Druva is proud to be one of the first companies to sign CISA’s Secure by Design pledge. For us, this commitment was a natural step, as we've been applying secure design principles for over a decade as the only SaaS-based data security vendor. We believe that security should never be an afterthought when building any product. Secure by Design is a philosophy that has been ingrained into everything that we do at Druva.
What’s the CISA Secure by Design Pledge?
The CISA Secure by Design Pledge is an initiative launched by the U.S. Cybersecurity and Infrastructure Security Agency (CISA). Its goal is to enhance cybersecurity resilience across the private sector by fostering stronger collaboration and commitment among businesses, particularly those that are part of critical infrastructure sectors. This pledge is voluntary and encourages companies to adopt more robust cybersecurity practices to combat evolving threats.
The CISA pledge is a key element of a larger strategy to strengthen cybersecurity through public-private partnerships, particularly as cyberattacks on critical infrastructure continue to rise.
How Does Druva Align with the CISA Secure by Design Pledge?
Below are just a few examples of how Druva shapes its product development to not only meet but surpass the goals outlined in the pledge.
Strengthening Product Security Through SaaS
One of the biggest benefits of built-from-ground-up SaaS data security software is that customers don’t need to worry about maintaining it in any way. Druva updates its software bi-monthly, guaranteeing that customers don’t have to wait for new features, bug fixes, and security enhancements. As a SaaS software, Druva automatically meets the goal of “Providing functionality to allow automatic installation of software patches when possible and enabling this functionality by default, where appropriate” that CISA has outlined.
SaaS ensures Druva customers don’t need to track CVEs or other vulnerabilities, not only of Druva, but other operating systems and associated software.
Aiding Customer’s Incident Response
Per CISA, software manufacturers should take ownership of the security outcomes of their customers. At Druva, we know that data security shouldn’t stop once the software is sold — strong data security requires continuous monitoring. That’s why we built Managed Data Detection and Response (DDR). It is a natively delivered service that combines advanced monitoring and threat detection capabilities, utilizing backup telemetry, with expert-driven analysis and response – enabling organizations to respond to threats promptly.
Druva's analysts act as an extension of the customer's Incident Response team, examining alerts and conducting detailed analyses to eliminate false positives. Upon threat verification, Druva's team takes immediate action, notifying the customer and implementing proactive measures to secure and, if necessary, roll back compromised data. Druva’s team plays a crucial role during incident response and investigations by providing actionable insights, and pre-built and customized runbooks enabling customers to understand and mitigate security incidents thoroughly.
Enhancing Incident Analysis Through Audit Logs
CISA urges organizations to provide their customers with capabilities that allow them to probe security incidents. Audit logs are a great way of enabling users to trace important changes that might have been made, like altering configuration settings, changing authentication mechanisms, and more.
Druva offers customers two different kinds of logs. The first one, progress logs, shows the ongoing progress of different jobs such as backups, restores, etc. The second, detailed logs, provide more comprehensive information and are available after a job is complete. Detailed logs contain information about system configuration, or can be agent-specific logs, main service logs, system-specific logs (like Windows event logs, Linux dmesg logs), and virtualization platform logs (like VMware, Nutanix). These logs are crucial for analyzing and troubleshooting issues and can be shared with Druva Technical Support if needed.
Druva also recently introduced Dru Investigate, an AI that helps customers simplify investigations into indicators of data compromise with natural language queries. By leveraging isolated large language models (LLMs) and private Retrieval-Augmented Generation (RAG), the tool not only ensures that all customer data remains secure and private, without exposure to external sources but also bridges the critical gap between IT and security teams.
Enforcing Multi-factor authentication (MFA)
According to CISA, multi-factor authentication is the most effective defense against password-based attacks, including credential stuffing and password theft. That’s why Druva has made it mandatory for customers to use MFA. Starting in July 2024, administrators using user IDs and passwords to log in are prompted to set up MFA when attempting to access the console if they haven’t already configured it. This ensures that administrators can’t skip this important security step.
Eliminating Usage of Default Passwords
One of CISA's recommended approaches is to require users to set a strong password at the very beginning of the installation process. To enable this mechanism, a strong password policy is automatically enforced by default when creating a new password. When the administrator logs in again using their password, they are required to configure MFA before they can access the console.
The Druva Data Security Cloud Advantage
In today's digital landscape, where data is both invaluable and increasingly vulnerable, Druva's Data Security Cloud stands out by providing a single, secure, and scalable platform to tackle the complex challenges of data security. With its secure-by-design philosophy, cloud-native architecture, Managed DDR, and advanced security capabilities, Druva instills confidence in organizations, assuring them that their data is safeguarded against sophisticated cyber threats. Druva's comprehensive approach to data security, encompassing backup and recovery, proactive monitoring, threat hunting, and rapid response to ransomware attacks, empowers organizations to focus on their core objectives with confidence. As cyber threats evolve, Druva's Data Security Cloud remains well-equipped to help organizations navigate the challenges of data protection with ease.
To learn more about how Druva is redefining data security, check out our Druva: A Modern Approach to Data Security whitepaper.