Ransomware attacks have soared. A number of studies in the last year show it growing by triple-digit or greater percentages, and now comprises most malware. Every one of those attacks represents an attempt at digital extortion, and some go further, threatening to destroy data or leak embarrassing information of those who don’t pay.
It has gotten so bad that government organizations such as the FBI and CISA now issue regular warnings about ransomware. It’s not business as usual.
The one positive from the past year’s headline-grabbing ransomware attacks is they’ve focused attention on cybersecurity and data protection like never before. These are steps that organizations should have been doing all along, but hey, better late than never.
In response, many backup providers have added extra protection to their offerings to fight ransomware. The last thing you want is to go to your backups after a ransomware incident and find they, too, have been infected. Hence the current spate of new offerings in the backup sector to take care of this factor.
“Even if you have a backup, is it consistent and a copy of good data, or is it simply a copy of bad, damaged, infected or corrupt data?” asked Greg Schulz, an analyst with StorageIO Group. “Or worse, what if your multiple copies or backups are also all bad?”
For the MSP community, the good news is that there are plenty of services out there that combine backup with ransomware protection. They include a variety of capabilities to give users confidence in their ability to recover data from a ransomware attack.
Key Features of Ransomware Backup Protection
When evaluating backup vendors’ ransomware protection capabilities, here are some key features to look for:
- The market is hungry for immutability, offline storage, and otherwise air-gapped copies of critical data, referred to as ultra-resilient copies. Some organizations want disk or tape, some find immutability in the cloud, and others prefer backup as a service to solve these needs.
- The ability to seamlessly implement the 3-2-1 rule or variations of it: 3 copies of data on 2 different media with 1 copy being off-site.
- Threat agnostic: solutions should protect broadly, even offering the ability to recover from previously unknown attacks.
- Robust protection of backup files: preventing tampering of backups, and monitoring for suspicious file encryptions and stopping them.
- Additional safeguards: Vendor solutions offer a dashboard view of various possible steps/hardening options. These vary from vendor to vendor, but should include several of the following: write one/read man (WORM), multi-factor authentication, role-based access control (RBAC), encryption, fault tolerance, alerts, depending on organizational needs.
- Allow quick recovery of workloads in a sandbox then move the data into production.
- The ability to take snapshots of the primary storage used by mission-critical servers frequently enough to meet demanding RPOs and RTOs.
Those last points are critical: even if your backup hasn’t been damaged in an attack, you still need to recover it to your production environment. This is where disk has an advantage – data from disk can be recovered significantly faster than tape, and some vendors promise even faster recovery through virtual machines.
Schulz suggests that MSPs seek out vendors that provide robust backup-as-a-service (BaaS) solutions that include ways to protect both data and metadata from ransomware attacks.
Also read: Starting an MSP Backup and Recovery Service: IT Partner Options
Top Backup-as-a-Service Providers with Ransomware Protection
We evaluated a variety of BaaS vendors for their ransomware protection capabilities. Here are the ones that stood out in our reviews.
Jump ahead to:
Clumio Protect positions itself as the first Amazon S3 backup data protection. It provides ransomware and bad actor protection, a low Recovery Time Objective (RTO) to meet Service Level Agreements (SLAs), with built-in compliance and cost-effectiveness. Clumio partners with MSPs; its data protection service is available for them as a backup solution for AWS.
Clumio’s key features
- Clumio Protect’s air gap S3 backups provide protection from account compromises, ransomware, and behaviors from bad actors
- Provides MSPs with all the APIs and automation for full integration into existing platforms as an additional service
- Granular (prefix level) reporting for compliance and audit purposes
- Centralized view of S3 protection policies across different buckets, accounts, and regions
- Reduces the recovery time of S3 objects and files from days to minutes
- Global search and calendar view to recover specific objects based on the object type, size, etc. within a bucket
- Savings up to 50% over S3 replication and versioning
- Only 15 minutes needed for set up
- 100% customer data recovery from ransomware attempts
- 60% typical savings in time spent managing backup
- 30% average savings in cloud costs
Altaro offers BaaS with ransomware protection to MSPs via a monthly subscription program for Hyper-V, VMware and physical server backup. Pay monthly per VM, which includes Altaro VM Backup Unlimited Plus Edition and Multi-tenant Cloud Management Console (CMC).
Altaro’s key features
- Pay per VM per month, with the flexibility for MSPs to set their own pricing model
- Reliable VM and physical Windows server backup and recovery services (BaaS)
- Centrally manage customers’ VM and physical server backups and replications through Altaro’s multi-tenant Cloud Management Console
- 24/7 support for MSPs and their customers
- No upfront fees
- Charge customers a monthly recurring fee for backups, services and (optionally) storage used
- Minimum monthly subscription of up to 10 VMs per month, with no contracts
- Scale up to thousands of machines
- Backup and replicate customers’ VMs and any physical servers to their servers, the cloud or your own servers and bill for storage used
- Includes WAN-optimized replication
- Cloud backup to Microsoft Azure, Amazon s3, or Wasabi
- Restore VMs to a different host
- Augmented inline deduplication
Kasten K10 deals with Kubernetes data management, enabling organizations to secure their Kubernetes environments with backup solutions that protect deployments from ransomware and data loss. It provides enterprise operations teams an easy-to-use, scalable, and secure system for backup/restore, disaster recovery, and mobility of Kubernetes applications. Policy-driven and extensible, K10 provides a native Kubernetes API and includes features such as full-spectrum consistency, database integrations, automatic application discovery, multi-cloud mobility, and a powerful web-based user interface.
Kasten’s key features
- Immutable object storage backups, enabling users to specify the retention period so the backed-up content cannot be altered during that time period
- Policies to automate data management workflows such as combining actions like snapshots with a frequency or schedule and retention period
- Can be activated to protect against ransomware in minutes
- Self-service portals work across multiple clusters to allow authorized users to perform backup and recovery actions on just their applications without going through approval processes
- Offers a variety of target stores, including Amazon S3 and MinIO, that support immutability
- Kasten K10 integrations for ransomware protection provide deployment flexibility of cloud and on-premises
- Integrated with a variety of primary storage and Kubernetes distribution options so users can control where their applications reside and operate
Druva provides cloud data protection and management. Its Druva Compass Partner Program for MSPs aims to minimize the infrastructure MSPs need to deliver data protection and backup services, with ransomware protection included.
Druva’s key features
- SaaS-based delivery model offers a zero-touch onboarding experience with no infrastructure to maintain
- A service center console gives partners the ability to manage service levels with customizable plans, gain visibility into storage consumption across customer accounts, and review customer health in real-time
- Improved time to revenue through a zero-touch, fully-SaaS experience, where MSPs can onboard new customers in as little as 15 minutes
- Rapidly meet new tenant workloads
- Scale customer needs up or down
- No hardware to maintain or support, less front-end design expense, and no stranded assets
- Platform meets security and compliance requirements such as SSAE18 SOC2 Type II compliance, FedRAMP, FIPS, HIPAA, GDPR, TRUST-E, and APPI
MSP360, formerly Cloudberry, provides solutions for MSPs to protect Windows, macOS, and Linux endpoints as well as Microsoft 365 and G Suite accounts with secure data backup solutions and fast restore in the event of a ransomware attack. MSP360 Managed Backup Service (MBS) is built from the CloudBerry Backup technology, integrated with Amazon Web Services, Microsoft Azure, Google Cloud Platform and many S3-compatible or OpenStack-based cloud storage services.
MSP360’s key features
- Centrally manage and monitor hardware and software performance of IT assets
- Quickly start a remote session for immediate endpoint access
- MSP360 Managed Remote Desktop is a secure and scalable remote desktop solution for MSPs and internal IT teams
- Securely access and control desktop and server computers as well as monitor and manage all remote connections in a single console
- MSP360 Managed Backup supports all major public cloud storage providers, including AWS, Microsoft Azure, Backblaze B2, and Wasabi
- Set it and forget it with easy-to-manage backup and recovery
- Fast recovery to existing hardware or Amazon EC2, Azure VM, VMware, Hyper-V
- Rebrand MBS as the service of the MSP
The Barracuda Backup-MSP appliance is an all-in-one, subscription-based solution that simplifies data backup and recovery from advanced threats, disasters and human error. Also available in a virtual version, the appliance can serve customers running physical, virtual, and multi-site environments from a centralized management console.
Barracuda’s key features
- Defend against ransomware, disasters, and malicious destruction
- Quickly recover files encrypted by ransomware
- Eliminate malware, delete bad files, and restore them from a recent backup
- Hardened Linux OS is less vulnerable to threats than Windows-based backup solutions
- Data is protected in transit and at rest in the remote location by 256-bit AES encryption
- Multiple recovery and offsite replication options
- Barracuda LiveBoot provides fast and easy recovery for on-premises VMware environments in cases where primary storage is lost or no longer available
- Cloud LiveBoot provides fast recovery for both VMware and Hyper-V virtual machines
- Models range in capacity from 1 terabyte to 112 terabytes
- Backup solution includes all hardware, software, backup agents, and redundant storage needed
N-able Backup can scale with the growth of MSP customers and turn backup services into a driver of profitability. It protects data wherever it is, helps minimize human error, outsmarts ransomware with direct-to-cloud backups, and makes it easy to back up more frequently and archive data longer at no extra cost.
N-able’s key features
- N-able also offers a full-featured tech stack with integrated monitoring, management, security, and ticketing
- The N-able Solution Provider Program enables the resale of backup and data protection solutions
- Offers programs for emerging MSPs, growth MSPs, enterprise-class providers, and internal IT departments
- You can improve your customers’ IT efficiency through remote monitoring and management from a cloud-based dashboard, including patch management and advanced automation
- N-able RMM offers out-of-the-box monitoring, management, patching, and automation
- Cloud-first solution designed to help make it easy to back up and restore data and full systems across multiple locations
NovaBACKUP Cloud (formerly xSP) is an all-in-one MSP backup and recovery services solution created to make data protection easier and more reliable for service providers.
NovaBACKUP’s key features
- Its team has decades of experience in helping data backup service providers and partners provide MSP backup solutions
- Offering hybrid data protection with local and managed cloud backup services options for Windows systems, Exchange, MS-SQL and virtual machines with remote monitoring
- Two ways to store customer data: in your own self-hosted private cloud or in the NovaBACKUP hosted cloud
- Deploy quickly
- Easily manage all clients from a single interface
- Client NovaBACKUP software licenses are included (you pay for the compressed cloud storage across all accounts)
Data Protection Business Model Requires Nuanced Approach for MSPs
MSPs with Data Protection Expertise Are in Demand
Starting an MSP Backup and Recovery Service: IT Partner Options