What is CDR (Content Disarm and Reconstruction) | Asigra

The cybersecurity threat landscape is getting increasingly complex, and global trends like remote working continue to influence threats to organizational data. Many enterprises still use reactive security solutions, which may not be completely reliable in protecting documents. Most antiviruses work on known threats, meaning they are unable to capture unknown malware.

An estimated 1 in every 100,000 files an organization receives contains potentially malicious content, and 98 percent of these infected files are unknown to antivirus solutions for up to 18 days before they can alleviate potentially consequential risks.

Due to the growing complexity of malware and their increasing success at evading conventional and next-generation antimalware engines and sandboxes, it is crucial that enterprises get a thorough threat prevention solution that is reliable, such as CDR.

What does CDR Mean?

CDR stands for Content Disarm & Reconstruction, a data sanitization solution that assumes all files are potentially malicious, hence sanitizing them and rebuilding each file to ensure optimal usability with safe content. CDR cleans and rebuilds files before the users can access them.

How Does CDR Work?

Four steps are involved in the sanitization of files by the CDR solution:

• First, Asigra’s Data Security Module will evaluate and verify every file bidirectionally during backup and restore activities based on selected policies, ensuring that it is the right file type and has the proper file consistency. The tool examines file extensions to prevent complex files that pose as simpler files and red flags for malicious content. This way, an enterprise is alerted when it’s under attack.
• Secondly, the security module separates the file elements into discrete components, removing and sanitizing malicious elements like scripts, macros, and other executables.
• Thirdly, it rebuilds the files in a fast, secure procedure. All file characteristics and metadata are reconstructed.
• Lastly, any detected content will be reported on during backup activities and filtered, removed or blocked during restore activities by the security module, ensuring the file is safe for use while preserving the integrity of the file structure.

Benefits of CDR

CDR offers many benefits ranging from enhanced protection to improved performance.

Wide file format support: CDR supports many file formats, including PDF, Microsoft Office, images, archives, plain text, videos, and HTML. This feature helps prevent a document-based threat from gaining entry to secure networks. Moreover, CDR is able to verify a large number of file types, helping combat spoofed file attacks and detecting seemingly complex files that pose as simpler files.

Excellent protection: Asigra’s CDR offers additional protection against zero-day attacks and unknown & deeply hidden malware. CDR generates a functionally identical file for every file to be backed up. The new file generated in near real-time is free of any potentially malicious content.

Improved Performance: Asigra’s Data Security Module already performs a centralized bidirectional antimalware scan of all files being backed up and recovered, and now adds CDR to that process. All of this is done on a dedicated server on your network instead of at the users’ endpoint device, improving endpoint performance.

Why Should Your Backup Software Have CDR?

You already have an antivirus and other malware protection tools in your organization; however, these may not be sufficient for the highly complex cyberattack world.

Your backup software needs to have Content Disarm & Reconstruction functionality to add an additional layer of security and to catch any malicious content that your gateway security tools might miss. This way, you can ensure malicious content is detected during backups, and you restore only clean files to your production environment.

To learn more about CDR and why you need it for your backup environment, contact the Asigra team today.