Hardening OpenZFS to Further Mitigate Ransomware

While the Open Source cross-platform OpenZFS file system and volume manager provides advanced block-level features including checksumming, snapshotting, and replication to mitigate ransomware at the POSIX level, the evolving nature of ransomware dictates that no technology should rest on its laurels. This developer and administrator-focused talk will explore strategies for hardening OpenZFS and its supported operating systems towards a goal of total storage immutability without authorization. Achieving this goal will require operating system-level mitigations with a focus on multi-factor authentication (MFA) and authorization.

• Update on new OpenZFS features
• Orientation with existing OpenZFS ransomware mitigation features
• Introduction to new strategies to further improve OpenZFS as a ransomware mitigation tool