Asigra Tigris | Deep Six Security Architecture

Stop Hiding From Ransomware.

Hunt It.

Ransomware attackers know that a good backup means a bad payday. That’s why Asigra Tigris has the world’s best backup security with six core functions to keep your client's data protected.

Hunt Down Ransomware and Malware Before the Attack-Loops™ Begin

Cybercriminals increasingly implant trojan horse malware months before a ransomware attack is initiated to prevent you from using your backups as a defense against them.  

Asigra Tigris uses bidirectional malware scanning to prevent this. Two scans are done. The first is during backup - all files are scanned, and if malware is found, the file is quarantined. 

tigris-deep-six-security

If a ransomware attack occurs and the production environment is encrypted, restoring a clean version of the data is critical.

Tigris performs a second ransomware scan during the restore process. This second scan remediates infected files and quarantines ransomware that had been previously dormant before it has a chance to re-infect the production environment.

Detect Deeply Embedded Threats in Multilayered Files with CDR Scanning

Cybercriminals are continuously adapting their methods to infect your systems with ransomware. The new breed of attacks includes deeply embedded executable objects hidden in everyday documents like PDFs, Office macros, and media files that even advanced antimalware scanning can miss.

Content Disarm and Reconstruction (CDR) is an innovative feature that deconstructs documents and strips them of any potentially malicious code.  Then, the file is reconstructed back into a functional file without the embedded threat

CDR is relatively new to security practices and typically deployed at the gateway to catch incoming files, but it only takes one file getting past your “secure” front door to start an attack.

Asigra Tigris is leading in secure backups by including CDR as part of the backup and restore process to ensure that backed up or recovered files are safe.

You can scan your backups for potentially malicious or unauthorized content based on predefined policies. Active content is reported on during the backup process and filtered, blocked, or removed during the restore process based on your desired policy.

Prevent Backup Attacks Using Stolen Credentials with MFA and MPA

If attackers are able to gain access to administrator credentials by phishing,  then they can do direct damage to your backup settings and files.   

Multifactor Authentication (MFA) provides an extra layer of access security that requires users to authenticate when they log in or attempt to perform a potentially destructive action that can lead to a loss of data, like the deletion of backup repositories. It also enables password-less access to the Management Console and supervisor authorization for specific activities.

Multiperson Approval (MPA) complements MFA by requiring additional individuals to agree to an action by another user that can result in the loss of data.  Tasks that require MPA are configurable at the account level and a threshold can be set to determine how many additional approvals are required before the task may be completed.   

Security Through Repository Name Obfuscation

If attackers get access to the storage repositories in which your backup jobs are stored, they may be able to directly identify your backup jobs through commonly known file name structures.

Traditional backup software uses predictable file naming patterns to store backup job files, and experienced attackers know to search for these patterns.

Asigra Tigris uses a variable naming convention that obscures the identity of backup files from attackers, preventing them from finding and hindering your ability to recover from an attack.

When All Else Fails, Fool the Attackers

In the unlikely event that an attacker can gain access to the Asigra Management Console, you can interfere with their ability to permanently delete backup data.

With Soft Delete, the admin console will report that a backup job deletion attempt has succeeded, but a copy of the deleted backup job remains available for recovery by backup admins.  

True deletions require a two-step process that is hidden from attackers unfamiliar with your backup console.  

Protecting Against Double and Triple Ransom Threats

An increasingly used tactic is for attackers to not only encrypt data but download a copy for themselves to use as a secondary ransom threat. If the ransom isn’t paid, they threaten to release the unencrypted data on the dark web.

While attackers may target your primary data storage repositories, your backup data is also a target and, without sufficient protection, may be easier to steal from than your primary storage.

Asigra Tigris prevents backup data from being used for this purpose by using strong AES-256-bit encryption in-flight and at-rest.

While attackers may target your primary data storage repositories, your backup data is also a target and without sufficient protection may be easier to steal from then your primary storage.

Asigra Tigris prevents backup data from being used for this purpose by using strong AES-256-bit encryption in-flight and at-rest.

long-rectangle-advanced-ransomware
hex-quote-mark

 

Asigra is the best kept secret in the market. More  people need to find out that there is a way to reliably recover from ransomware. We have found the Attack Loop service is one of the most effective methods for combating ransomware. It ensures data is checked consistently for zero day malware as it contaminates Windows and 365 data.”
Mark Saville Data2Vault

Helpful Resources