Cohesity delivers new backup solution that prevents, detects, and responds to ransomware attacks
- Published: Tuesday, 29 January 2019 15:07
Cohesity has announced the Cohesity Anti-Ransomware Solution, a comprehensive series of new capabilities available for the latest version of Cohesity DataPlatform that directly combats ransomware attacks. This solution, claims Cohesity, ‘offers the broadest set of capabilities of any modern-day backup vendor with a multi-layered approach that can prevent, detect, and if necessary respond to attacks – helping ensure business continuity while keeping cybercriminals in their place’.
To counter sophisticated ransomware threats, ‘organizations need to reconsider their backup strategy and deploy a solution that proactively prevents backup infrastructure from becoming a target, detects attacks in real time, and if necessary provides an immediate response to recover at scale, in order to avoid substantial downtime’ says Cohesity.
“Legacy backup solutions are ineffective against today’s ransomware attacks, which have become a top concern for almost every organization,” said Raj Rajamani, vice president of product management, Cohesity. “Real protection requires an integrated approach that combines proactive defense measures, intelligent monitoring, and the power to restore massive amounts of data immediately.”
Cohesity provides three layers of security that empower organizations to prevent, detect, and respond to ransomware attacks:
Prevent: Cohesity's immutable file system, SpanFS, serves as the core defense against ransomware by keeping backup jobs in an immutable view. If an attacker tries to modify the backup, Cohesity DataPlatform will write the data to a new instance, keeping the original snapshot intact and preserved.
Customers also have access to additional protection with Cohesity DataLock, a new feature that allows security officers to ‘lock’ a backup snapshot so that even someone with the highest level of access cannot modify or delete the backup. Cohesity also offers multi-factor authentication, another new feature that helps ensure that data is protected even when passwords are compromised.
Detect: because no barrier is 100 percent impenetrable, Cohesity is rolling out an entire new set of ‘detect’ capabilities that uncover suspicious activities. Cohesity Helios, a SaaS-based secondary data and application management solution, provides anomaly detection that alerts the customer’s IT admin and Cohesity’s support team when the backup data changes or ingest rates fall outside the norm based on historical trends.
In addition to monitoring backup data change rates to detect potential ransomware attacks, with this announcement, Cohesity is also offering integrated detection and alerts for file-level anomalies within unstructured files and object data. This includes analyzing the frequency of files accessed and the number of files being modified, added, or deleted by a specific user or application to ensure a ransomware attack is quickly detected.
Respond: in the event of a successful attack, quickly recovering any compromised data becomes the most vital function. Cohesity’s instant mass restore enables IT admins to recover not just files but hundreds of virtual machines instantly, at scale, to any point in time. In these critical moments, backup solutions are only as good as how quickly they can recover the data – a quick recovery dramatically reduces the chances of downtime and lost revenue due to a ransomware attack.
These capabilities are now generally available to all customers using the latest version of Cohesity DataPlatform (Pegasus 6.1.1.).