Scanning For Security Misconfigurations & Vulnerabilities

Securely Configure Your Rubrik Data Protection Environment

Rubrik offers a number of great capabilities for the security of the backup management and data planes.

However, it’s up to you to configure them correctly in a secure manner, and continuously validate that Rubrik clusters remain hardened, non-vulnerable, comply with industry standards and adhere to organization-specific security baselines – even after changes are made to the backup environment.

In addition, To truly secure your data protection environments, the entire data protection environment must be hardened – including Rubrik and connected systems – backup destinations, archival locations and primary storage systems.

Watch the demo

Filling an Urgent Gap in Rubrik Data Protection Environments

Weak security settings and vulnerabilities can be exploited by attackers to compromise your Rubrik systems and impact your ability to recover data after a cyberattack.

Similarly, security misconfigurations and vulnerabilities in production storage systems and archival locations for Rubrik backups can be exploited by malicious actors to harm production data and the recovery plan.

Configuration drift results in backup and storage systems being non-compliant with your organization’s security baseline, vendor’s security guidelines and industry standards.

For comprehensive security of backup and storage systems, Rubrik clients need to:

Ensure their primary and backup data (content) is intact, free of malware with a variety of tools (antivirus, file analysis, anomaly detection, etc.)
Ensure their storage and backup infrastructure configurations are hardened and non-vulnerable with a variety of tools (network vuln scan, configuration compliance, authenticated scan).

Non-secure infrastructure configurations make backup and storage systems vulnerable to attacks, and consequently risk all primary and backup data stored on them. Over time, knowledge gaps and configuration drifts fail even the most robust systems, and give cybercriminals opportunities to exploit weaknesses. StorageGuard assists enterprises in dealing with this significant challenge.

StorageGuard

StorageGuard assesses the security configuration of your Rubrik environment, ensuring it is hardened, and complies with industry and security standards. This includes:

Validating the security of all backup targets: disk storage systems, NAS, Cloud and Tape that connect to your Rubrik environment – for example NetApp, Pure Storage, Hitachi Vantara’s VSP Storage, Infinidat, IBM Tape Solutions, and other Rubrik partners.
Validating the security of all primary storage systems that are involved in the data protection process through snapshot-based backup or other means, such as Pure Storage FlashArray and FlashBlade snapshots, PowerMax snapshots, NetApp, and others.

For the first time, get complete visibility of security risks across these mission-critical systems, and reduce your vulnerability to ransomware, hackers, or malicious insider attacks.

Examples of checks for Rubrik

Backup data immutability
Backup isolation
Malware protection settings
Repository hardening
Secure backup storage access
Cryptography strength

Audit logging retention and forwarding
Use of secure protocols
Data at-rest & in-transit encryption
Secure user management
Session security
And many more…

Benefits

Ensure your Rubrik and backup storage systems are continuously hardened to withstand cyberattacks

Validate whether your Rubrik and backup storage environments adhere to security & industry best practices

Easily remediate security misconfigurations and vulnerabilities for all your backup and storage systems

Prove audit compliance with ISO, NIST, PCI, CIS Controls, etc.

Complement your data security capabilities by ensuring your backup and storage systems adhere to ransomware protection best practices

See StorageGuard in action

Watch a 40-second tour of StorageGuard, and discover how to eliminate blind spots in your storage & backup systems.