Cohesity Adds Anti-Ransomware Protection to Data Platform

The latest version of the Cohesity Data Platform features protections to help businesses fight ransomware attacks on their critical business-data backups.

The new features, unveiled Wednesday, include tools that aim to prevent, detect and respond to successful ransomware attacks that might get through existing perimeter protections, Satinder Sharma, director of product solutions engineering for Cohesity, told Channel Futures.

Other products might protect the front lines of a company’s IT infrastructure, but Cohesity focuses deeper to protect business-data backups, which increasingly are becoming a target for persistent and crafty ransomware attackers, said Sharma.

Cohesity’s Satinder Sharma

In these types of attacks, cybercriminals get through perimeter protections and go after backup systems by accessing them using admin passwords and then deleting or encrypting backups, he said. Cohesity’s new tools work to prevent that by requiring two-factor authentication to provide the ability to delete backup files, making it tougher for the attacks to be successful, he said.

“If someone can still get access to the backups, no one – even the administrative log-in holder – can delete the backups without the two-factor authentication,” said Sharma.

The protections are based on retention policies that can be set to only allow backup deletions when they follow the letter of the secure retention policies.

“That prevention is to ensure the backup systems don’t get compromised,” added Sharma.

The new Cohesity anti-ransomware protections also include anomaly-detection capabilities, which look for daily change rates on logical data, stored data and historical data to form patterns using machine learning, said Sharma.

“Anything wonky is flagged as an anomaly and customers can then look at what is going on to ensure it is an authorized and true activity or not.”

The new protections also include instant mass-restore capabilities to respond to any successful attacks that might have deleted or encrypted backup files.

“The idea there is that backups are stored in a way that whether you take backups from today or six months ago, [they] can be restored for hundreds of virtual machines at once, at scale,” said Sharma.

“There is not enough protection on the perimeter and the bad guys finding ways of getting in,” he said.  

All of Cohesity’s business comes through a global group of more than 200 channel partners including distributors, resellers, solution providers, integrators and cloud service providers.

“Our field sales and technical teams work very close[ly] with our partners to enable them and ensure both partner and customer success,” said Sharma. “We have a very focused recruiting strategy and look for quality versus quantity of partners, and as such are heavily focused on enabling partners so they can offer maximum value to their customers.”

Cohesity reported last August that 81 percent of its channel partners had grown their business in excess of 100 percent in fiscal year 2018, while 75 percent grew their business by more than 200 percent.

ESG’s Christophe Bertrand

“Partners have the opportunity to provide consulting services, professional services and support services around Cohesity products and solutions,” he said. “The Cohesity Anti-Ransomware Solution provides opportunities for partners to include their own brand of service offerings based on their customers’ needs.”

Christophe Bertrand, an IT analyst with Enterprise Strategy Group, says protecting data against ransomware has become a crucial challenge for enterprises as traditional backup solutions have become targets. The company’s research shows that most enterprise end-users continue to express concern about backup cross-contamination caused by cyberattacks, he said.

“Cohesity’s end-to-end proactive solution, with its laser focus on preserving backups from cyber-corruption combined with restore flexibility capabilities, is a notable improvement over more reactive approaches that can leave backups exposed,” said Bertrand.