IBM upgraded FlashSystem to tackle ransomware recently. We take a look at other vendors offering cyber recovery vault capabilities
The world of data protection is changing rapidly. The damage ransomware can unleash is limitless, from hitting production environments and deleting backups to data exfiltration. Now, businesses’ biggest fear is having sensitive information leaked. To address the problem, vendors are offering innovative solutions.
An early leader in providing anti-ransomware protections, IBM recently expanded its Cyber Vault product to FlashSystem, bringing features to fight ransomware, and thereby increase cyber resilience.
IBM FlashSystem Cyber Vault streamlines all phases of cyberattack recovery and reduces overall recovery time. By actively monitoring data in real-time, FlashSystem Cyber Vault accelerates ransomware recovery based on validated restore points, allowing organisations to recover a clean copy of their data.
“As companies are under increasing security threats, they must anticipate and prepare for cyber-attacks in addition to maximising business agility of day-to-day operations,” said Denis Kennelly, General Manager, IBM Storage, in a press statement. “IBM FlashSystem Cyber Vault and our most advanced FlashSystem storage are specifically designed to address the performance and security levels that our hybrid cloud clients demand.”
According to the IBM Cyber Resilient Organisation study, 46 per cent of respondents surveyed reported experiencing a ransomware attack over the past two years.
With cyberattacks growing and average recovery time lasting days or even weeks, risks are enormous. Even with prevention and detection strategies in place, organisations also must be ready to recover their operations quickly to minimise loss of business and other costs.
Increasingly, customers want to lock their backup data away to keep it safe, and vendors are offering the means to do so.
Veritas and Cohesity enable customers to put their data in air-gapped, vendor-managed storage vaults, providing an extra layer of ransomware defence. Veritas’ ransomware recovery vault service combines NetBackup software with public cloud storage back end provisioned and managed by Veritas, and the managed storage environment removes the burden of provisioning and managing storage and dealing with the lifecycle of the data.
The vault forms an air gap by storing a customer’s backup data outside the organisation. It also offers additional measures of ransomware protection such as recovery to a testing or sandbox environment, AI- and machine learning-based anomaly detection, immutability, and encryption.
Similar to Veritas NetBackup Recovery Vault, Cohesity’s Project Fort Knox is slightly different — it is delivered as a standalone SaaS product.
Customers can use Project Fort Knox to isolate their backup data in a vendor-managed environment, while the software detects the anomaly and allows customers to recover data to a testing environment before loading it back into production and to run ransomware attack drills to test customers’ recovery speed and general preparedness.
“Cyber criminals are rapidly becoming more sophisticated and aggressive, and the damage ransomware attacks cause to organisations can be catastrophic in terms of costs and brand reputation,” said Matt Waxman, vice president of product management, Cohesity. “Relying on the legacy backup as an insurance policy no longer is sufficient. Customers need next-gen technology that makes it easy to identify sensitive data, detect anomalies, isolate data, and stay ahead of modern threats. That’s what we’re focused on providing via our solutions and our Threat Defence architecture.”
Cohesity introduced Project Fort Knox alongside another new SaaS service — Cohesity DataGovern. It uses AI and machine learning to identify personally identifiable information (PII) in backup and production data and determines who has access to PII data, enabling it to detect unauthorised access.
Last year, even Dell Technologies and Amazon Web Services offered an air-gapped cyber vault designed to secure, isolate, and recover data from a ransomware attack.
What differentiates Dell’s cyber recovery vault from other services is it is controlled from within the vault itself. Dell worked with AWS to set up a virtual private cloud infrastructure with access controls to separate the Cyber Recovery Vault environment from the rest of the backup environment.
After identifying a ransomware attack or a malware attack, users can access the vaults and the data inside to “go back to a point in time before the attack occurred,” said Rob Emsley, director of product marketing for data protection Dell Technologies. From that point, they can either choose to recover the data to their on-premises infrastructure or another virtual private cloud inside AWS.
Even Rubrik has an isolated cloud archival service that helps customers secure their data within minutes and defend against cyber-attacks. Rubrik Cloud Vault, a SaaS offering built-on Microsoft Azure, reduces the risk that data is modified, deleted, or encrypted and is logically air-gapped from customers’ production environments for enhanced security against ransomware attacks.
Regardless of industry, ransomware attacks pose an increased danger to every business worldwide. Enterprises must have comprehensive and multi-layered data protection to be cyber-resilient.
If you liked reading this, you might like our other stories
Data Experts To Watch In 2022
Are Games The Best Benchmark For AI?