How Auto.Sky helps protect your data

In the past few years, several companies have reported a type of attack blocking the utilization of their databases. The attacker obtains access to the database service and encrypts the information with their own key. To restore access, the true owners of the data have to pay a ransom, usually in the form of cryptocurrency that is hard to trace. This is RANSOMWARE.

Much noise has been generated in the security market spreading raising concern in the IT world. However, we are just facing a new and smarter way to monetize on the same forms of intrusion that have plagued corporate infrastructure for years. Instead of causing system malfunctions or stealing information, this attack causes more damage by preventing the company to access the most valuable asset in the network, the company’s data.

It is important to note Ransomware gets through software exploring the common attack vector such as phishing, infected emails, social media or any source of malicious code that runs inadvertently in a machine with access to a database. It turns out that on-premise installation of ERP software on user computers is a great door to access the company database. Any user infected can potentially pave the path to  a successful ransomware attack.

The usual forms of protection such as anti-malware and anti-virus are certainly important to prevent such attacks, but at times,it is difficult to be prepared against malicious code exploring system vulnerabilities or hidden in malicious messages (i.e. online ads). It is important to follow best practices in security in order to prevent these attacks. This includes technical measures as well as security procedures while dealing with database access.

Another important measure is retaining multiple copies of the database backup from the past few weeks. This will not prevent you from experiencing the attack, but mitigate its damage since a backup may be enough to recover your data. The attack must still be identified and the vulnerability fixed in order to prevent any further attacks.

Virtualized Environments

There is another way to significantly reduce exposure to such attacks by virtualizing your ERP environment in a platform such as Auto.Sky. The virtualization occurs when your ERP software is effectively running in a cloud environment and the only thing passing between the user and the remote ERP software are rendered screens. Any malicious code that might infect the user’s computer does not have the regular accesses to the remote ERP software meaning it cannot easily reach the remote network. The virtualization creates a huge barrier isolating local computers from the remote ERP and protecting the cloud environment.

Backups

Auto.Sky also automates the backup procedures and retains multiple snapshots from the database from the past few weeks. In the case of any incident, the database can be promptly  restored.

In the Auto.Sky environment the ERP is kept completely protected by the use of strong authentication, firewall filters and network encryption limiting external traffic to the user connections or strictly allowed external integrations.

By keeping the ERP in the cloud isolated from the user’s email or downloaded files, Auto.Sky adds another layer of isolation. This protects companies from the common attack vectors and assures a more secure environment for their data.