As backup and recovery products and solutions evolve, they are beginning to intersect with security and compliance. Online backup and recovery software company Asigra has announced a new version of its software that addresses the risks posed by ransomware and non-compliance with Article 17 of the European Union\u2019s General Data Protection Regulation (GDPR). Both should be a concern for organizations of all sizes, from global enterprises on down to small\/medium businesses.\nLet\u2019s take a look at the new capabilities that Asigra is bringing to market with the version 14 release of its Cloud Backup software, and why these capabilities are an important evolution in backup and recovery.\nRansomware has certainly become a huge threat over the past few years. It\u2019s predicted to become a $11.5 billion global \u201cindustry\u201d by 2019, according to Cybersecurity Ventures, and anyone can become a target. Asigra describes how the ransomware attack techniques have become more sophisticated over the years.\n\nIn the early days of ransomware attacks, the bad guys would plant a virus on a desktop or somewhere on a network, and once it was detonated the malware would encrypt all the local data. Victims who were smart enough to have a recent data backup could recover without the paying the ransom. Those victims without a backup had little choice but to pay up to unlock their data. Seeing they were missing out on revenue opportunities, the attackers upped the stakes by also destroying backups when they encrypted the primary data. In defense, IT administrators took to creating multiple backups, one of which was kept offline to ensure there was always at least one way to recover lost data.\u00a0\nBut attackers took another step in this cat-and-mouse game. Asigra describes the latest malicious tactic as \u201cAttack-Loop.\u201d In this scenario, the bad guys attack the backup software itself, often through well-known APIs in the backup software applications. Now when the malware lands on a network, it sits there quietly for several months. In the meantime, the organization is creating its regular backups, including the air-gapped backups that will be stored offline. The problem is the malicious software is also getting backed up each time until it is propagated throughout every possible recovery version. After many months, the malware detonates and encrypts the primary data. When the administrator performs a restoration from backup, he\u2019s bringing back the malware, which detonates again, thus creating this endless loop of restoring the malware to the production environment. It\u2019s difficult to end the loop because it\u2019s unknown when the original infection took place, and how far back the company has to go to get a clean version of its data.It's a very clever and nefarious kind of an attack.\nAnother attack technique involves looking for well-known names of the backup repository directories \u2014 typically something like \/BAK \u2014 and deleting all the files in that directory, thus making a recovery from backup impossible.\nThis is where backup and security meet to combat the latest threats from ransomware.\nBackup and security join forces\nAsigra addresses the Attack-Loop problem by embedding multiple malware detection engines into its backup stream as well as the recovery stream. As the backups happen, these engines are looking for embedded code and use other techniques to catch the malware, quarantine it, and notify the customer to make sure malware isn\u2019t unwittingly being carried over to the backup repository. On the flip side, if the malware did get into the backup repositories at some point in the past, the malware engines conduct an inspection as the data is being restored to prevent re-infection.\nAsigra also has added the ability for customers to change their backup repository name so that it\u2019s a moving target for viruses that would seek it out to delete the data. In addition, Asigra has implemented multi-factor authentication in order to delete data. An administrator must first authenticate himself to the system to delete data, and even then the data goes into a temporary environment that is time-delayed for the actual permanent deletion. This helps to assure that malware can\u2019t immediately delete the data.\nThese new capabilities make it more difficult for the bad guys to render the data protection solution useless and make it more likely that a customer can recover from an attack and not have to pay the ransom.\nA certificate to verify GDPR compliance\nAnother new feature that Asigra has incorporated into its Cloud Backup is the ability to address the Article 17 \u201cRight to Erasure\u201d provision of GDPR, also known as \u201cthe right to be forgotten.\u201d This EU privacy requirement allows an individual to request that a data controller (i.e., a company that possesses personal data pertaining to individuals) remove all records pertaining to that specific person if it is feasible to erase them. This certainly includes production data, and by most interpretations of the regulation, backups as well.\nAsigra consulted with the Information Commissioner\u2019s Office (ICO) in the United Kingdom to determine what an effective response would be to a request to remove an individual\u2019s personal data. Based on that discussion, Asigra created a certificate that is generated by its backup recovery software that addresses when an original file was backed up, how long it was kept, how many generations of file backups exist, who deleted it, and when it was deleted. This certificate can then be given to an ICO to verify that the data controller has made a best effort to comply with the individual\u2019s request to have his or her data erased.\nBig penalties for non-compliance with GDPR go into effect May 25, 2018, and this certificate is one more tool that organizations can use to prove they are making an earnest effort to comply with the regulations.\nThese capabilities to combat ransomware and to comply with GDPR are good examples of how backup and recovery solutions are evolving to provide extra value to customers beyond simply backing up data and restoring it when needed.