With the continuous maturity of the Lesssson virus, the network threats have been spread globally. In particular, in the last two years, the number of attacks in the annual lessifirus has been significantly improved over the previous year, and it is more intense. In 2021, the lessif attack still did nothing to sit on the network threatened the first chair. For enterprises, the data is attacked by a problem and sooner or later, and it can’t be happy. If you don’t want to pay a ransom, you must prepare the data protection strategy and technology in advance.


At the same time, the threat is not just from the outside. According to recent media reports, domestic IT administrators’ malicious deletion was caused by internal IT administrators, which could not land in the company. After the incident, the IT administrator destroys the crime of computer information system, and a trial was sentenced to seven years in prison. It can be seen that corporate data protection requires internal and external repair, one hand to prevent external threats, one hand to control internal management, prevent the fort in the case of breaking from internal.

From a global perspective, the data security threats facing enterprises mainly include the following five cases, using the CommVault data management solution, which can effectively challenge data security.

Threat 1: Lesssso software will back up the data as an attack target

In this case, CommVault recommends ensuring that the backup volume is safe, and any administrator does not have the right to modify it. Modifications can only be modified only through the CommVault verification process. At the same time, digital signatures are performed on the CommVault binarily, and the COMMVAULT components are required to conduct certificates authentication, and the backup volume security can be further enhanced.

Threat 2: Les

Safety authentication is performed by means of multi-factor controls, controlling its access according to user roles and requirements. Data encryption and has external key management support. Decision using four eye principles (ie at least two people) on the process, preventing malicious destruction that may occur.

Threat 3: Administrator malicious access to backup data

In addition to using the above four eye principles and access to user roles, each access and change will be recorded, and all critical data changes will issue a system reminder. Privacy lock technology allows administrators to see or restore sensitive personal data to achieve the purpose of protecting the above data security.

Threat 4: Administrator accidentally deleted

All controls for preventing threat factors and malicious administrators will also play a role in this case, eliminating the possibility of malfunction of administrators.

Threat five: safety compliance

Enterprises must comply with relevant legal provisions to ensure data security. In order to achieve compliance goals, companies usually keep log files for a long time. All files from the server, endpoints, and network devices need to be saved separately outside the regular backup policy.

In short, enterprises must reach the data protection goals and achieve “recovery” is important. The so-called recovery is to refer to enterprises to assess their recovery inventory, so that problems and correct issues can be found in time. By automatic testing to verify its data and business applications, continuously strengthen the security barriers of the company, thereby increasing security and reducing risk. At the same time, data protection requires deployment multiple security policies, and be sure to ensure that key task data can withstand specific attacks for the primary copy and backup copy, and the data recovery process is fully automated without complex operations.

In addition to the above data protection strategies, it is also necessary to increase monitoring and detection functions as supplements for security software. With the machine learning algorithm, you can detect an exception in file activity, and adopt honeymas technology can provide an early warning of potential lens software attacks. These features can help companies identify threats as soon as possible without increasing additional cost or management.