Getty Images/iStockphoto
Dell extends Cyber Recovery ransomware protection to AWS
Dell EMC's PowerProtect Cyber Recovery launched in AWS Marketplace, providing customers with a way to isolate their data in AWS-based storage instead of on premises.
Dell EMC is providing customers with a means to lock down their data in AWS S3.
This week, Dell EMC introduced PowerProtect Cyber Recovery for AWS, a cloud-based variant of its data isolation and immutability software. The product enables customers to create an air-gapped data recovery vault in AWS S3, separate from their production and backup environments. Customers can secure the data within the vault by implementing access restrictions to PowerProtect Cyber Recovery for AWS.
The new software provides an extra layer of ransomware protection on top of a customer's primary backup. Data in the Cyber Recovery vault is harder to access by bad actors because it is stored in an isolated storage environment on a product that is separated from the rest of an organization's backup administration. Even if backup administrators' credentials are compromised, Cyber Recovery requires its own set of security credentials and multifactor authentication to access.
Dell EMC PowerProtect Cyber Recovery was previously only deployable on premises, either directly into appliances in customers' data centers or delivered as a service through Faction, a cloud service provider Dell EMC partners with.
Previously, customers who wanted to protect cloud-native data would have to move it back on premises first, leading to extra complexity and cost, said Rob Emsley, director of product marketing for data protection at Dell Technologies. This week's launch addresses those customers' needs by enabling them to use AWS S3 as the storage back end for the Cyber Recovery vault.
"When customers move to AWS, they have to protect their workloads the same way as they did on prem," Emsley said.
Dell EMC PowerProtect Cyber Recovery for AWS costs less than $1,000 per TB for one year to approximately $2,000 per TB for a three-year commitment, according to the vendor. It is sold and deployed as a virtual appliance, so customers will need to provide their own storage for it in AWS S3.
Cloud-centric data protection
Enterprise workloads are about evenly split between on premises and the cloud, so nearly every organization is adopting a hybrid infrastructure strategy, said Phil Goodwin, research vice president at IDC. Customers are faced with the challenge of bringing the same level of protection for on-premises environments to their cloud environments. IDC's research predicts that by 2025, more than half of organizations will take a "cloud-centric perspective" to data protection instead of the traditional, on-premises approach.
Phil GoodwinResearch vice president, IDC
"We're in a transition of focusing on the availability of data and applications instead of underlying storage," Goodwin said. "SaaS applications, hybrid cloud -- we no longer have access to the storage underneath, so it forced us to think differently."
For Dell appliances customers, PowerProtect provides a natural way to extend their infrastructure into AWS, and for cloud-heavy organizations, the software protects on-premises workloads moving into AWS' public cloud, Goodwin said.
The Cyber Recovery vault will also enable customers to deploy a public cloud vault quickly instead of manually creating an S3 bucket, applying access and immutability policies to it and maintaining it themselves, Goodwin added.
"There are a lot of customers where [an isolated vault] doesn't represent a large IT burden, but it's good if you just want a turnkey approach," Goodwin said.
Dell EMC PowerProtect Cyber Recovery for AWS provides other advantages over the DIY approach, said Krista Macomber, a senior analyst at Evaluator Group. Its two biggest benefits are that it removes the need for customers to create custom scripts for managing the air gap and, through its integration with Index Engines, PowerProtect Cyber Recovery for AWS can determine when a ransomware attack occurred and identify a safe backup copy to recover from.
"Identifying the last known good copy is something that we are seeing customers struggle with in particular," Macomber said.
Two vendors are working with isolated recovery vault services: Veritas introduced NetBackup Recovery Vault in October and Cohesity is building Project Fort Knox. There's a market for this technology, Macomber said, especially for smaller companies that don't have the budget or staff for an air-gapped storage repository but still need to meet compliance or security demands.
Johnny Yu covers enterprise data protection news for TechTarget's Storage sites SearchDataBackup and SearchDisasterRecovery. Before joining TechTarget in June 2018, he wrote for USA Today's consumer product review site Reviewed.com.