Using Elastio To Protect Our SaaS Application – A Proof Of Concept

DevOps teams are increasingly responsible for software as a service (SaaS) decisions to solve specific problems for business operations. SaaS aims to meet these demands by providing turnkey solutions for CRM, ERP, and CMS processes. While SaaS platforms may be designed for privacy, many fail to provide adequate capabilities for data governance or data retention (data protection). Further, little to no attention is given to malware and ransomware detection within the content stored inside the SaaS platform.

This blog post and included use case aims to explore these problems in greater detail and offer an innovative solution for the challenges.

Safeguarding Content Management Systems as a Service

Content Management Systems as a Service (CMSaaS) is an example of a SaaS platform that meets the immediate demand for agility but introduces complications for the Security Office. While CMSaaS takes appropriate measures to protect privacy and confidentiality against external actors, it seldom considers the confidentiality of the data handled by data-protection administrators. Many CMS platforms offer, at best, click-ops* capabilities to create and download unencrypted backups of the entire CMS to their desktop. While some CMSaaS offer APIs to initiate full backups, retention policies may be limited to 30 days with no concern for governance or deduplication. Further complicating the challenge described is that CMSaaS platforms are a likely place to store and share malware inside the virtual enterprise.

As the virtual enterprise achieves increased velocity through agile business development processes, the security and compliance offices must be ready to align with product teams. Security Offices lacking the ability to correctly classify and categorize the data within the XaaS will be seen as an obstruction to the business rather than an enabler. DevOps teams lacking the DevSecOps mentality will be unable to operationalize the organization’s governance, retention, and compliance needs. In turn, with malware scanning of the hosted data sources, CMS may unwittingly become its own enemy.

A Software Solution for a Complex Problem

The promises of “Anything as a Service” (XaaS) transform the way businesses solve complex problems with software solutions. Legacy backup and compliance solutions lack the transformational features required for today’s needs. Current generation solutions (native) miss critical aspects of the nature of the cloud and how this translates to corporate governance and compliance. None of the solutions take the unique approach of Elastio; where data protection is shifted left, the risk is reduced closer to zero, and the detection, identification, and eradication of malware is shifted to Day -N.

Elastio and Atlassian Confluence: A User Case

Consider our use case for Atlassian Confluence. Confluence is a popular Content Management System for product and project management. Using our example, we found a 400-user SaaS instance of Confluence had grown to over 80GB in size in 6 months. Further, we discovered that the overall size of the CMS was increasing by approximately 2% per day. Before using Elastio, a single data protection administrator was responsible for logging in and clicking on a button to backup Confluence. This admin was then responsible for downloading and archiving this 80GB so that it was available to the rest of the organization. We needed a better solution, so we started with code from Atlassian Labs for automation.

We could automate the backup with the Atlassian Labs code as a base, but we lacked adequate data protection. Using Elastio, we could stream the application data directly to an Elastio vault where it is encrypted, deduplicated, and scanned for malware. Using a short-lived container in Amazon ECS, we integrated the Elastio API into a scheduled job and automated the process for the business.

The entire proof of concept code can be downloaded here:
https://github.com/elastio/contrib/tree/master/atlassian_backup-1.0.0

About Elastio

Elastio detects and precisely identifies ransomware in your data and assures rapid post-attack recovery. Our data resilience platform protects against cyber attacks when traditional cloud security measures fail.

Elastio’s agentless deep file inspection continuously monitors business-critical data to identify threats and enable quick response to compromises and infected files. Elastio provides best-in-class application protection and recovery and delivers immediate time-to-value.