5 Ways to Block Ransomware with CentreStack's Miyagi Defense

By -


The Karate Kid was one of my favorite childhood movies. Sure, it's a typical American underdog story but do we really care? And who can forget Mr. Miyagi's iconic quotes? One that has always stayed with me is, 

"The best block is no be there".  

Whether you share my opinions about the movie, or not, I hope you can appreciate that Gladinet has adapted Mr. Miyagi's simple genius to prevent ransomware infections from endpoints by keeping them off the corporate network. Because of its historical use as a multi-tenant productivity platform by MSPs, CentreStack's ability to supercharge remote access security is often an afterthought. So let's focus on some major security benefits of the platform's unique approach to secure remote access

1. Reduce Attack Surface By Keeping Unmanaged Endpoints off the Corporate Network

According to a security FAQ from Berkely, "Ransomware is often spread through phishing emails that contain malicious attachments or through drive-by downloading. Drive-by downloading occurs when a user unknowingly visits an infected website and then malware is downloaded and installed without the user’s knowledge."

This highlights one of the problems with the increase in remote and hybrid workers is that they may use devices that have been compromised through drive-by downloading. In other words, every remote device is a potential attack vector that can be leveraged by those with nefarious aims. 

But if we can keep these devices away from the corporate network, we've significantly reduced the attack surface since the attack vector will "no be there". This is accomplished by Gladinet's 3-tiered architecture and its ability to provide mapped drives over HTTPS.

How does HTTPS Drive Mapping Block Unmanaged Endpoints?

End users get a mapped drive that mimics onsite behavior. Simultaneously, the corporate network is never exposed to the unmanaged endpoint since it can only connect to file shares the user can access. Furthermore, access can only occur via an HTTPS connection to the CentreStack server in the DMZ (the safe area between the external and internal firewalls). There is no direct connection to the internal network!

The user feels that they are still working on the corporate network (with help from technical tricks like smart caching of frequently used files and data compression), even though the device is never allowed to access the corporate network.

Besides this ability to virtually eliminate the threat from devices used for remote access, CentreStack provides several ways to dodge ransomware threats and improve overall network security. The following are a few important examples.

2. Block Ransomware with Behavioral Heuristics

CentreStack provides file versioning and behavioral heuristics to guarantee your files can never be held hostage by ransomware. The behavioral heuristic can be configured with a file change frequency threshold. If a device changes files faster than that, it will be quarantined. The simple idea is that any crypto-ransomware will have to change lots of files faster than humanly possible to be effective. So we simply define a threshold for human behavior and quarantine and device that crosses that threshold. It's a simple idea that is extremely effective. 

3. Vaccinate Your Files with Versioning and Never Pay for Ransomware

For example, admins can choose to automatically quarantine any device which changes more than 20 files in a 10 minutes window. This limits the scope of impact for crypto-ransomware to 20 files. And since CentreStack provides file versioning, these files can be quickly restored to their previous state. This works because CentreStack creates file versions that remain inaccessible until restored. 

4. Control Unmanaged Endpoints with Device Management and Access Policies

CentreStack provides location-based access policies that can change the access rules for a user depending on where they are accessing their files. For example, they may only get write-access when they are physically present in the office. The management console also provides policy-based administrative controls that include: 
  • STOP EXECUTABLES: The ability to stop executables and zip files from being run from the mapped drive.
  • AUDIT TRACING: Auditing and reporting to keep track of any suspicious behavior and all file changes.
  • ENDPOINT PROTECTION: Endpoint encryption, remote wipe, and other data loss prevention features 

5. Maintain Data Control and Sovereignty By Keeping Data On-Premises

Finally, CentreStack can be installed on-premises and keep all data on-premises to avoid exposure from migration to the cloud and maintain data sovereignty when data is too sensitive to be allowed into the public cloud. 

What about Zero Trust Network Access Solutions?

Zero Trust Network Access solutions provide compelling benefits, but ultimately devices will have access to the corporate network. CentreStack takes the idea of least privilege to the next level by saying that you don't even need to be connected to the network if you're just accessing files. And it does so while simplifying and modernizing secure remote access. ZTNA platforms will improve the security around remote endpoints but usually won't do much to enhance productivity and usability - especially for mobile use cases.

For more information, please schedule some time for a discussion or demo.


Comments

Post a Comment

Popular posts from this blog

7 Biggest Limitations of SharePoint Online And How to Fix Them

By -
Image
SharePoint benefits encourage businesses to migrate their file server data online. However, there are at least 7 limitations of SharePoint Online and OneDrive that need to be effectively addressed to reduce migration costs and eliminate OneDrive sync failures. In this article, we'll identify some of the common issues that complicate SharePoint migrations and ways to simplify the migration and solve the issues. Here's a list of common issues: 5,000 item limit in a document library 100,000 item sync limit for the OneDrive client NTFS permission reorganization requirements Maximum name length limitations Prohibitive costs of data reorganization 93 day recycle bin threshold Lack of support for legacy application data (databases, etc…) Obviously, you may not hit every issue in each migration but migrator beware if there's a lack of awareness of how these limitations could impact user experience, productivity, and cost. A Real-World Example Before we discuss each of these items
Read more

Access and Backup to HP Cloud Storage

By -
Image
Today HP moved its cloud services to public beta. Gladinet has been working closely with HP Cloud Service since private beta to provide product integration support. Gladinet is also announcing today the support of HP Cloud Storage service with the full Gladinet Suite of products. In the latest Gladinet Desktop Client, you will see the HP Cloud drop down, which allows you to attach your HP Cloud Storage account into Windows Explorer as a mapped network drive. At the next screen, you can enter the related HP Cloud account information.
Read more

Optimizing 3D Rendering and AutoCAD Performance in Remote Work Environments

By -
Image
Introduction: The Challenge of Remote Work Whether you are a design company or an architecture firm , you'll find that managing large 3D and AutoCAD files across remote team members creates performance and collaboration issues. This article introduces CentreStack as the one-stop solution for transforming your remote work experience. Identifying the Obstacles in Remote 3D Rendering and AutoCAD Usage The Challenge of Distance Data must traverse long distances when working in separate locations, introducing latency issues that hamper real-time collaboration. The Burden of Growing Files Technological advancements in 3D rendering tools and AutoCAD have led to larger file sizes, making performance even more of a challenge. The Downside of VPNs and Cloud Storage Solutions Traditional VPN technology has become more sluggish over time despite hardware upgrades or additional bandwidth. Common cloud services like Dropbox, Google Drive, and SharePoint aren't optimized for AutoCAD file typ
Read more