Because there is the potential for ransomware to infect computers and files in your backup environment, Commvault monitors and analyzes your environment to identify the possible presence of ransomware on your infrastructure computers.
Unusual changes in files, backup files, emails, or file types may indicate that your backup environment has been infected, corrupted, changed, or encrypted, or may contain indicators of other means of compromise. These types of threats can impact recovery objectives if your recovery process is prolonged due to manual validation processes.
Insights into file changes or anomalies allow you to respond effectively with preventative and corrective actions, such as:
-
Isolated recoveries of backups for forensic investigation
-
Automatic recoveries of last known good versions of data
-
Deep level entropy analysis of backup content
-
Scanning of data backups for ransomware