipped to a log analysis tool so there is an audit trail when changes are made within the system.
As a SaaS that automatically scales to meet the needs of the modern enterprise, Rubrik also eliminates manual job scheduling. It’s simple to scale policy management across tens of thousands of users, and new users added are automatically protected. Easily locate data with real-time global search, and even recover in bulk or use a granular, three-step recovery to any destination. Best of all, you can manage everything through one platform, for your on-premises and cloud environments.
Rubrik + Microsoft
When Rubrik designed our Microsoft 365 protection, we did so in the context of the current threat landscape, also taking into account the security functionality provided by native Microsoft tooling. Rubrik and Microsoft even recently entered into a strategic agreement that includes a Microsoft equity investment in Rubrik to deliver comprehensive and integrated data protection solutions for Microsoft 365.
Together, Microsoft compliance tools and Rubrik give you complete data protection. And, this “better together” data protection is key when it comes to long-term, secure backup.
If you’re to follow Microsoft best practices and utilize a third party to protect your Microsoft 365 data, it makes sense to consider the joint Rubrik + Microsoft offering. With Rubrik, you have the option to utilize a solution that Microsoft themselves believes will advance their customers’ Zero Trust data protection journey and increase their digital resilience.
To learn more, check out our session on Rubrik for Microsoft 365 from Microsoft Ignite 2021.