Thursday, 24 January 2019 01:01

Cohesity adds ransomware protection to secondary storage

Cohesity director of product marketing Raj Dutt Cohesity director of product marketing Raj Dutt

"Legacy back-up is becoming a target" for ransomware, Cohesity director of product marketing Raj Dutt told iTWire, so the latest release of Cohesity's hyperconverged secondary storage software provides protection against ransomware.

Ransomware is a US$2 billion criminal industry that affected 40% of organisations during 2017-18, he said. Thirty-five percent of cases were resolved by paying the ransom.

"Legacy back-up solutions are ineffective against today's ransomware attacks, which have become a top concern for almost every organisation," said Cohesity vice-president of product management, Raj Rajamani,

"Real protection requires an integrated approach that combines proactive defence measures, intelligent monitoring, and the power to restore massive amounts of data immediately."

Recent examples of ransomware start by eliminating shadow copies of data and then move on to encrypting the production data. This prevents victims recovering from the situation by restoring from backup, explained Dutt.

Cohesity's SpanFS immutable file system already works to ensure that any changes to backup data create clones, leaving the previous version intact and available for restoration.

This has been enhanced by the new DataLock function that provides WORM-style capability. Regardless of the credentials presented, a DataLocked snapshot cannot be changed or deleted for a specified period.

Cohesity users can combine these features to ensure they always have a protected backup, he said.

Furthermore, the new release provides for multifactor authentication to help ensure that authorised users really are who they purport to be.

The updated version of the Cohesity Helios SaaS-based secondary data and application management solution goes beyond detecting changes in backup data rates (which can be symptomatic of a ransomware attack) to monitor file-level anomalies concerning unstructured files and object data.

Any such anomalies are brought to the attention of IT administrators and Cohesity's support staff.

If a ransomware attack is successful, Cohesity's SpanFS allows a potentially unlimited number of snaps and clones to be retained on premises. As soon as the most recent unaffected backups have been identified (using Cohesity's "Google-like" global search capability), the restoration process can be started from that screen.

This means hundreds of virtual machines can be restored in "minutes rather than hours" of admin time, explained Dutt.

All snaps are fully hydrated, so they can be mounted on the Cohesity platform and accessed in situ as soon as the relevant VM has restarted. The data is then recovered to its normal location in the background while operations continue.

This rapid recovery reduces the risk of lost revenue due to ransomware attacks.

Cohesity's "comprehensive solution against ransomware attack" is available to all customers as part of the latest version of Cohesity DataPlatform, said Dutt. "It's all built into the solution."

The initial reception from analysts and customers given early access to the update has been that it addresses a real problem, and is a comprehensive solution to a growing threat, he said.

University of California, Santa Barbara associate CIO for administrative and residential IT, Ben Price said "Our organisation has experienced two attempted ransomware attacks that have been resolved with limited downtime and expense using Cohesity DataProtect.

"Both incidents involved SharePoint mapped drives that were CryptoLocked and required restoration of the entire database using the previous Cohesity backup and instantly resolved the issue at no additional cost."


26-27 February 2020 | Hilton Brisbane

Connecting the region’s leading data analytics professionals to drive and inspire your future strategy

Leading the data analytics division has never been easy, but now the challenge is on to remain ahead of the competition and reap the massive rewards as a strategic executive.

Do you want to leverage data governance as an enabler?Are you working at driving AI/ML implementation?

Want to stay abreast of data privacy and AI ethics requirements? Are you working hard to push predictive analytics to the limits?

With so much to keep on top of in such a rapidly changing technology space, collaboration is key to success. You don't need to struggle alone, network and share your struggles as well as your tips for success at CDAO Brisbane.

Discover how your peers have tackled the very same issues you face daily. Network with over 140 of your peers and hear from the leading professionals in your industry. Leverage this community of data and analytics enthusiasts to advance your strategy to the next level.

Download the Agenda to find out more


Stephen Withers

joomla visitors

Stephen Withers is one of Australia¹s most experienced IT journalists, having begun his career in the days of 8-bit 'microcomputers'. He covers the gamut from gadgets to enterprise systems. In previous lives he has been an academic, a systems programmer, an IT support manager, and an online services manager. Stephen holds an honours degree in Management Sciences and a PhD in Industrial and Business Studies.



Recent Comments