Skip to content
11:11 Systems
The Resilient Cloud Platform
11:11 Systems11:11 Systems
  • Why 11:11
    • Submenu
      • Column 1
        • 11:11 Systems Consulting
          Consulting Services
          Global Regions
          Cloud Regions
          11:11 Systems Security
          Security

      • Column 2
        • Cloud Console
          Cloud Console
          Catalyst
          Planning and Assessment
          Compliance
          Compliance

      • WHY CHOOSE 11:11
      • Overview
      • Leadership
      • News & Media
      • ESG Program
      •  
      • Careers
      • Technology Partners
      • Customer Stories
      • Innovation Blog
  • Products & Services
    • Products & Services

        • Cloud Overview
        • Managed Public Cloud
        • Private Cloud
        • Object Storage
        • Cloud Labs
        • Flexible Cloud Environment/Colocation
        • AWS Solutions
        • Managed OS Services
        • Managed DB Services
        Object Storage

        Premium storage without the premium price

        Buy 11:11 Object Storage now
        BUY NOW
        REQUEST A QUOTE

        • Backup Overview
        • Veeam Backup
        • Microsoft 365 Backup
        • Managed Backup for Cohesity
        • Cyber Vault
        • Data Protection Services
        Backup as a Service

        11:11 Cloud Backup

        Protect your data wherever it lives.
        REQUEST A QUOTE
        REQUEST A DEMO

        • DRaaS Overview
        • DRaaS for Veeam
        • DRaaS for Zerto
        • DRaaS for Azure
        • DRaaS for Cohesity
        • Managed Recovery
        • Cloud Recovery
        • Cyber Recovery Platform
        • Infrastructure Recovery
        • Continuity Consulting Services
        • Disaster Recovery Consulting
        Disaster Recovery

        5TB 30Day Free Trial of DRaaS for Veeam

        Protect your business-critical workloads and reduce recovery time with the Leader in Disaster Recovery.
        START FREE TRIAL
        LEARN MORE

        • Security Overview
        • Continuous Risk Scanning
        • Managed Detection and Response
        • Managed SIEM
        • Managed EDR
        • Managed Firewall
        • Application and Zero Trust Services
        Security Services

        Take the first steps toward cyber resilience.

        Download our white paper and learn how to stay ahead of threats.
        REQUEST A QUOTE
        DOWNLOAD NOW

        • Networking Overview
        • SD-WAN
        • Managed SASE
        • Managed Connectivity for AWS Direct Connect
        • Multi-Cloud Connect
        • Circuit Management
        • Network Consulting Services
        Network as a Service

        Transform your network.

        Take your infrastructure and performance to the next level.
        REQUEST A QUOTE
        WATCH VIDEO
  • Solutions
    • Solutions Submenu
      • INDUSTRY
      • Education
      • Financial
      • Government
      • Healthcare
    • Solutions Business Objective Submenu
      • BUSINESS OBJECTIVE
      • Cyber Resilience
      • Modernize
      • Protect
      • Manage
  • Partners
    • Partners Submenu
      • Overview
      • Become a Partner
      • Partner Portals
  • Resources
    • Resources Submenu
      • Events
      • Webinars
      • News & Media
      • White Papers
      • Data Sheets
      • Customer Stories
      • Innovation Blog
  • Support
    • Support Submenu
      • Contact Support
      • Product Documentation
      • API Documentation
Search:
  • Login
  • Contact
Header Right Menu
  • Object Storage
  • Cyber Vault for Cohesity
BUY NOW
Free Trial
  • Why 11:11
    • Consulting Services
    • Cloud Console
    • Cloud Regions
    • Planning and Assessment
    • Security
    • Compliance
    • WHY CHOOSE 11:11
    • Overview
    • Leadership
    • News & Media
    • ESG Program
    • Careers
    • Technology Partners
    • Customer Stories
    • Blog
  • Products & Services
    • CLOUD
    • Cloud Overview
    • Managed Public Cloud
    • Private Cloud
    • Object Storage
    • Cloud Labs
    • Flexible Cloud Environment/Colocation
    • AWS Solutions
    • Managed OS Services
    • Managed DB Services
    • BACKUP
    • Backup Overview
    • Veeam Backup
    • Microsoft 365 Backup
    • Managed Backup for Cohesity
    • Cyber Vault
    • Data Protection Services
    • DISASTER RECOVERY
    • DRaaS Overview
    • DRaaS for Veeam
    • DRaaS for Zerto
    • DRaaS for Azure
    • DRaaS for Cohesity
    • Managed Recovery
    • Cloud Recovery
    • Cyber Recovery Platform
    • Infrastructure Recovery Services
    • Continuity Consulting
    • Disaster Recovery Consulting
    • SECURITY
    • Security Overview
    • Continuous Risk Scanning
    • Managed Detection and Response
    • Managed SIEM
    • Managed EDR
    • Managed Firewall
    • Application and Zero Trust Services
    • NETWORK
    • Network Overview
    • SD-WAN
    • Managed Connectivity for AWS Direct Connect
    • Managed SASE
    • Multi Cloud Connect
    • Circuit Management
    • Network Consulting Services
  • Solutions
    • INDUSTRY
    • Education
    • Financial
    • Government
    • Healthcare
    • BUSINESS OBJECTIVE
    • Cyber Resilience
    • Modernize
    • Protect
    • Manage
  • Partners
    • Overview
    • Become a Partner
    • Partner Portals
  • Resources
    • Events
    • Webinars
    • News & Media
    • Whitepapers
    • Datasheets
    • Customer Stories
    • Innovation Blog
  • Support
    • Contact Support
    • Product Documentation
    • API Documentation
  • Contact
  • Login
  • Buy Now
    • Object Storage
    • Cyber Vault for Cohesity
  • Free Trial
Tags: ZertoZerto Encryption Detectionencryption detectionCyber ResilienceCybercrime
Author: Justin Nordeste
Date: November 25, 2024

Stay ahead of cybercrime and ransomware with Zerto 10’s encryption detection

 

In the time it takes you to finish this post — perhaps even this sentence — it is more than likely that ransomware will disrupt yet another business, causing extensive delays and irrevocable damage.

Across the globe, ransomware attacks continue to increase in frequency, sophistication, and consequence, littering headlines with cautionary tales and sobering statistics. Over the next decade, Cybersecurity Ventures predicts that global ransomware damage will grow by 30 percent annually. By 2031, damages are expected to surpass $265 billion per year, with a new attack occurring every two seconds. As cliché as this may sound: It’s no longer a matter of ‘if’ your cyber defenses will be tested, but ‘when.’

In the face of such threats, your best defense remains developing a clear ransomware recovery strategy — one that combines the right technology with a trusted, tested set of plans, processes, and procedures. For decades now, 11:11 Systems and Zerto have been on the front lines of this fight for data protection and recovery, partnering to deliver the technology and expertise needed to keep your organization up and running. Over the last few months, the 11:11 team has been updating our Zerto customers with information regarding their upgrade to Zerto 10. This upgrade is a two-step process that requires migrating from a Windows-based Zerto Virtual Manager (ZVM) to the new Linux-based Zerto Virtual Manager Appliance (ZVMA). Details for this are available in a success center article that provides some key considerations and prerequisites for upgrading.

Aside from the usual reasons to upgrade, Zerto 10 also comes with a critical new, built-in feature that is designed specifically for ransomware resilience: encryption detection!

What is Encryption Detection?

This advanced feature is built into Zerto’s platform and is designed to help identify and monitor suspicious encryption activities in your protected virtual machines (VMs). With the rise of encryption-based malware and other cyber threats, it’s crucial to have a system in place that can detect anomalous encryption behaviors in real time. Using Zerto’s Encryption Analyzer, this feature inspects the writes to protected VMs, watching for irregularities or spikes that may be indicative of encryption activity. When anything unusual is detected, an alert is triggered — giving you an opportunity to assess whether the irregular and suspicious activity is legitimate or malicious.

How does it work?

1. Real-Time Detection of Anomalous Encryption Activity

By constantly monitoring the VMs disk activity, this feature detects any irregularities that could suggest a security incident, such as malware encrypting files in the background.

The system assigns a “suspicion level” to each detection, based on the severity of the encryption anomaly:

  • Level 1: Low suspicion — This could indicate a routine operation like a software update. At this level, two tagged checkpoints are created automatically.
  • Level 2: High suspicion — This suggests a greater likelihood of potentially malicious activity and takes the following actions:
    • Two tagged checkpoints are created automatically.
    • An alert, ENC001, is triggered. This alert contains information about the volume(s), VM(s), and virtual protection group(s) (VPGs) that are affected.
    • The status of the affected VPG(s) becomes “Warning: potential abnormal encryption was detected.”

Below is an example of what this looks like in the “Alerts” section of your ZVMA:

2. Automatic Tagging of Checkpoints

When encryption anomalies are detected, Zerto creates two important checkpoints:

  • Suspicious Encryption Activity Checkpoint: This marks the exact point where suspicious activity was first identified, giving you a reference for when the potential issue was first detected by the system.
  • Clean Checkpoint: This is created 10 minutes before the suspicious activity was detected, providing a safe restore point in case you need to roll back and mitigate any damage.

In the image below, you can see an example of what these automatically tagged checkpoints look like:

What Can I Do Next?

At this point, the next steps are up to you. The alerts themselves do not take any additional actions. However, these warnings can act as a catalyst for your team to investigate further. As noted above, suspicious activities could be expected due to things like maintenance activities so the notifications could be benign. The feature itself can be enabled and disabled in the user interface, but this is not recommended as that would disable detection for all protected VMs. Instead, it is recommended to dismiss the encryption detection alerts after reviewing the affected VMs.

When the impact is real, these alerts can help give a discreet time frame that your team can use to start investigating and potentially act on. Every organization will have different standards and processes for investigating and determining next steps, but the key benefit this feature provides is the ability to know precisely when a potential incident occurred from a disk-write perspective. This will help your team make an accurate assessment and determine the best course of action for your organization.

Zerto’s Encryption Detection can help you catch these incidents early on — before they escalate into full-blown data loss or business disruptions. This proactive detection can help you prevent or mitigate the impact of a ransomware attack, reducing the risk of data corruption or loss and making recovery more efficient.

Stay Ahead of Potential Threats

Zerto’s Encryption Detection feature is an invaluable tool for anyone looking to improve their organization’s data security. By providing real-time alerts, automatic checkpoint tagging, and extensibility options via available APIs, this feature helps you stay one step ahead of potential threats. Whether you’re defending against malware, monitoring encryption compliance, or simply improving the visibility of your environment, Encryption Detection makes it easier to spot and address abnormal encryption behaviors with confidence.

The team at 11:11 is looking for feedback on what you would like to see us do with this feature — we have a few ideas, but please do share your thoughts with us as we consider our next steps with regard to this feature too. Our product management team is eager to hear what our customers think of the feature and what they would like to see us do with it too.

Categories: Cyber Resilience, Cybercrime, Ransomware, ZertoBy Justin NordesteNovember 25, 2024
Tags: ZertoZerto Encryption Detectionencryption detectionCyber ResilienceCybercrime
Justin Nordeste

Author: Justin Nordeste

Justin Nordeste is a Senior Product Manager at 11:11 Systems, specializing in launching innovative products and enhancing solutions in the data protection space. With nearly 20 years in technology, Justin has held roles in consulting, service delivery, support, and sales engineering prior to transitioning into product leadership roles at both early-stage startups and established Fortune 500 companies. Justin holds a Bachelor's in Management Information Systems from the University of Massachusetts - Dartmouth, along with multiple technical and product management certifications.

Post navigation

PreviousPrevious post:Scale Quickly With a Partner Focused on GrowthNextNext post:How Data Net Solutions Group Found IT Success with 11:11 Systems

Related Posts

Quick answer: Data is growing faster than most organizations can store or protect it. Falling hardware costs, abundant bandwidth, paperless workflows, and regulatory mandates all fuel this surge. To keep critical data safe and recoverable, many organizations now outsource backup to specialists like 11:11 Systems, which delivers secure, compliant, cost-effective cloud backup. Picture a closet you keep stuffing with all kinds of clutter. You add a few things each week, then a few each day, until the door barely shuts. Now imagine that closet doubles in size every couple of years, on its own. That's roughly what's happening to corporate data, and your backup strategy is the closet trying to hold it all. Knowing why data is growing so fast and the challenges that growth creates for IT teams is part of the ongoing battle. Perhaps an immediate solution is already at your fingertips? Why is corporate data growing so fast? Data is expanding at a rate that's hard to picture. According to Cybercrime Magazine, the world created, captured, and replicated over 200 zettabytes of data in 2025, up from about 64.2 zettabytes in 2020. That's nearly a threefold jump in five years. Here's the catch many people miss: backup data is one of the biggest culprits behind that growth. Every copy, snapshot, and archive adds to the total. Worldwide data production has outpaced worldwide storage capacity, and the gap between what organizations create and what they can store keeps widening. A few years ago, IT teams mostly worried about data protection, encryption, and automation. The picture looks different now. Today, organizations are demanding: • Continuous data protection • Security and compliance • Bare metal recovery (restoring entire servers, including OS, files, and configurations) • Archiving • Deduplication • Reduced backup windows • Faster recovery speeds What's driving the explosion in data growth? Several trends are accelerating the rate at which corporate data piles up. Here are the five main culprits most organizations struggle with. 1. Cheaper hardware This is the obvious starting point. Storage capacity keeps getting cheaper per gigabyte, so there's little incentive to delete anything. When storage feels nearly free, organizations simply keep more of everything. 2. Cheap and abundant bandwidth Internet bandwidth is no longer the bottleneck it once was. That shift fueled the explosion of streaming media, file sharing, and online storage. It also created a duplication problem. If one person shares a 1GB file with 500 colleagues, that's half a terabyte of storage consumed in a single click. Multiply that across an enterprise, and duplicate data becomes a major source of waste. 3. Business is going paperless Email replaced letters. eBooks and tablets nearly replaced printed books. Digital imaging replaced photographs and x-rays. Paperless offices are better for the environment, and they're also more productive, more flexible, and better at extracting value from business data. The trade-off: every digital document is one more thing to store and protect. 4. The growing strategic importance of data Data used to be a tool that supported decisions. Now it sits at the center of corporate strategy. Companies like Google and Meta built their entire business models around the data they own. Information is power, and that power keeps growing, which means organizations hold on to far more of it. 5. Regulatory compliance Even organizations that want to store less often can't. Regulations like HIPAA and GDPR require companies to retain historical archives for years. As those archives grow, storage becomes a serious business problem. Organizations also need fast, cost-efficient search and retrieval to stay ready for an unexpected e-discovery request. What are the ways organizations lose data? As data grows in volume, its value grows too. Consider it a type of currency that has tremendous value both internally and externally. That makes protecting it more important than ever. And there's no shortage of ways to lose it. Cyberattacks of course are now the leading threat. Ransomware attacks remain a top concern, with the average ransomware event costs climbing into $5.1 million (cost includes ransom payments, recovery costs, and indirect costs like loss of trust and reputational damage). Numerous industry reports including a recent study by Infrascale, highlight the most prevalent way organizations lose data. This includes, but certainly is not limited to the following: • Hardware failure: a crashed laptop, server, or mobile device can render files unrecoverable. • Theft: business break-ins still happen, and stolen devices are rarely recovered. • Human error: data gets accidentally deleted or deliberately wiped by a disgruntled employee. Human mistakes remain one of the most common causes of data loss. • Malware and account compromise: malicious software can hijack a system, and cloud storage accounts can be breached through stolen credentials or phishing. • SaaS data gaps: many assume platforms like Microsoft 365 back up everything. They don't fully, which leaves a gap most organizations don't notice until it's too late. The lesson is simple. The more data you hold, the more ways there are to lose it. Why should organizations outsource data backup? Managing explosive data growth in-house is tough. The volume keeps rising, the threats keep evolving, and the compliance bar keeps moving. That's why many organizations choose to outsource backup to specialists who stay ahead of these trends. Outsourcing backup lets your team adapt quickly to changes in both the growth and the nature of your data, while keeping that data safe and available. Choose this route if predictable costs, expert management, and stronger security matter more to you than running everything yourself. How can 11:11 Systems help? 11:11 Systems is a global cloud service provider of secure and compliant hosting for infrastructure (IaaS), disaster recovery (DRaaS), and backup as a service (BaaS). 11:11 Cloud Backup delivers integrated, secure, and cost-effective protection for on-premises and cloud data, including Microsoft 365 data, so critical business data gets back online quickly after a loss event. With multiple layers of defense, including security, cloud backup, and air-gapped Insider Protection, 11:11 Secure Cloud Backup helps organizations remove single points of failure. That minimizes both the time and the business impact of data loss. It's an easy, cost-effective cloud solution for all your offsite backup and archiving needs. Back to that overstuffed closet. You can keep cramming clutter in and hope the door holds, or you can bring in a decluttering specialist to help you organize and build a bigger, smarter, safer space that grows as you do. In the same way 11:11 Systems can be that professional home organizer that helps with your growing data. With the right backup strategy, data growth stops being a threat and starts being an asset.
Data Growth Tests Backup Capabilities: How to Keep Up
June 19, 2026
2026 HPE Service Provider Partner of the Year
11:11 Systems Wins 2026 HPE Service Provider Partner of the Year
June 16, 2026
Check mark box over a blue screen
How to Create a Disaster Recovery Checklist
June 8, 2026
VMware Partner
How 11:11 Systems Keeps You Moving Forward with Broadcom VMware
May 18, 2026
protect your business from AI cyber attacks
How to Protect Your Business From AI Cyberattacks
May 11, 2026
World Password Day 2025
World Password Day 2026: Lock Down Your Enterprise
May 4, 2026
11:11 Systems
PRODUCTS & SERVICES
  • Cloud
  • Backup
  • Disaster Recovery
  • Managed Security
  • Network as a Service
  • Compliance
COMPANY
  • Why 11:11
  • Customer Stories
  • Careers
  • Leadership
  • Technology Partners
  • News & Media
  • Contact Support
CLOUD REGIONS
  • North America
  • EMEA
  • APAC
CONNECT
  • LinkedIn
  • X
  • Youtube

© 2026 11:11 Systems Inc., All Rights Reserved | Privacy Notice | Website Terms of Use |

Go to Top