These low-level APIs are restricted to internal use only so external actors can never access Rubrik-managed data directly. The API Gateway also integrates with popular SIEM and SOAR tools to drive collaboration between IT operations and security operations teams to quickly scope attacks and accelerate the recovery of applications and data.įor internal system communications, the API Gateway uses low-level APIs in combination with Rubrik proprietary protocols. All API communications are secured by role-based access controls and API security tokens.Įxternal REST-based APIs support integration into the larger IT environment, helping to automate backup and recovery operations. This means that any operation executed via the Rubrik UI can also be automated through platform APIs. The Rubrik platform is built with an API-first architecture. Control Plane API GatewayĭataGuardian includes an API Gateway that manages all internal and external data operations and enforces proper security controls against all data access attempts. DataGuardian is proprietary to Rubrik and applies robust security capabilities across the control and the data plane. The Rubrik architecture combines user and employee risk management, a secure data layer, compliance, and data intelligence capabilities to protect backup data and ensure organizations are prepared to recover from an attack without paying a ransom.įigure 1: Rubrik Zero Trust Data SecurityĪt the core of Rubrik Zero Trust Data Security is DataGuardian, a set of purpose-built technologies designed to protect backup data so that you have a reliable and resilient recovery point from which to restore applications and data. Rubrik Zero Trust Data Security™ is a proprietary architecture modeled after the NIST (National Institute of Standards and Technology) Zero Trust Implementation Model. Even when authorized access is granted, Zero Trust mandates that users are given only the privileges necessary for their role and the specific task. In other words, trust no one and verify everything. All attempts to access data are considered possible threats. When Zero Trust is applied to data management, all users, devices, and applications are presumed to be untrustworthy. This requires implementing an important security principle known as Zero Trust. If your backup data is being targeted, then your security must start at the point of data. What steps can organizations take to reduce their risk and ensure that their backup data can serve as the last and best line of defense? With ransomware threats becoming more sophisticated, attackers are now targeting backups, leaving many organizations without a clear recovery strategy. It looks like we’ve been hit by ransomware.” More than likely, your first questions are, “What about our backups? Can we recover?” Unfortunately for many, the answer is, “No. “Our systems are locked, and we can’t access anything. and you get that call you hoped you’d never get.
0 kommentar(er)
