AD and Entra ID are central to providing secure authentication for your business, and enabling its recoverability is critical. If AD data becomes corrupted or the directory itself is unavailable, it can severely impact line-of-business applications and processes, blocking user access to vital systems and resources. Without AD, the business cannot continue. Given the stakes, it’s crucial to be ready for the various disasters that could impact AD.

AD Disasters Can Vary in Size, Scope  

AD disasters span a wide spectrum, whether accidental or malicious. They can be as minor as the accidental deletion of an individual object to the deletion of an entire organizational unit hierarchy. In worst-case scenarios like schema corruption or ransomware, the entire domain or forest may need to be recovered.

These scenarios emphasize the need for robust recovery strategies. In this post, we’ll tackle recovery from smaller disasters like accidental deletions. Stay tuned for Part 3 of our series to learn about forest recovery.

Navigating Granular Disasters

Behind all the technology keeping our systems running, there are humans. With multiple administrators typically having permissions to AD and the scripts and automation they use to keep the data in AD up to date, mistakes will happen.

Let’s say you’re deleting a user who has left your company – a pretty routine task. But let’s say you delete the wrong user. Now, that user’s productivity is derailed, and there’s time and cost associated with the remedy. Your business is disrupted, and you might suffer reputational damage if they happened to be in the middle of a critical, time-sensitive project.

And that user you intended to delete? A disgruntled ex-colleague with access to your systems can do untold damage to your company and your brand. It’s the perfect illustration of why fast, accurate operations are critical to protecting your AD – even for the most basic of tasks.

How Commvault Safeguards Your AD

Commvault® Cloud Backup & Recovery for Active Directory helps protect your AD and Entra ID to minimize loss, downtime, and cyber risk. It provides daily backups of attributes and objects – and fast, granular, and accurate recovery of missing, damaged, or misconfigured objects. Interactive full domain comparisons allow you to easily compare all changes in the AD domain between two points in time, quickly identify the data that needs to be recovered or reverted, and restore it quickly, directly from the report. All of it is designed to enable faster recovery and continuous business.

Single Domain Controller AD Recovery in Cleanroom Recovery

Users now can include a single domain controller in the Cleanroom Recovery group to streamline the recovery process and integrate AD seamlessly. With this new capability, users can recover AD alongside other workloads into a Cleanroom target to quickly restore directory services.

Learn More

For more insights, check out our recent podcast episodes. On The Resiliency Rundown podcast, Commvault Field CTO and Principal Technologist Dan Conrad and host Thomas Bryant discuss navigating AD threats and protections. And on The STRIVE podcast, host Darren Thomson talks about best practices to protect your AD.

Experience the power of Commvault Cloud Backup & Recovery for Active Directory with a 30-day free trial.

The post From Mishaps to Meltdowns: Safeguard Your Active Directory appeared first on Commvault - English - United States.

Two weeks ago, Commvault hosted our second annual SHIFT GSI Partner Summit in Goa, India. This brought together senior executives from the world’s leading global system integrators to examine what cyber resilience means for enterprises rapidly adopting cloud-first strategies and AI-driven technologies to transform their businesses.

The summit offered a unique opportunity for Commvault and our GSI partners to dig into the distinct challenges these organizations face in making their hybrid cloud environments cyber resilient and how resilience is evolving to keep pace with an always-on, always-available business world. Commvault was excited to have Cognizant, HCLTech, Infosys, Kyndryl, Tata Consultancy Services, Tech Mahindra, and Wipro participate in the two-day summit.

We also were thrilled to have the marquee sponsorship of Amazon Web Services, Hitachi Vantara, and Microsoft Azure. Their insight and perspectives on the industry enriched participants’ appreciation of the dynamic nature of today’s data environments and underlined the importance of a strong partner ecosystem in staying ahead of cyberthreats, regulatory compliance needs, and disruptive technologies.

Redefining cyber resilience

Commvault senior leadership walked partners through our recent cyber resilience solution announcements. These highlighted Commvault Cloud’s flexibility to secure, scale, and manage data environments to the specific needs of enterprises’ hybrid and multi-cloud environments. We shared announcements surrounding cloud-native protection for next-generation AWS, Azure, and Google workloads while strengthening resilience for data at remote sites and in data centers with Hyper Scale X.

We also dove into how cyber resilience is being redefined and why testing recovery plans in an isolated, secure cleanroom environment must be a critical component of demonstrated cloud cyber resilience. This commitment to helping customers with continuous business was further strengthened by the breadth and depth of innovative capabilities added to our portfolio this fall.

First we launched Cloud Rewind, our latest innovation to automate the discovery, mapping, and recovery of complex, cloud-native, and SaaS workloads across public cloud. Second, we shared how our recent acquisition of Clumio will help customers nearly instantly recover workloads, including AWS S3 data that are vital to next-generation AI pipelines.

Recognizing the power of our partnerships across industries

Our GSI partners took the stage to discuss how our solutions have been incorporated into their cybersecurity, cloud migration, and AI offerings in finance, healthcare, manufacturing, government, and retail. They also shared customer success stories that demonstrate how Commvault has strengthened their cyber resilience and accelerated digital transformation programs.

It was fitting to close the summit by recognizing the importance of our partners’ collaborations and the innovative approaches they have taken to leveraging our solutions. Each has uniquely contributed to the value and industry-leading position Commvault enjoys around the world and is a testament to the strength of our partnerships. 

GSI Partner Awards

Break-through GSI Partner of the Year Award – Cognizant

Cognizant is honored for its unwavering commitment to prioritizing security and cyber resilience in its enterprise solutions and working closely with Commvault to support customers’ most demanding resilience requirements.

Market Builder GSI Partner of the Year Award – HCLTech

HCLTech is awarded our Market Builder Partner for consistently championing Commvault solutions to enable true cloud cyber resilience across hybrid environments in diverse industries and markets. Its VaultNXT offering, powered by Commvault Cloud, exemplifies the power of partnership to address customer needs.

Innovation GSI Partner of the Year – Infosys

Infosys is recognized for its vision in being one of our first GSI partners to adopt Commvault Cloud Cleanroom Recovery as a core component of its Data Resiliency Services. Its on-demand services not only address enterprises’ imperative to protect mission-critical data as they accelerate digital transformation and cloud-first strategies but also illustrate the importance of a cloud-based, simple delivery model.

Momentum GSI Partner of the Year – Kyndryl

Kyndryl is honored for developing a distinctive strategy to protect and recover sensitive data across hybrid environments with Commvault Cloud solutions. Its forward-thinking strategies address current industry demands and anticipate future challenges, setting a new benchmark for collaborative solution development.

Strategic services GSI Partner of the Year – Tata Consultancy Services

TCS is commended as our Strategic Services Partner of the Year for establishing Commvault as a pivotal partner in executing long-term strategies for cyber resilience, compliance, and data management for enterprises across the globe.

Expansion GSI Partner of the Year – Tech Mahindra

Tech Mahindra is recognized for its expansion of Commvault Cloud solutions into high-growth emerging markets and building transformative cyber resilience programs for customers across diverse industries.  

Pathfinder GSI Partner of the Year – Wipro

Wipro is honored as our Pathfinder Partner of the Year for establishing Centers of Excellence (COE) that highlight the imperative for cybersecurity and resilience leveraging Commvault solutions. Its exceptional client wins working with Commvault and the COEs highlight the immense potential for joint innovation with Commvault.

Individual Award

Mountain Mover Award – Ankit Jain, Manager, HCLTech

Ankit brings extensive experience and a deep understanding of the end-to-end cyber resilience solutions Commvault provides in relation to customers’ IT environments. His ability to overcome roadblocks has played a pivotal role in securing numerous significant and complex wins. Commvault celebrates his trusted role in advising customers and advocating for our cyber resilience solutions.

Customer Champion Award – Sukumar Rajamanikkam, TCS

Sukumar is honored with our Customer Champion Award for his unwavering commitment to enabling customer success and satisfaction with Commvault solutions. His expertise with the Commvault Cloud platform and dedication to delivering exceptional customer satisfaction has significantly enhanced our joint customers’ experiences and results.

Spirit of Resilience Award – Satheesh Tammaji and Mohit Jain, Infosys

Satheesh and Ankit are honored for their exceptional ability to inspire change in customers approach to security and cyber resilience. Their strategic positioning of Commvault solutions has transformed customers’ data resilience and ability to move faster in their cloud journeys. 

Our ecosystem of partnerships play an important role in keeping Commvault at the forefront of innovation and anticipating the needs of enterprise customers across industries and use cases. We thank all our partners in making our second annual GSI Partner Summit a resounding success.

Learn more about our GSI partners here.

The post The Importance of Cyber Resilience in a Cloud-First World appeared first on Commvault - English - United States.

Critical First Steps

The first hour after a ransomware attack is so important. Your immediate actions should include the following:

Immediate Response (First 2-4 Hours)

• Containment: Prioritize and disconnect infected systems from the network to prevent further spread. This may involve shutting down servers, disabling network segments, and enabling firewall rules to block malicious traffic.
• Isolate: Physically or virtually isolate critical systems and data stores to limit the impact of the attack.
• Identify & Triage:Triage critical systems by identifying them and prioritizing their restoration on a clean network. Stage these systems for forensic analysis and identify the accounts involved in the breach.

Rapid Followup Response (4-6 Hours)

• Activate: Launch your Incident Response plan (IRP) and assemble your core response team (IT, security, legal, and communications).
• Assess: Identify the scope of the attack, including affected systems, the type of ransomware involved, and any ransom demands.
• Secure Backups: Isolate and verify your backups. Confirm they are offline, inaccessible to attackers, and usable for recovery.
• Communicate: Establish internal and external communication channels to keep stakeholders informed.

Ongoing Actions (0-24+ Hours)

• Document:Meticulously document all actions, observations, and communications. This record will be crucial for investigations and recovery, including post-incident forensic analysis. Thoroughly collect all available digital footprints and logs.
• Investigate: Conduct a thorough investigation to determine the root cause of the attack and identify any vulnerabilities that need to be addressed.

Containing the Damage and Planning Your Response (6-24+ Hours)

Once you’ve taken those first steps, you can shift your focus to the following actions.

• Engage Cyber Insurance: If you have cyber insurance, notify your provider immediately. They can offer valuable guidance, resources, and financial support.
• Report to Law Enforcement: Contact relevant law enforcement agencies, such as the FBI or your local cybercrime unit, to report the incident.
• Enlist Cybersecurity Experts: If you lack in-house expertise, bring in cybersecurity specialists. They can assist with malware analysis, advanced containment strategies, and recovery planning.
• Communication Strategy: Establish a clear communication plan. Keep employees, customers, and stakeholders informed with transparent and timely updates.
• Recovery Options: Evaluate your recovery options documented in your cyber recovery plan. This may include:
  • Restoring from backups (confirm they are accessible, clean, and verified).
  • Consulting with legal counsel about the possibility of negotiating with attackers (proceed with extreme caution).

Recovery and Building Resilience (24-48+ Hours)

The focus of the next 24 hours shifts to actively recovering your systems and implementing measures to improve your security posture:

• Activate your cyber recovery plan. This might involve restoring from backups and rebuilding affected systems. Consider restoring to a cleanroom environment to keep restored systems and data free from any persistent threats‌. Prioritize critical systems and data to minimize downtime and business disruption.
• Strengthen your security measures. Take steps to helps reduce future attacks by patching vulnerabilities, updating security software, and implementing multi-factor authentication. Review your security policies and procedures to identify any weaknesses that may have contributed to the attack.
• Conduct a thorough post-incident review. Analyze the attack to understand how it happened, identify vulnerabilities in your systems, and improve your incident response plan for future events. This review should involve all key stakeholders and lead to actionable changes.
• Consult with legal counsel. Comply with relevant laws, such as data breach notification laws. Explore potential legal actions against the perpetrators.
• Maintain vigilance. Continue to monitor your systems for any signs of reinfection or suspicious activity. The threat landscape is constantly evolving, so adapt your security measures accordingly.

Post-Recovery Actions (Ongoing)

Recovering from a ransomware attack is a significant undertaking, but the work doesn’t end once your systems and data are restored. Post-recovery is an ongoing process that starts within the first 24 hours and continues throughout the recovery journey. Here’s what it entails:

• Immediate Post-Incident Analysis (Within 24 Hours): Begin preliminary analysis immediately to gather initial insights into the attack’s origin, methods used, and immediate vulnerabilities. This early analysis informs urgent security enhancements.
• Ongoing Security Enhancement (Throughout Recovery): Continuously strengthen your security posture based on evolving findings from the ongoing investigation. This may include:
  • Strengthening access controls and authentication measures.
  • Patching vulnerabilities and updating software.
  • Enhancing network security with firewalls, intrusion detection systems, and advanced threat protection tools.
  • Implementing email security solutions to filter malicious attachments and links.
  • Improving endpoint security with antivirus, anti-malware, and endpoint detection and response (EDR) solutions.
• Employee Training (Ongoing): Reinforce cybersecurity awareness among employees through continuous training and education. Focus on topics such as phishing scams, social engineering, password security, and safe browsing habits.
• Policy and Protocol Updates (Ongoing): Regularly review and update security policies and protocols based on new information and industry best practices. Confirm they are aligned with regulatory requirements.
• Backup and Recovery Review (Ongoing): Continuously evaluate and improve your backup and recovery strategy. Check that you have frequent, reliable backups that are stored securely and tested regularly. Consider immutable backups that cannot be altered or deleted by attackers.
• Cyber Recovery Plan Refinement (Ongoing): Regularly refine your cyber recovery plan based on your experience and evolving threats. Identify areas for improvement and confirm that your plan is up to date and comprehensive.
• Ongoing Monitoring: Maintain vigilance and continuously monitor your systems and networks for suspicious activity. Leverage security information and event management (SIEM) tools and threat intelligence to proactively identify and respond to potential threats.

By adopting this ongoing approach to post-recovery, you can continuously improve your organization’s security posture and resilience against future attacks.

Key Takeaways

Cyber Recovery Plan: A well-defined cyber recovery plan minimizes downtime, helps to enable continuous business, and reduces the risk of reinfection. It creates a framework for increasing your organization’s cyber resilience or ability to restore access to functionality of critical IT systems and data in the event of a cyberattack.

• Incident Response Plan: Outlines the steps to take during an attack, including communication protocols, escalation procedures, and roles and responsibilities.
• Cyber Recovery Plan: Focuses on restoring critical systems and data after an attack.
• Business Continuity Plan: A broader plan that addresses how to maintain essential business operations during any disruption, including ransomware attacks.

Act Decisively: The first few hours are critical. Rapid response and containment can significantly limit the damage and improve your chances of a successful recovery.

Learn and Improve: Every attack is a learning opportunity. Conduct a thorough post-incident analysis to understand what happened, why it happened, and how to prevent it from happening again. Continuously strengthen your security posture and cyber resilience.

A Final Word

Navigating a ransomware attack demands decisive action and a commitment to cyber resilience. This starts with developing comprehensive incident response, cyber recovery, and business continuity plans today. Remember that cyber resilience is an ongoing journey. Regularly review and refine your plans, strengthen your security posture, and educate your team. By taking a proactive approach, you can increase your chances of withstanding and recovering from cyber threats. Don’t wait for an attack to happen. Take the first step toward a more secure future.

Want to be even more prepared?

Ransomware attacks can be devastating, but with the right planning and preparation, you can significantly reduce the impact. To learn more about building a robust cyber resilience plan, consider attending our Cyber Resilience Planning Workshop. This interactive workshop, offered in cities worldwide, guides participants through the process of creating a comprehensive cyber recovery plan. Using real-world scenarios, the workshop helps organizations develop strategies to withstand and recover from cyberattacks.

Sign up for a workshop today and take a proactive step toward protecting your organization.

The post Ransomware Attack! Your First 24 Hours Are Critical appeared first on Commvault - English - United States.

Today, November 11, is Veterans Day and Remembrance Day, memorial days tied to Armistice Day, which marked the end of World War I. This day honors both living and lost Veterans who have served their country. Here at Commvault, we’re proud to recognize the sacrifices made by Veterans and their families, and remain humbled by their selflessness and courage.

We are fortunate to have Veterans among us in our global Vaulter community, and as a Veteran, I know firsthand how our shared experiences in service place a high value on teamwork and informed and inspiring leadership. We draw on these values as we share traditions and memories, and build new relationships. 

Each year, our VALOR ERG hosts an Honor Hour virtual event to reflect on the sacrifices Veterans have made for our freedoms. These conversations provide our Vaulters with an open dialogue to express what this day means to them personally, acknowledge and remember our histories, reflect on our own experiences with Veterans, and show our gratitude.

And as part of our Commvault Cares Quarter of Caring initiative, our VALOR ERG is partnering with the Tunnel to Towers Foundation to support all those who have served, as well as their families, especially in the upcoming holiday season. Seeing all the incredible support across our company makes me so proud to be a part of Commvault. 

I encourage you to take a moment today to reflect on and honor the dedication and resilience of all Veterans who have served their country. Thank you to our Veterans and their families for the sacrifice you have made to keep us all free and safe. 

Click here to learn more about our diversity, equity, and inclusion efforts at Commvault.

The post Honoring Remembrance and Veterans Day appeared first on Commvault - English - United States.

This week, we hosted our quarterly internal Global Town Hall meeting and presented our FY25 Q2 CEO Living Our Values Awards. This award program globally recognizes and celebrates our Vaulters for their incredible work and for living our values each day.

I’m so proud to announce our FY25 Q2 CEO Living Our Values Award winners and our employee-nominated Vaulters Choice Award winner below.

CEO Award Winners

Haseeb Jawad 

Michele Dellaventura

Abhishek Praveen

Global Events Team

Kristin Murphy

Kelly Suffness

Lauren Whitaker

Cecily Russell

Vaulters Choice Award Winner 

Gregory Jackamonis

These Vaulters set an inspiring example of what it truly means to be a part of Commvault.

To learn more about what it is like to work at Commvault, check out our careers site.

The post Introducing the FY25 Q2 CEO Living Our Values Award Winners appeared first on Commvault - English - United States.

However, the resilience of these applications often comes into question, especially when faced with the limitations of standard backup products. Traditional backup solutions typically focus on safeguarding virtual machines and some aspects of storage. This approach, while foundational, falls short of addressing the comprehensive needs of modern cloud applications, which are far more intricate and interconnected.

Enter Commvault Cloud Rewind, a revolutionary solution designed to bridge this gap. Commvault Cloud Rewind goes beyond traditional backup paradigms by offering an automated system that can inventory, backup, and restore an entire cloud application, along with all its dependencies. This isn’t just about data recovery – it’s about continuous business and enabling restores of an entire operational setup.

The significance of this kind of capability can’t be overstated, particularly for organizations that leverage public clouds to run their key applications. In the event of a ransomware or malware attack, the ability to restore a cloud application to a point before the attack helps to minimize downtime and operational disruption. This is crucial for maintaining trust and reliability with your customers.

Moreover, Commvault Cloud Rewind facilitates the creation of exact replicas of cloud applications. This feature is invaluable for testing or development purposes, allowing developers and IT professionals to test changes and updates to the cloned environment without risking the integrity of the live environment. It supports agile development practices and promotes a more robust testing culture within organizations.

To illustrate the power and efficiency of Commvault Cloud Rewind, check out the demo video below. This video showcases the quick and complete recovery of an application running in Amazon Web Services, from one region to another, in mere minutes. The demo highlights the practical benefits and the technical prowess of Commvault Cloud Rewind, making it a compelling choice for businesses looking to enhance their cloud application resilience.

For anyone interested in trying out Commvault Cloud Rewind firsthand, visit our website for a free trial. This trial offers a hands-on opportunity to explore how Commvault can transform the way your business thinks about and manages its cloud application resilience.

As businesses continue to navigate the complexities of cloud environments, solutions like Commvault Cloud Rewind are essential. They not only provide the tools needed to help protect and restore critical applications but also empower organizations to innovate and grow with confidence in their cloud strategies.

The post Build Cloud App Resilience with Commvault Cloud Rewind appeared first on Commvault - English - United States.

1. Be Unique

You wouldn’t wear the same costume year after year … would you? Use a password manager to generate and store complex password s for each of your accounts.

2. Add a Layer of Protection

Throwing a winter coat over my costume may have ruined a few Halloweens growing up in chilly New England, but using Multi-Factor Authentication to protect your online accounts provides added reassurance.

3. Stay Up to Date

Don’t be haunted by the ghosts of employees past. Regularly update your permissions as well as your software, apps, and operating systems. And install security patches to protect against known vulnerabilities.

4. Be Cautious of Phishing Scams

The only acceptable phishing is for the good candy in the treat bag. Don’t click on suspicious links or download attachments from unknown sources. Always verify the sender’s email address. (Learn more from The Resilience Rundown podcast episode Fighting Phishing.)

5. Limit Social Media Sharing

It’s tempting to post everything about your little ghosts and goblins, but be cautious. Cybercriminals can glean personal information to guess your passwords or answer security questions. (Watch our Social Media episode of the Strive podcast for more safety tips.)

6. Protect Yourself From Viruses

Want to stay healthy? Install reputable antivirus and anti-malware software on your devices – and for pete’s sake, don’t bob for apples at a preschool party.

7. Report Suspicious Activity

Halloween pranks may be harmless, but cybercrime can have serious repercussions. If you suspect you’ve been a victim, report it to your local law enforcement and national cybercrime agencies.

There’s no sugarcoating the facts: Malicious attacks can happen at any time. You must remain vigilant to protect your organization from wolves in sheep’s clothing all year long. Follow these tips to significantly improve your online security and help protect yourself and your data from cyber threats.

The post Don’t Be Tricked This Halloween appeared first on Commvault - English - United States.

Understanding DORA

The European Commission introduced DORA as part of the Digital Finance Package in September 2020. Its primary objective is to enhance the ability of financial institutions to withstand, respond to, and recover from all types of ICT-related disruptions and threats. DORA applies to a wide range of financial entities, including banks, insurance companies, investment firms, and third-party ICT service providers.

Key components of DORA include:

1. ICT risk management: Financial entities must implement comprehensive ICT risk management frameworks to identify, assess, and mitigate risks.
2. Incident reporting: Mandatory reporting of significant ICT-related incidents to competent authorities.
3. Digital operational resilience testing: Regular testing of ICT systems to enable resilience against disruptions.
4. Third-party risk management: Enhanced oversight of third-party ICT service providers to hold them to resilience standards.
5. Information sharing: Encouragement of information sharing among financial entities to improve collective resilience.

Comparing DORA to Other Regulations and Industry Best Practices

1. NIST Cybersecurity Framework (United States)

The National Institute of Standards and Technology Cybersecurity Framework is a voluntary framework that provides guidelines for managing and reducing cybersecurity risks. While not a regulatory requirement, it is widely adopted by U.S. financial institutions.

• Scope: Unlike DORA, which is mandatory for EU financial entities, the NIST framework is voluntary and can be applied to any industry.
• Focus: Both frameworks focus on broader cybersecurity risk management practices, with DORA placing significantly more focus on operational resilience.
• Incident reporting: DORA mandates incident reporting, while NIST encourages it but does not require it.

2. GDPR (European Union)

The General Data Protection Regulation another significant EU regulation, primarily focused on data protection and privacy.

• Scope: GDPR applies to all organizations processing personal data of EU citizens, while DORA is specific to financial entities.
• Focus: GDPR emphasizes data protection and privacy, whereas DORA focuses on operational resilience and ICT risk management.
• Incident reporting: Both regulations require incident reporting, but GDPR focuses on personal data breaches, while DORA covers a broader range of ICT incidents.

3. Basel III (Global)

Basel III is a global set of international regulatory standards developed by the Basel Committee on Banking Supervision to strengthen regulation, supervision, and risk management within the banking sector. The EU is implementing the Basel III framework beginning January 1, 2025, while the implementation in United States and United Kingdom is likely to be delayed.

• Scope: Basel III is specific to internationally active banks, while DORA applies to a wider range of financial entities.
• Focus: Basel III focuses on capital adequacy, stress testing, and market liquidity risk, whereas DORA focuses on ICT risk management. Both address operational resilience.
• Incident reporting: Basel III does not specifically mandate ICT incident reporting, unlike DORA.

4. FCA Operational Resilience Framework (United Kingdom)

The Financial Conduct Authority in the UK has its own operational resilience framework, which shares similarities with DORA.

• Scope: Both frameworks apply to financial entities, but the FCA framework is specific to the UK.
• Focus: Both frameworks emphasize operational resilience, but DORA has a broader scope, including third-party risk management and information sharing.
• Incident reporting: Both frameworks require incident reporting, but DORA has more detailed requirements.

Implications for the Financial Industry

The introduction of DORA represents a significant step toward enhancing the operational resilience of financial entities in the EU. By mandating comprehensive ICT risk management, regular resilience testing, and robust incident reporting, DORA aims to mitigate the impact of ICT-related disruptions on the financial system.

For financial entities operating globally, compliance with multiple regulatory frameworks can be challenging. However, the principles of DORA align with many existing regulations and industry best practices, such as the NIST Cybersecurity Framework and the FCA Operational Resilience Framework. This alignment can facilitate a more integrated approach to managing ICT risks and operational resilience. As long the main capabilities required by DORA are addressed, financial entities remain free to use ICT risk management models that are differently framed or categorized.

Conclusion

DORA sets a high standard for operational resilience in the financial sector, with its comprehensive approach to ICT risk management, incident reporting, and third-party oversight. While it shares similarities with other regulations, its mandatory nature and broad scope make it a unique and influential regulatory framework. As the global regulatory landscape continues to evolve, financial entities must stay informed and adapt to maintain compliance and resilience in an increasingly digital world.

The post Exploring DORA: Understanding the Global Regulatory Landscape appeared first on Commvault - English - United States.

Ransomware has become a perpetual game of cat and mouse. As IT and security teams strive to stay one step ahead, threat actors ruthlessly mine for new methods, means, and vectors for their exploits. Their latest focus is AD. As a core element of centralized management, AD has become a primary target and pathway to execute ransomware attacks. Now more than ever, it’s critical that today’s businesses consider AD protection in their overarching security and ransomware response strategies.

The Keys to the Castle

As a widely adopted authentication tool for small, medium, and enterprise businesses, Microsoft AD and Entra ID are the gatekeepers of authorization processes for networks, applications, and environments. AD is the quarterback of system access and controls an ever-changing pool of users, groups, policies, and app permissions.

While AD simplifies the administration of access to key systems, it can be particularly challenging to secure as it holds the keys to an organization’s most crown jewels – its infrastructure and data. It also has become a data protection blind spot for many organizations. One misconfiguration, leaked password, or dormant account can enable a bad actor to elevate privileges and steal, corrupt, or deny access to critical applications and their data.

Numerous workloads within companies depend on AD to grant employees access to critical business systems that are essential for generating revenue, delivering patient care, maintaining manufacturing operations, and supporting nonprofit initiatives. Without AD, business operations would grind to a halt.

Propagating an Attack

Experts are finding AD is playing a key and increasingly larger role in executing attacks. In fact, a study by EMA Research showed that 50% of organizations experienced an attack on AD/Entra ID in the last one to two years. By exploiting blind spots, bad actors can compromise privileged accounts, mimic authorized users, and silently traverse infrastructure, workstations, and applications to establish their foothold. Failing to safeguard AD enables attackers with a centralized location to control and sever access to critical business assets.

How Commvault Helps

Safeguarding AD from ransomware requires purpose-built tools to recover from attacks. And while some businesses have developed homegrown solutions, they are time-consuming to maintain, upkeep, and administer. With Commvault Cloud, you get dedicated, single-solution protection for Microsoft AD and Entra ID to help quickly restore your data.

Frequent backups enable users to undo damaging and unwanted changes to objects and attributes, including users, groups, app registrations, and more. Fast, granular recovery options allow administrators to view what’s changed in their environment and easily recover missing, damaged, or misconfigured items to thwart ongoing attacks.

Visit Commvault.com/platform/active-directory to learn more about how Commvault helps safeguard AD against corruption, accidental deletion, or malicious attacks. 

The post Active Directory and its Critical Role in Ransomware Recovery appeared first on Commvault - English - United States.

This recognition highlights our ongoing commitment to fostering a culture where employees feel what they do matters. It matters for our customers, for our partners, and most importantly, for our employees. We’re committed to giving our teams the right resources and support, so they feel empowered to inspire others, build great things, and reach their highest potential.

We’ve developed a variety of core initiatives to enhance our employee experience. From comprehensive wellness programs to professional development opportunities, flexible work arrangements, and more. We are also proud of the vibrant community we’ve built through our five Employee Resource Groups and two Employee Affinity Groups, which provide additional support and connection for our employees across all dimensions of diversity.

The NJBIA Awards for Excellence celebrate companies that go above and beyond in business success, corporate responsibility, and community impact. We’re so honored to win the Outstanding Employer Award as we stay focused on delivering for our customers, partners, our communities, and of course, our very own Vaulters.

To see our feature in New Jersey Business Magazine, visit: New Jersey Business Magazine.

For more information about Commvault’s award-winning culture and career opportunities, see: Careers at Commvault | Commvault jobs.

The post Commvault Wins NJBIA Award for Excellence – Outstanding Employer appeared first on Commvault - English - United States.