Defend against ransomware with these 5 data backup products

Consider backup and recovery tools that incorporate ransomware protection to help defend against cyberthreats.

For most organizations, backups are a routine part of their data protection strategy, and many rely on backup and recovery tools that automate replication processes and ensure secure and reliable restores, should they become necessary. But these tools alone aren't enough to defend against ransomware, unless they specifically incorporate ransomware protection.

With ransomware incidents growing at an alarming rate, organizations require backup and recovery tools that defend against these threats and enable organizations to quickly recover from attacks. Many backup and recovery tools now incorporate ransomware protection; although, these products differ in how they safeguard against these cyberthreats. Examine the following six backup and recovery products that offer ransomware protection to varying degrees as part of their backup services.

Acronis Cyber Protect

The Acronis Cyber Protect integrated cybersecurity and backup platform includes Acronis Active Protection, an advanced anti-ransomware technology that actively protects all data, including documents, media files, programs and backup files. Active Protection observes patterns in data file changes and compares them against malicious behavior patterns, enabling administrators to identify ransomware attacks whether or not they've been reported.

  • Cyber Protect natively integrates cybersecurity, data protection and management to protect endpoints, systems and data. The product offers AI-based static and behavioral heuristic antivirus, antimalware, anti-ransomware and anti-cryptojacking technologies to deliver real-time protections.
  • The platform detects and terminates ransomware attacks and then quickly and automatically restores damaged files, regardless of their size.
  • Most Cyber Protect editions offer integration with Active Directory for authentication.
  • Acronis offers three Cyber Protect editions -- Essentials, Standard and Advanced -- and two Cyber Backup editions -- Standard and Advanced -- as part of the Cyber Protect family. Pricing is based on workload type and edition, with the product offered as an annual subscription. Acronis also provides a 30-day free trial.
  • Acronis supports English, German, French, Italian, Spanish and Japanese. Organizations should contact Acronis sales for specific details about the level of support it provides for each Cyber Protect edition. Acronis also offers product documentation, video tutorials and community forums.
Many backup and recovery tools now incorporate ransomware protection; although, these products differ in how they safeguard against these cyberthreats.


The Asigra data backup and recovery platform includes a suite of tools for protecting an organization's critical data, including applications and databases. One of these products specifically defends against ransomware and attack loop cyberthreats. The platform scans files in real time when backing them up, isolating malicious code and alerting administrators. Asigra also renames file repositories in nonstandard formats to prevent viruses from recognizing and deleting them.

  • The Asigra platform includes signatureless malware detection engines that identify and quarantine unauthorized or malicious embedded code, preventing it from penetrating the backup and replication streams. The platform also requires two-factor authentication to delete backups.
  • Before restoring files, Asigra scans the legacy recovery files to prevent attack loop ransomware from being detonated. The platform also performs restore validations that simulate real recoveries before actually writing the restored data.
  • The platform integrates with Microsoft System Center Configuration Manager.
  • Asigra offers its platform as either a managed service or on-premises license. Organizations can request a demonstration directly from Asigra and purchase the product through an Asigra global partner.
  • Asigra provides 24/7 phone support to organizations that have a support contract. Other businesses can access telephone support during normal business hours. Asigra also offers support via email and a web portal and provides registered customers with product documentation.


The Carbonite data protection platform comprises several products. Two of those products -- Carbonite Endpoint and Carbonite Server -- offer backup and recovery for protecting endpoint and server data. Carbonite can protect both physical and virtual workloads and supports full or granular restores of files, folder and application data. The platform also provides features for ensuring business continuity and cyber resiliency, including ransomware recovery.

  • Carbonite protects against data theft, hardware failure, accidental deletion and data corruption. The platform uses advanced encryption to safeguard data at rest and in motion. In addition, the platform can retain data to meet compliance requirements. Subscribers to advanced protection also get endpoint global location tracking, remote wipe of computer data, advanced restore and failover, flexible retention and other features for safeguarding data.
  • The platform's support for incremental recovery enables customers to restore only new or changed files following a ransomware attack. They can restore individual files, folders or entire systems.
  • Carbonite integrates with Active Directory and other Lightweight Directory Access Protocol directory services. The platform also provides a software development kit and APIs for custom automation and integration with third-party services.
  • Pricing is based on the number of computers an organization is backing up and the type of computers -- servers, endpoints or a combination of both -- as well as whether an organization opts for advanced protections. Carbonite charges an annual subscription fee, with discounts for two- and three-year commitments. Organizations can sign up for a 30-day free trial.
  • Carbonite provides free 24/7 technical support for all of its products, without requiring a special license or contract. Customers can contact support by phone, email or the customer service portal, where they can also download software and explore the knowledgebase. Carbonite also provides a special portal for remote support.

Veeam Backup and Replication

The Veeam Backup and Replication software product provides data protection for any application or type of data across physical, virtual or cloud environments. This tool can quickly restore files, VMs, applications and NAS, with support for snapshots, image-based replication and the intelligent reuse of backup data. The software also includes ransomware detection capabilities, and it provides immutable backups that help defend against ransomware and other threats.

  • In addition to data immutability, Veeam ensures data backups are recoverable, secure and compliant, using controls that prevent data from being deleted or changed without strict multilevel approvals. In addition, Veeam DataLabs provides verified recovery, security, compliance and virtual sandbox testing for data reuse.
  • Veeam's support organization team offers guidance for restoring data after ransomware incidents. The team can help customers determine when it's appropriate to restore data and which safety checks to implement. Veeam also offers a ransomware prevention kit to help organizations learn how to prevent, detect and recover data from ransomware attacks.
  • The Veeam product provides a data integration API and Universal Storage API, along with APIs for third-party integrations. The product includes enterprise plugins for SAP HANA and Oracle Recovery Manager.
  • The software is available through the Veeam Universal License (VUL), a flexible license for protecting multiple workloads on premises or in the cloud. The license is portable across workloads and locations, rather than being tied to a specific product. Veeam offers three license plans: Backup Essentials, Backup and Replication, and Availability Suite. All three include backup and recovery features. Organizations purchase VULs in bundles on an annual basis for one to five years. Potential buyers can download a 30-day free trial or request a custom demonstration.
  • The VULs include full 24/7 production support. Admins can access support through the customer portal, where they can open or track tickets. Veeam also offers phone support and provides a knowledgebase that organizations can use to access product information.


The Zerto replication and recovery product merges data protection and disaster recovery into a single platform that can protect data on premises as well as in hybrid and multi-cloud environments. Zerto also provides real-time protection against cyberattacks such as ransomware. If the platform detects an attack, it locks down that file and provides quick access to point-in-time restores. The platform also enables organizations to quickly recover from cyberattacks, with minimal disruption to business operations.

  • The Zerto platform is built on the continuous data protection foundation, which enables admins to automatically capture and track data modifications. The platform saves every version of user-created data locally or to a target repository, continuously replicating incremental writes. Built-in analytics provide a comprehensive view across all environments, including multisite and multi-cloud.
  • Organizations can recover from a ransomware attack with just a few clicks and to a specific point in time, just before the attack occurred. They can also recover only the data they need – whether it be a few files, multiple VMs or an entire application stack. In addition, customers can test their recovered applications and data to ensure corruptions have been removed.
  • Zerto provides a full-featured API for integrating with existing orchestration, monitoring and configuration management tools. Zerto's technology alliances with multiple vendors delivers full stack offerings on such platforms as Microsoft Azure, VMware vSphere and IBM Cloud.
  • The Zerto platform is available in two license types: Zerto Data Protection and Enterprise Cloud Edition, which is the more comprehensive of the two. Customers can purchase either edition as a subscription or perpetual license. Potential buyers can contact Zerto directly for pricing information; however, the actual sales are made through channel partners. Potential buyers can try Zerto for free, either through on-demand labs or a full-featured 14-day trial.
  • Zerto offers standard and premium support options. Customers can submit a support case through the product's interface or the customer support portal. They can also manage their cases, access community forums and download software. Zerto also offers phone support for Severity 1 issues.

The number of ransomware attacks continues to grow

Organizations are threatened more than ever by ransomware, as attacks grow more sophisticated and increase in number. According to "The State of Ransomware," a Sophos report published in May 2020, 51% of the surveyed organizations were hit by ransomware attacks last year, and 73% of those attacks resulted in data being encrypted. Of those attacked, 56% retrieved their data from backups, while 26% paid the ransom. For organizations that didn't pay, their average costs were still $732,520. For those that did pay, their average costs nearly doubled, coming in at $1,448,458.

As if these figures weren't grim enough, ransomware's growing sophistication is making it even more difficult to maintain an effective ransomware backup strategy. One of the most disturbing threats comes in the form of the attack loop -- a type of ransomware that infects both the production data and the backups. In this scenario, the ransomware lies in wait until it's ready to detonate, making it difficult to know which backups are safe to restore.

Next Steps

Public sector IT execs detail ransomware backup, recovery tips

Dig Deeper on Data backup security

Disaster Recovery