fbpx

Representative offices: 

Request callback
btn

Achieve petabyte-scale data protection with lightning-fast recovery!

Release

Modern data protection and disaster recovery architectures require the minimum possible recovery time to ensure seamless data handling and application availability.


Infinidat InfiniGuard offers unmatched speed and reliability in data backup and restore capacity for high-performance business continuity and disaster recovery. Learn more about Infinidat by link. Built using the market-leading InfiniBoxto optimize performance and target-side dedup processing, InfiniGuard enables you to maximize effective capacity for multi-petabyte environments. Learn more about InfiniGuard or order a consultation on this solution by following the link. In this article we will consider all the benefits of the InfiniGuard backup solution!


Restore Speed: realize the fastest possible recovery time to ensure uninterrupted access and availability to your data.


CyberRecovery: protect your backup from malicious cyberattacks.

Cyberattacks and ransomware target backup solutions and storage with ease never before seen and backup is no longer the last line of defense. InfiniGuard’s CyberRecovery capabilities neutralizes the growing threats from ransomware into data centers of large companies, as well as cloud service providers, and provides high protection for the entire backup environment.


CyberRecovery capabilities help you fight back by protecting your backup with immutable snapshots that cannot be deleted, encrypted, or changed. Leverage InfiniGuard’s unique capabilities to validate your recovery environment and begin your recovery process near-instantaneously. As a result, you can be confident in your ability to recover from cyberattacks, technical malfunctions, or human error, without compromise to data integrity.


Reliability: attain exceptional reliability and security.

InfiniGuard is designed using the unmatched availability of the InfiniBox with an innovative self-healing architecture and redundant hardware components. Redundant deduplication engines, in an active/active/passive configuration utilizing stateless recovery, means a fast recovery of the engine state on the standby node if a primary node failure occurs; resuming normal backup/recovery operations quickly and with full data integrity.


Consolidation: reduce data center footprint and consolidate data protection.

With effective capacity up to 50PB+ and multiple protocol support (NFS, RMAN, OST, CIFS, and VTL), it is easier than ever to consolidate data protection for multiple systems in a single high-capacity solution. Consolidation with InfiniGuard also reduces data center footprint, lowers power and cooling costs — significantly reducing your data protection TCO.


Performance: accelerate restore performance for the most demanding applications.

Intelligent read-ahead caching, driven by massive parallelism, is core to InfiniGuard’s ability to address business continuity goals. Predictable performance, based on this next-generation cache management and efficient media orchestration, dramatically reduces restore times to meet the most demanding service-level agreements.


Ease of Management & Integration: simplify operations with InfiniGuard.

Built using the market-leading InfiniBox includes an easy and intuitive HTML5 GUI that makes typically complex backup, replication, and recovery operations simpler. The result is an enterprise data protection system that’s highly efficient and simple to manage. It supports most major backup applications already deployed in the data center.


Total Cost of Ownership: the market leader in price and performance.

InfiniGuard presents considerable savings in acquisition costs as well as operational costs. This solution has the lowest TCO for a solution at this usable/effective capacity. InfiniGuard subscription model is a proportional usage fee in which customers can increase or decrease usage as needed. As a result, customers receive a 100% guarantee of uninterrupted operation and secure data migration!



iIT Distribution qualified technical specialists (iIT Distribution is the official distributor of Infinidat in Ukraine)and Infinidat product managers are ready to provide any support to partners and customers at every stage of the project. To buy Infinidat InfiniBox or InfiniGuard backup, recovery and data protection solution, get advice on choosing a solution or additional information, please call +38 (044) 339 91 16, via the feedback form on the website or by e-mail [email protected]

Back

How subtle attacks maximize hackers' profits and what defensive actions need to be taken immediately

Articles and reviews

Demanding programs change their image. Do they pay ransom, how to protect themselves and what to do in case of ransomware attacks?

The main news since the beginning of last month have been allegations of criminal activity by hacker groups around the world in order to obtain funds for stolen and encrypted data. Therefore, the month of May was marked by a number of major cyberattacks, including the use of software ransomware.


WHAT HAPPENED?

Liverpool's subway has been hit by a Lockbit encryption attack, a Brazilian state's court system has been shut down due to malicious file encryption on computers on the system, and Babuk Locker hackers who attacked the Metropolitan District of Columbia have threatened to pay bribery reveal police informants.

The Conti attack seriously undermined Ireland's healthcare system and its affiliates insurance giant AXA were subjected to cyberattacks using a ransomware program, by which hackers stole 3 TB of confidential data from Asian units of AXA.


The target of all these attacks, unfortunately, are critical infrastructure, government and commercial social institutions that function as life support systems for our daily lives. Thus, attacks on such facilities can lead to far-reaching consequences from the activities of criminal groups.


LARGE CORPORATIONS CAN'T SUPPORT

Even the security of companies like Apple was attacked: the brand fell victim to extortionists. A group of cybercriminals, Sodinokoby, stole confidential information about the brand's future products (MacBook laptops and other devices) through the REvil blackmail program, hacking into Apple Quanta Computer (Apple's partner) systems. Hackers were waiting for a ransom from Quanta Computer of $ 50 million by April 27 and threatened to publish more than a dozen diagrams and drawings of components. It was also noted that the size of the ransom could be reduced from 50 million to 20 million, if it is paid by May 7. Later, REvil malware operators removed stolen Apple schemes from their data source site for unknown reasons. At the same time, stolen data from another large company was offered for purchase in the darknet this month.


Spanish Glovo food delivery service, who fell in love with Ukrainians, also felt the effects of a hacker attack during which, the data of tens of millions of users (160 GB of data with information about names, phone numbers, passwords) were put up for sale for $ 85,000.


Toyota suffered a double cyberattack in May: the first hit European operations of Daihatsu Diesel Company, a subsidiary of Toyota, and later Toyota Auto Parts Manufacturing Mississippi uncovered another attack using a ransomware program. Reports say some financial and customer data has been stolen and made public by attackers.


THREATS OF THE MODERN ECONOMY: ATTACK ON CRITICAL INFRASTRUCTURE

The largest ransomware attack during this period halted the largest US pipeline. On May 6, the operator of the Colonial Pipeline pipeline was subjected to a cyberattack by the DarkSide group, as a result of which the company was forced to suspend the transportation of fuel along the entire length of the 9,000 kilometer pipeline. DarkSide penetrated the Colonial Pipeline network and received almost 100 GB of data. After receiving the data, hackers blocked the data on some computers and servers, requesting a ransom. In case of non-payment, hackers threatened to leak data. The Colonial Pipeline website was unavailable, and the company itself admitted that it would resume transportation, which was suspended on May 7, only on May 15-16.

The scale of the attack on Colonial Pipeline was similar to the NotPetya incidents and the attack on Solar Winds.


DO I NEED TO PAY A REDEMPTION?

There is a stunning reality of extortion programs: 92% of organizations do not receive all their data, even if they have paid a ransom. Nevertheless, 32% of companies in 2021 are still willing to pay for it, hoping for a full recovery of their information. Due to this willingness of companies to comply with any conditions of criminal groups, only in the first three months of 2021 the amount of ransom increased significantly and now averages $ 220,000, while in the last three months of 2020 this figure was at $ 154,000. even after paying such crazy money, a third of organizations have not been able to recover more than half of their encrypted data.


It is also worth noting that the concept of blackmail program attack is evolving day by day, and now such attacks include payment requirements even without data encryption. Attackers demand payment in exchange for preventing leaks of stolen information on the Internet. But even after paying the extortionists in this case, the company has no guarantees and can not remain protected from the publication or sale of this data. Because does it make sense to rely on the honesty of fraudsters?


Threats from extortionist programs almost always have valuable consequences for business, including disruptions and theft of confidential data. So is it worth taking such a valuable risk?


IT IS TIME TO MOVE

Readiness for extortion programs has become so mandatory for all organizations that even executives and directors recognize it as part of their responsibility for the operation of the business. The company's team CrowdStrike - the developer of cybersecurity systems, which protects thousands of Amazon-sized companies from hackers, regularly assists organizations in both training and preventive protection, and in responding to attacks by extortionist programs. The company announces some of the practices it recommends in such a turbulent time from attacks.


1. Increasing the resilience to threats of applications with Internet access

It is not recommended to connect RDP directly to the Internet. Attackers use one-factor authentication and unregistered Internet applications. Hackers regularly target systems through Remote Desktop Protocol (RDP), which is available from the Internet.


It is recommended that you use a VPN with multifactor authentication and make sure that any CVEs associated with the VPN platform and the underlying authentication application have priority for fix. This principle should apply to all remote methods and Active Directory (AD) and Citrix Gateway.


2. Introduction and improvement of e-mail security

The victim organization is caught through a phishing letter - this is the most common tactic. Typically, these phishing emails contain a malicious link or URL that delivers data to the recipient's work platform.

Therefore, it is recommended that you implement an email security solution that filters URLs, as well as an isolated attachment software environment. In addition, organizations may prohibit users from receiving password-protected zip files, executable files, javascripts, or Windows Installer package files unless there is a legitimate business need to do so. Adding the "External] tag to non-organization emails and a warning message at the top of the email helps remind users to exercise caution when handling such emails.


Users should also have a documented process to report any emails they are unsure of. In addition, organizations should consider restricting users' access to personal email accounts.


3. Endpoint protection

During the lifecycle of an attack, which ends with the deployment of a ransomware, attackers often use a number of methods to exploit endpoints. These operating methods range from the use of bad AD configurations to the use of public exploits against unprotected systems or applications.

That is why we have to:

  • Provide full coverage of all endpoints in your network for endpoint security products and for the endpoint detection and protection platform (EDR).
  • Develop a vulnerability and patch management program.
  • Follow Active Directory security guidelines: avoid easy passwords with weak authentication methods; avoid having regular users with a domain with local administrator privileges and local administrator accounts with the same passwords for the entire enterprise; restrict data exchange between workstations; avoid sharing privileged credentials.


4. Offline backup

The only reliable way to save data during a ransomware attack is backups that are protected from those programs. When developing a stand-alone backup infrastructure, protected from extortionate programs, keep in mind that:

  • Standalone backups as well as indexes (which describe what data is contained) must be completely separated from the rest of the infrastructure.
  • Access to such networks must be controlled through strict access control lists (ACLs), and all authentications must be performed using multifactor authentication (MFA).
  • Administrators who have access to both stand-alone and network infrastructure should avoid re-using account passwords.
  • Cloud storage services with strict ACLs and rules can also serve as a stand-alone backup infrastructure.
  • Emergencies, such as a blackmail attack, should be the only case where a stand-alone infrastructure is allowed to connect to an existing network.


5. Restricting access to virtualization management infrastructure

New attacks use the ability to directly attack virtualized infrastructure. This approach allows you to use a hypervisor that deploys and stores virtual machines (VMDKs). As a result, endpoint security products installed on virtualized machines do not see malicious actions that target the hypervisor.


Many ESXi (VMware hypervisor) systems do not have a Secure Shell (SSH) protocol by default and are usually managed through vCenter. If SSH is disabled, previously stolen administrator credentials are used to enable SSH on all ESXi systems, so:

  • Restrict access to ESXi hosts to a small number of systems and make sure that these systems have proper endpoint monitoring.
  • Make sure SSH access is disabled, or make sure it is MFA protected.
  • Make sure that passwords are unique and secure for each ESXi host, as well as for the web client.


6. Implementation of the identification and access management program (IAM)

MAKE THE FIRST STEPS NOW

Any organization can fall victim to malicious extortion campaigns with seven-figure ransom demands, but much can be done to stop criminals. The damage that companies can suffer from one such attack can be ten times higher than the cost of its prevention and modern protection. Moreover, it is necessary to take into account the fact that every malicious action on the organization leads not only to material losses, but also damages the business reputation, brand and position of the company. Avoid such risks helps iIT Distribution.

iIT Distribution specializes in advanced information security solutions. We not only provide software and hardware, but also provide a full range of support and consulting services. We offer initial examination and assessment of the state of your information security of the enterprise, which is carried out by highly qualified specialists, selection of equipment and software and implementation of comprehensive cybersecurity solutions in the existing infrastructure, so you can be sure of your protection!

Try to contact with us through the feedback form on the website and get advice from professionals!

Back

Why should hosting providers pay attention to Infinidat data storage solution? Practical experience of use

Articles and reviews

Infinidat, a leading provider of enterprise-class storage solutions, noted that Virtual Data Corp. (VDC) a managed cloud hosting provider has been running smoothly for the past two years using the InfiniBox platform. This high availability allowed the VDC to combine multiple arrays into one for ease of management and cost savings without any disruption. At the same time VDC expanded its storage capabilities with InfiniBox beyond the petabyte to flexibly leverage storage as needed and to support the company's growth strategy.


The move to the InfiniBox storage platform has retooled high-quality, state-of-the-art VDCs in Canada. As an IT solutions provider, VDC provides customers in Canada, the United States and worldwide with public and private cloud hosting, cloud backup, managed server hosting and disaster recovery.


The company was able to combine five to six SANs into a single SAN, thereby simplifying the management of each individual SAN. In addition, VDC has moved on to the broad range of integrations and capabilities that the Infinidat storage platform provides with VMware and Veeam, in particular a disaster recovery (DR) solution.

With 24/7 hosting providers operating in an ever-growing data and workload environment, VDC appreciated the ability to pay for storage incrementally in response to growing business needs. Infinidat provides the ability to purchase and use storage when needed, giving customers a complete picture of their budget.


“The increasing data usage of VDC customers and other service providers has created a significant need to rescale storage capacity. Because we treat our customers as partners, our service and support team calls VDC monthly to help maximize the capabilities of the InfiniBox platform. The predictability, low total cost of ownership, and ease of use that VDC has gained are also enjoyed by all of our customers. "Steve Sullivan, executive vice president of sales at Infinidat.


Infinidat helps businesses and service providers scale their competitive advantage with petabyte data. Infinidat's architecture provides 100% availability and scalability with a significantly lower total cost of ownership than other vendors' solutions.


To read the full VDC case, click here.

Back

The ZTNA model helps reduce the stress loading of employees from remote work

Articles and reviews

As a result of the current pandemic, there are more and more people who must adapt to working at home. At the same time, many businesses are beginning to realize that these changes can be long-term.


Recent report of Gartner "The Best Networking Solutions for Telecommuting " (September 2020), contains a chart showing the percentage of employees who worked remotely before the pandemic and now. As you can see, the number of such employees has grown.

Not only do individual workers struggle with sudden changes and do their best to maintain efficiency in the new environment, but a significant portion of the problems are borne by the business itself. Companies are trying to adapt to the reality of remote workers, which are growing at an unprecedented rate.


In particular network security and network monitoring can create unforeseen difficulties for people who work remotely. Most corporate networks are not designed to handle the sudden increase in remote user activity, which can lead to errors and network disruptions, leading to security, functionality, and financial problems. Traditional solutions for network security and network monitoring fail to provide the necessary corporate requirements for users working from home. Therefore, companies must focus on ensuring the highest level of network security.


The Gartner report includes a recommendation section that includes a recommendation and how network security evolves towards zero-trust network access (ZTNA) principles. ZTNA is a service or product that allows users to securely access the services of an organization with the assurance that no attacker can gain access to applications. Under this model, users, devices, and applications are subject to validation every time they request access to any corporate resource.

Part of the functionality of ZTNA includes the provision of VPN, in addition to other services. ZTNA develops speed, flexibility and adaptability for remote access at a relatively affordable cost. To facilitate the remote user experience and reduce unnecessary traffic, ZTNA can be used as a powerful tool. It will help you successfully improve the security of your network and help reduce security risks or external tampering. Therefore, ZTNA is the ideal model for providing users with uninterrupted access without compromising security.


As corporate security experts, we recommend using ZoneZero from Safe-T. It is not only compatible with most of the leading VPNs that you likely already have in your organization, but it is also compatible with other components of your current network, including security solutions. ZoneZero provides users with authentication based on various factors, increasing the level of security and reducing the likelihood of threats. The solution also offers the ability to migrate from network access to application access to ensure users are not online.


The original source

Back

New Forrester study shows all the economic benefits of using the Falcon Complete!

Articles and reviews

A recent large-scale study commissioned by Forrester Consulting commissioned by CrowdStrike, entitled “The Overall Economic Impact of Using CrowdStrike Falcon Complete,” uncovered the full benefits of CrowdStrike's Managed Detection and Response (MDR) approach.

Based on customer surveys, independent analysis, and financial simulations, Forrester estimates that a customer can save nearly $ 6 million in 3 years, representing an estimated return on investment (ROI) of 403% for Falcon Complete with a ROI in less than three months.

In interviews with a diverse group of Falcon Complete customers, Forrester assessed several distinct benefits that organizations can benefit from using Falcon Complete:


    • Operational efficiency and expansion.
      Organizations gain additional capabilities equivalent to 11 full-time SOC analysts.

    • The risk of being hacked is significantly reduced.
      Forrester's analysis found that the proactive management and customization provided by the Falcon Complete team, coupled with CrowdStrike's breach prevention guarantee, almost eliminates information security risks.

    • Eliminate redundant tools.
      CrowdStrike provides improved protection and performance while reducing costs by replacing many other security tools.

    • Reduced downtime due to security incidents.
      Falcon Complete can fully remediate violations in minutes, rather than relying on reimaging or replacing compromised endpoints.

Naturally, it is necessary to evaluate all the advantages in terms of the cost of certain solutions. Throughout its research, Forrester closely monitored the costs incurred by security services throughout the endpoint security lifecycle, including costs associated with:

    • acquisition and deployment of endpoint protection technologies;

    • 24/7/365 global monitoring and control;

    • 24/7/365 proactive threat search;

    • complete remediation and recovery of systems affected by incidents;

    • service and customization.

Comparing these overarching costs to the benefits organizations get from using Falcon Complete, Forrester has posted an astounding 403% ROI on the product.

More importantly, none of the organizations surveyed reported any serious intrusions since partnering with CrowdStrike Falcon Complete. As a result, Falcon Complete delivers amazing security results at a price far lower than purchasing and creating similar enterprise security environments with other solutions, manpower, and maintenance costs.

You can read the full study here.

Back

Compliance with cyberrisk insurance

Articles and reviews

The threat of data leaks is now an important component of the operational risk of corporations, which is why data security insurance is in great demand. This area is showing rapid growth, its volume will soon become multibillion in US dollars.

Data insurance includes:

    • Data breach cases when unauthorized access to confidential, vulnerableor classified data has been obtained.

    • Data loss due to negligence or data leakage.

Most often, insurance covers legal costs, losses incurred, settlement of obligations in relation to customers or individuals who have suffered because of data breaches.

The cyber insurance contract warranty is not only about direct damages caused by data breaches. The current approach to data security regulation suggests that companies may have serious legal obligations in the event of a leak of confidential information.

Business at risk

The standards of modern data regulation, the European GDPR and the California CCPA, require a "secure by design" approach to the handling of confidential information (that is, data security must be ensured when developing software).

Thus, corporations are responsible for the storage and use of their customers' personal information. Data Security Insurance helps companies minimize risk and adhere to international best practices.

But data insurance is not easy to get.

As with other forms of insurance companies require companies to comply with safety standards. That is to qualify for this level of security, companies must demonstrate that they have taken all the necessary steps to ensure the security of their systems.

Role of DLP (Data Loss / Leakage Prevention)

Data loss protection plays an important role in compliance and data security insurance.

First, DLP strengthens the company's compliance control. While the installation of a DLP platform is not required by data regulation standards, experts point out that DLP is an important factor in demonstrating a company's efforts to protect its data.

That in the event of a data breach company executives will be able to point to these actions as evidence that modern and effective security measures have been taken.

Second, it will be easier for a company to insure its data. Insurance providers are unlikely to want to do business with companies that do not use corporate data loss prevention software.

Compliance with GTB standards

DLP GTB provides users with significant data security optimization benefits.

The artificial intelligence (AI) platform offers customers a high level of protection against data loss, ensuring that company processes comply with all current regulatory standards.

With the help of GTB, the company can take care of the level of confidentiality, which is the reason for the current regulation of the safety of the people, to seize their most valuable resources, as well as to change the potential of the specialists in the sphere of results.

About iITD:

The company Intelligent IT Distribution (iITD) is a classic Value-Added Distributor, which is a good service for the development of the IT system, as well as the service provided by the project support. iITD is the official distributor of GTB Technologies products in Ukraine.  

In English GTB Technologies
To get a demo-version of GTB DLP Suite

Back

PandaLabs Report: Understanding Threats 2020

Articles and reviews

In the Antivirus laboratory Pandalabs, Panda Security, registered and analyzed 14.9 million malicious events, stopping 7.9 million potentially unwanted programs (PNPs), as well as 76,000 exploit warnings intended for use of vulnerabilities in applications, networks or equipment to describe the basic threats of IB and trends in the report.

In 2020, the protection of finite devices from known threats will not be enough. IT Environment must be protected from unknown threats too, because they are trying to stay in the shade. For this it should review their IB strategies. New threats require a transition from one-tech IB to multi-level solutions using (in addition to other functions) behavioral monitoring to eliminate constant threats of increased complexity (APT), invalid attacks and other malicious activity.

To read the full-version of a report >>>.

We invite you to cooperate!

Back

Lepide Remote Worker Monitoring Pack is a simple in deployment and lightweight security platform, which offers immediate protection of business data during an unforeseen period of remote work.

Articles and reviews

It is not surprising that in the current situation, the technical complexity of ensuring the protection of information has increased repeatedly. Traditional "perimeters", and without the blurred cloud solutions and BYOD were in fact completely destroyed. It is not enough to simply protect the perimeter. Now the safety of a large amount of data on the end devices, which are behind the protected perimeter and are often personal gadgets of users.

Lepide Remote Worker Monitoring Pack is a simple in deployment and lightweight security platform, which offers immediate protection for the business during an unforeseen period of remote work.

The main advantages of the product:

  • Data security support - Control as data and resources are used to ensure data security and avoid data leakage.
  • Early risk detection - follow important tasks, detect anomalous behavior of users and take immediate measures to curb threats.
  • Improving productivity - identify those workers who perceive work from home as an excuse for you can do anything.

Platform functions:

  • Monitoring sessions - imperceptible monitoring and recording of user sessions and audit of the entrance and exit system.
  • User behavior monitoring is a detailed control log for each user interaction with confidential data, custom reports.
  • User behavior analytics - analysis of user behavior and identify anomalies with alerts in real time.
  • Protection of confidential data - classification of confidential data and access control using Zero Trust model.
  • An audit of the entry / exit from the system - the control of employee productivity is maintained by tracking the input and output from the system.
  • Self-service portal for AD - allows users to change their own passwords to AD through a safe portal.

To learn more about the solutions Lepide Remote Worker Monitoring Pack.


For organization of the presentation, demonstration of possibilities of decisions and consultations, please address to Yuri Gatupov:
tel.: +380 50 353 00 80
e-mail: [email protected]

We invite you to cooperate!

Back

Mobile Marketing
+
en_GBEnglish
ukUkrainian ru_RURussian en_GBEnglish