Data security vendors have begun to extend their on-premises cyber vaults to the cloud, aiming to air-gap critical data from the rest of the customer environment for improved security against ransomware attacks.
A recent Gartner report found that 70% of all enterprise workloads will be deployed in cloud infrastructure and platform services by 2023. However, a Dell Technologies’ survey found 64% of organizations using the public cloud or hybrid architectures lack confidence that they can protect all data across these environments. And this lack of confidence comes as ransomware attacks are growing 150% annually.
Data security vendors started to address rising customer needs to survive cyberattacks and avoid ransom payments by restoring recoverable copies of the most critical data in a secured and isolated cloud location, also known as a cloud vault.
Here is a look back at some recently released cloud vaults.
Dell Builds Cyber Vault in AWSIn early December, Dell and Amazon Web Services (AWS) teamed up to offer an air-gapped cyber vault designed to secure, isolate, and recover data from a ransomware attack.
This is Dell’s first move to bring its Cyber Recovery Vault to the public cloud, and the vendor plans to expand this capability to Microsoft Azure, Google Cloud Platform (GCP), and other public cloud providers within the next year.
The cyber vault leverages AWS users’ current backup infrastructure, such as Dell’s PowerProtect appliances, but it is independently configured, operated, and self-managed. And the service isolates customers’ critical data with an operational air-gapped vault, which locks down management interfaces and requires separate security credentials and multi-factor authentication for access.
Dell built its PowerProtect Cyber Recovery portfolio around five years ago, which included an on-premises Cyber Recovery Vault. Then earlier this year, Dell expanded the deployment options to co-locations facilities, paving the way for cyber-vault deployments in the public clouds, explained Rob Emsley, director of product marketing for data protection at Dell Technologies.
Rubrik, Microsoft Vault Critical Data in CloudSimilar to Dell’s strategy, Rubrik partnered with Microsoft to roll out a cloud vault service in December to combat ransomware and cyberattacks, and the vendor also aims to expand its cloud vault services to all of the three public cloud giants.
Currently built on Microsoft Azure, the Rubrik Cloud Vault combines Azure’s immutable storage capabilities, Rubrik’s data protection platform, and zero-trust security services from both vendors. It uses multi-factor authentication and role-based controls so only authorized users can access the stored data.
This service is equally seamless for hybrid- and multi-cloud customers that need to back up their Azure assets because they only need to specify a cloud location to store their data, according to Vamshidhar Kommineni, group product manager at Microsoft Azure Storage.
What is unique about Rubrik’s services is that it helps IT and security teams work together in the threat detection and data recovery processes so companies can have a coordinated plan to detect and respond to ransomware attacks, Rubrik VP of Product Vasu Murthy explained.
Cohesity Extends Air Gapping to the CloudRubrik competitor Cohesity also introduced its Project Fort Knox vault service for public clouds to complement its on-premise data protection services.
Project Fort Knox enables customers to maintain an isolated copy of their data in a Cohesity-managed vault. And in the event of a ransomware attack, it also helps users to quickly identify the copy and recover to the desired location.
Matt Waxman, head of product at Cohesity, explained that the software-as-a-service (SaaS) platform "will deliver an isolated vault environment hosted by Cohesity run in our cloud environment. We’ll bring the ransomware detection capabilities that we have today, together with some advanced threat detection capabilities into what will become a sandbox environment for customers.”
Customers can also run attack mock drills in the sandbox since it’s isolated from their core production environments.
Veritas Simplifies Data Backup in CloudVeritas Technologies announced its NetBackup Recovery Vault in October. The platform is a cloud-based, fully-managed storage-as-a-service data repository.
The air-gapped vault is designed to simplify the data storage process in the cloud and reduce cybersecurity risks by providing its unified NetBackup interface to manage backup and recovery with options to choose from any leading cloud storage providers.
NetBackup covers a wide array of functionalities including backup, orchestration, cataloging, and replication of data. And the NetBackup Intelligent Cloud Policy Engine automatically detects and protects new workloads across all major clouds.
“Traditional approaches to cloud data protection aren’t keeping pace with IT complexity, the evolving threat landscape, or economic expectations,” Christophe Bertrand, senior analyst at Enterprise Strategy Group, said in a statement. “Recovery Vault is designed to help enterprises be confident that their data is secured in the cloud from ransomware and other risks, plan for disaster recovery and meet compliance and governance requirements—all within the NetBackup platform to help improve operational efficiencies and costs.”