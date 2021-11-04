



The harsh reality is that the ever-increasing epidemic of ransomware has prevented many organizations from protecting their hybrid cloud infrastructure from malicious individuals moving from one cloud platform to the next in search of backed up data. Became clear. Unprotected hybrid cloud infrastructure leaves valuable data and applications, including Microsoft 365, vulnerable to ransomware and various cyberattacks. At this week’s Microsoft Insights event, Rubrik and Microsoft gave an example of how collaboration is blocking ransomware attacks and compromise attempts.

Success with Zero Trust Cloud Management

Properly achieving hybrid cloud security at the large infrastructure and platform level is difficult. At a minimum, a zero trust cloud management system or platform should be designed on top of a strong authentication, authorization, and accounting (AAA) framework or cybersecurity model. AAA is essential to the success of the Zero Trust Hybrid Cloud Security Platform. It also requires support for federation authentication and multi-factor authentication (MFA) using single sign-on (SSO). It also requires fine-grained, detailed role-based access control to define support for least privileged access and identity access management (IAM). Adding the need for built-in usage activity audit logs to this introduces a framework for what a true zero trust hybrid cloud management system would look like.

Rubriks’ Zero Trust architecture is designed to excel in each core area and has proven to be reliable in Microsoft Azure deployments. In August, Microsoft invested in Rubrik to accelerate its ongoing efforts to protect Microsoft Azure customers from ransomware attacks, repeatedly attempting to compromise the Azure platform and steal data. In the investment, Microsoft has promised to share market development activities and co-engineering projects to provide an integrated zero trust data protection solution built on Microsoft Azure. At this week’s Ignite 2021 conference, a product demonstration will show how tightly Rubrik and Microsoft 365, Azure, and other products are integrated.

As seen in today’s Ignite presentation, Rubriks, an ongoing co-development with Microsoft, delivers solid results. Rubrik can scale up to protect any number of Azure VMs, managed disks across hybrid cloud configurations, secure Microsoft Exchange, OneDrive, SharePoint, and Teams. The following figure illustrates how Rubrik and Microsoft integrate their infrastructure to fill the gap created by hybrid cloud configurations.

The more secure your cloud data, the easier it will be to recover

Rubrik uses the customer supplier key to write data to Azure in an encrypted state, encrypting in-flight and remaining data. The Rubrik platform does this to protect data from attackers and unauthorized administrators by requiring both Rubrik privileges and the organization’s encryption key to unlock the data. In addition, to protect the data stored in Azure, Rubrik requires everyone trying to access anywhere to have a secure key from Azure Key Vault. The big advantage of the Rubrik-Azure partnership is how well these workflows can handle hybrid cloud configurations, whether or not all clouds are running Microsoft Azure.

Notable about the advances Microsoft and Rubrik have made today are the following key points about the Zero Trust architecture, DataGuardian. The core technology set is being integrated into the Azure architecture.

Their immutable data platform is shutting down ransomware attempts The data managed by Rubrik is not available to clients in a read / write state. This is true even during a restore or live mount operation. In addition, the data cannot be overwritten, so infected data later captured by Rubrik will not infect other existing files or folders. The declarative policy engine can be appropriately extended in Azure deployments. Rubrik allows administrators to abstract the low-end tasks needed to build and maintain data protection and focus on adding value at a more strategic level across the organization. As the working threat engine Rubrik collects each backup snapshot metadata, it leverages machine learning to get a complete picture of what’s happening in the workload. Deep Neural Networks (DNNs) are trained to identify trends in all samples and classify new data by similarity without the need for human input. As a result, Rubrik helps detect anomalies, analyze threats, and accelerate recovery with just a few clicks. Secure API First Architecture Having an API-driven architecture means that every action in the Rubrik user interface (UI) has a corresponding API that can be documented and used.

All of these factors combine to streamline the recovery process in the event of a ransomware attack. The following figure, shared on Microsoft Ignite today, shows how to do this.

Hybrid cloud configuration requires abstract thinking

Protecting a hybrid cloud configuration is equivalent to enrolling in a graduate degree program in computer science or mathematics. The challenge requires the ability to see abstract concepts, integrate them, extend them all, and provide reliable and correct answers at the same time. Rubrik and Microsoft show that they have solved the pressing challenges of hybrid cloud configurations. Moving into a more chaotic world, CIOs and chief information security officers (CISOs) are faced with legacy apps and platforms that don’t work well with today’s security and enterprise computing standards.

