Cloudian has developed a new ransomware protection solution that renders backup data unchangeable even if it is accessed by hackers.
The product, based on Cloudian's HyperStore object storage and Veeam's recently upgraded Availability Suite v10, works differently from other ransomware protection solutions. Instead of protecting data by preventing access to the storage, Cloudian-Veeam Object Lock makes backup data unchangeable within the storage system for a set period of time. Even if malware infiltrates the backup, it can't encrypt the backup data, so the backup copy remains clean.
"Other ransomware solutions protect data by preventing access to the storage, but this approach can be defeated. In fact, most successful attacks occur on systems that have up-to-date endpoint protection in place," said Jon Toor, Cloudian's chief marketing officer.
One of the reasons the Cloudian-Veeam solution can offer this type of protection is because of its support for Amazon's S3 Object Lock, a mechanism that allows users to store objects using write once, read many (WORM) technology. WORM protection is often used in situations where data can't be changed or deleted after it's written.
The new solution includes a host of security features, including a secure shell, integrated firewall, RBAC/IAM access controls, AES-256 server-side encryption for data at rest and Secure Sockets Layer (SSL) for data in transit.
"Making data unchangeable is effective only if the overall system is secure," Toor said. "If rogue actors—or even rogue employees—can access the system root, they can potentially circumvent the protection. This solution includes safeguards to prevent that."
The solution would be ideally suited to replace "air-gapped" anti-ransomware approaches like tape backup, said Jason Bloomberg, president of Intellyx, an analysis and advisory firm focused on digital transformation
"It's based on immutable object storage, making it both faster and less expensive than alternatives, and the speed and cost benefits are even greater when compared to cloud or tape-based backup solutions," he said. "That's a different approach than other immutability-based anti-ransomware, which centers on immutable snapshots or immutable file systems."
The Cloudian-Veeam Object Lock ransomware protection solution also is integrated within the backup workflow. Unlike other processes that may require physically handling removable media, this process is fully automated with no manual steps required.