Thursday, 24 January 2019 01:01

Cohesity adds ransomware protection to secondary storage

Cohesity director of product marketing Raj Dutt Cohesity director of product marketing Raj Dutt

"Legacy back-up is becoming a target" for ransomware, Cohesity director of product marketing Raj Dutt told iTWire, so the latest release of Cohesity's hyperconverged secondary storage software provides protection against ransomware.

Ransomware is a US$2 billion criminal industry that affected 40% of organisations during 2017-18, he said. Thirty-five percent of cases were resolved by paying the ransom.

"Legacy back-up solutions are ineffective against today's ransomware attacks, which have become a top concern for almost every organisation," said Cohesity vice-president of product management, Raj Rajamani,

"Real protection requires an integrated approach that combines proactive defence measures, intelligent monitoring, and the power to restore massive amounts of data immediately."

Recent examples of ransomware start by eliminating shadow copies of data and then move on to encrypting the production data. This prevents victims recovering from the situation by restoring from backup, explained Dutt.

Cohesity's SpanFS immutable file system already works to ensure that any changes to backup data create clones, leaving the previous version intact and available for restoration.

This has been enhanced by the new DataLock function that provides WORM-style capability. Regardless of the credentials presented, a DataLocked snapshot cannot be changed or deleted for a specified period.

Cohesity users can combine these features to ensure they always have a protected backup, he said.

Furthermore, the new release provides for multifactor authentication to help ensure that authorised users really are who they purport to be.

The updated version of the Cohesity Helios SaaS-based secondary data and application management solution goes beyond detecting changes in backup data rates (which can be symptomatic of a ransomware attack) to monitor file-level anomalies concerning unstructured files and object data.

Any such anomalies are brought to the attention of IT administrators and Cohesity's support staff.

If a ransomware attack is successful, Cohesity's SpanFS allows a potentially unlimited number of snaps and clones to be retained on premises. As soon as the most recent unaffected backups have been identified (using Cohesity's "Google-like" global search capability), the restoration process can be started from that screen.

This means hundreds of virtual machines can be restored in "minutes rather than hours" of admin time, explained Dutt.

All snaps are fully hydrated, so they can be mounted on the Cohesity platform and accessed in situ as soon as the relevant VM has restarted. The data is then recovered to its normal location in the background while operations continue.

This rapid recovery reduces the risk of lost revenue due to ransomware attacks.

Cohesity's "comprehensive solution against ransomware attack" is available to all customers as part of the latest version of Cohesity DataPlatform, said Dutt. "It's all built into the solution."

The initial reception from analysts and customers given early access to the update has been that it addresses a real problem, and is a comprehensive solution to a growing threat, he said.

University of California, Santa Barbara associate CIO for administrative and residential IT, Ben Price said "Our organisation has experienced two attempted ransomware attacks that have been resolved with limited downtime and expense using Cohesity DataProtect.

"Both incidents involved SharePoint mapped drives that were CryptoLocked and required restoration of the entire database using the previous Cohesity backup and instantly resolved the issue at no additional cost."


You cannot afford to miss this Dell Webinar.

With Windows 7 support ending 14th January 2020, its time to start looking at your options.

This can have significant impacts on your organisation but also presents organisations with an opportunity to fundamentally rethink the way users work.

The Details

When: Thursday, September 26, 2019
Presenter: Dell Technologies
Location: Your Computer


QLD, VIC, NSW, ACT & TAS: 11:00 am
SA, NT: 10:30 am
WA: 9:00 am NZ: 1:00 pm

Register and find out all the details you need to know below.



iTWire can help you promote your company, services, and products.


Advertise on the iTWire News Site / Website

Advertise in the iTWire UPDATE / Newsletter

Promote your message via iTWire Sponsored Content/News

Guest Opinion for Home Page exposure

Contact Andrew on 0412 390 000 or email [email protected]


Stephen Withers

joomla visitors

Stephen Withers is one of Australia¹s most experienced IT journalists, having begun his career in the days of 8-bit 'microcomputers'. He covers the gamut from gadgets to enterprise systems. In previous lives he has been an academic, a systems programmer, an IT support manager, and an online services manager. Stephen holds an honours degree in Management Sciences and a PhD in Industrial and Business Studies.



Recent Comments