WIXLIB

DELL EMC CYBERRECOVERYDATA PROTECTION AND RECOVERYWHEN YOU NEED IT MOST.GET STARTED

DELL EMC CYBERRECOVERYDATA PROTECTION AND RECOVERYWHEN YOU NEED IT MOST.INDUSTRY SNAPSHOTCOMMON VULNERABILITIESTHE SOLUTIONADDITIONAL RESOURCESBACKCLICK A BOX TO NAVIGATE

INDUSTRYSNAPSHOT39%92%67%of detectedmalware isransomware*of organizationscan’t detectcyberattacks quickly†of organizationshad incidents with anegative impact inpast 12 months‡Sources*2018 Verizon Data Breach†Gartner Research, Shift in CybersecurityInvestment to Detection, January 2016‡RSA Cybersecurity Poverty IndexNEXT

TRUE COST OF RANSOMWAREINDUSTRYSNAPSHOTRansom: 30,000Lost Revenue: 2,500,000Incident Response: 75,000Legal Advice: 70,000Lost Productivity: 250,000Forensics: 75,000Recovery & Re-Imaging: 60,000Data Validation: 25,000Brand Damage: 500,000Litigation: 200,000Total Cost of Attack: 3,785,000PREVNEXT

RELIABLE DATA PROTECTION,DELIVERED WHERE YOU NEED IT MOST.INDUSTRYSNAPSHOTProtecting your organization from the inevitability of cyberattacks – especiallyransomware – requires a multi-layered approach. You’ve got to prevent attacks(of course), but you’ve also got to be prepared for the worst.Dell EMC Cyber Recovery protects your organization’s most critical data withinan isolated secure vault. Through an innovative REST API-based automationapproach, your data is removed from the attack surface. Additionally, CyberRecovery brings flexibility in automating robust analytics by integratingcustom or well-known industry tools into your workflow. This facilitates arobust and proactive workflow to help increase cyber resilience throughoutyour organization.PREVCOMMON VULNERABILITIES

ROLL OVER ICONS FOR DETAILSInfrastructure Critical HostsCOMMONVULNERABILITIESKey infrastructure server(i.e., Domain Controller)backup images maybe prematurely expiredwithout authorization orcompromisedMissionCriticalApplication HostsData is not segregatedfromapplicationthe surfacedata,of attackKeytransactional systems,and intellectual propertyessential to operationsare not segregatedfromBackupMgmt Consolethe surface of attackIneffective role-basedaccess controls mayallow unintended accessto backup dataTECHNICALBackup Master ServerBackup image catalogInfrastructurenotHostsreplicated and isolatedCriticalRecovery Point Objectives(RPO) become vulnerablealong with potential data lossMission CriticalApplication HostsBackup MgmtConsoleTape LibraryBackupWhile isolated byMaster Serverdefinition, recovery fromtape may lead to failureof meeting demandingRPO/RTO businessBackupStoragerequirementsand resultinlongerbackupthan desiredPrimarystorageBackuprestoretimesis not replicatedandMedia Serversrepresents a single pointof failureTapeLibraryBackupStorageBackup copies are notisolated or logicallysegregated from networkBackup Reporting/Ops Mgmt ServerINTERNAL NETWORKNEXT

ROLL OVER ICONS FOR DETAILSInfrastructure Critical HostsCOMMONVULNERABILITIESBad actors (external orinternal) deploy maliciouscode or circumvent accessrestrictions to corrupt anddestroy configuration andapplication dataPEOPLE & PROCESSBackup Master ServerTape LibraryBad Actor prematurelyInfrastructureCriticalexpiresHosts backup imagesBackup tapes are stolen,Backuplost or maliciouslyMaster Serverfrom backup infrastructurecatalog, or destroys primarystorage LUN containingcatalog dataBackup Media ServersdestroyedBackup StorageElevated accessBackupcredentials are stolenMedia ServersActor gains accessMissionBadCriticalto backupApplicationHosts catalog andand exploited to destroybackup datadestroys TBs of criticaldata backup imagesBackupStorageBackup Reporting/Ops Mgmt ServerBackup Mgmt ConsoleAdmin’s laptop iscompromised andexploited to host maliciouscode, destroying normalbackup operations andconfiguration informationTapeLibraryBackup MgmtConsoleBackup Reporting/Ops Mgmt ServerPREVNEXTBad actor destroyscompliance reportingdata and disablesevent NETWORKINTERNALalerting

RISK PROFILE SUMMARYCOMMONVULNERABILITIESTECHNICALPEOPLE & PROCESS All data is currently susceptibleto a cyberattack IT Engineering and Opshave access to most if notall Backup Assets Primary storage replicationcan replicate corruption Backup catalog not replicated Security teams not assignedto assets. Bad actors insidethe firewall can create havoc. Recovery of backup catalog fromtape is slow and failure-prone Franchise critical and non-criticaldata are not segregated Backup copies not isolatedfrom network Backup images can be expiredwithout authorizationThese risks are consistent with traditional disaster recovery models.This is a different challenge and requires a different architecture.PREVTHE SOLUTION

DISASTER RECOVERY VS. CYBER RECOVERYTraditional disaster recovery solutions are ill-equipped to recover from a cyberattack.THESOLUTIONDRCRRecovery TimeClose to InstantReliable & FastRecovery PointIdeally Continuous1 Day AverageNature of DisasterFlood, Power Outage, WeatherCyberattack, TargetedImpact of DisasterRegional; typically containedGlobal; spreads quicklyTopologyConnected, multiple targetsIsolated, in addition to DRData VolumeComprehensive, All DataSelective, Includes Foundation SVCsRecoveryStandard DR (e.g., failback)Iterative, selective recovery; part of IRNEXT

CYBER RECOVERY SOFTWARETHESOLUTIONPRODUCTION End-to-end workflowautomationCR VAULT Runs only in CR Vault Creates isolated gold copiesBackupMetadata Robust REST API frameworkenables analytics withAI/ML for malware (incl.ransomware)1.SynchronizeAir GapBackupData Modern UI / UX experience3.Sandbox Copies Easy to deploy and maintainPREV2.ImmutableCopiesNEXT

PROACTIVE ANALYTICS IN THE CR VAULTWhy Analytics in the Vault?THESOLUTIONCYBER RECOVERY VAULT Increase effectiveness of Prevent/Detect cybersecuritywhen performed in protected environment. Diagnosis of attack vectors can take place withinan isolated workbench.Restore Hosts App restart activities can detect attacks that onlyoccur when application is initially brought up.CyberRecoveryStorageSystemCategories of Data Transactional Data – dynamic/large (log variances,sentinel records, etc.) Intellectual Property – static/large (checksums, file entropy) Executables / Config. Files – static/small (checksums,malware scans)PREVNEXTValidation HostsManagement Host

ADDITIONAL CYBER RECOVERY SERVICESTHESOLUTIONDEPLOYMENTWORKSHOPADVISORY SERVICESNew deployment services fromDell EMC Services acceleratethe value of Data Domain basedCyber Recovery Solution. Theseimplementation services areavailable in two sizes to fit yourneeds based on number ofMTrees and data subsets.Dell EMC Consulting leads afacilitated Business Resiliencyworkshop with key stakeholdersto share Dell EMC best practicesfor resiliency, including IT Continuityand data protection, with anemphasis on cyber recovery.Dell EMC Consulting Advisory servicesinclude the workshop and provide youwith a deeper understanding of thesolution, specific data to contain in thevault, and advises on roadmap andcustom solution design. These offersscale based on your specific needs.PREVADDITIONAL RESOURCES

ADDITIONALRESOURCESCase Study:Founder’s FederalCredit UnionWATCH VIDEOBusiness CyberRisk BulletinDOWNLOAD PDFLearn moreabout our CyberRecovery SolutionWATCH VIDEONEXTCyber RecoverySolution OverviewDOWNLOAD PDF

ADDITIONALRESOURCESAnalyst Report:Cyber RecoveryDOWNLOAD PDFESG Video:Cyber RecoveryWATCH VIDEOPREV

Dell EMC Services accelerate the value of Data Domain based Cyber Recovery Solution. These implementation services are available in two sizes to it your needs based on number of MTrees and data subsets. Dell EMC Consulting leads a facilitated Business Resiliency workshop with key stakeholders to share Dell EMC best practices