Alex - stock.adobe.com

Cohesity's 7.0 update adds protections against rogue admins

New capabilities in 7.0 update to Cohesity Data Cloud harden against human error or malice with split administrator key privileges and granular restorations.

The latest update to the Cohesity Data Cloud data management and backup platform adds better safeguards against malicious actors and granular file recovery. It also introduces AWS cold storage as a backup target.

Data Cloud, formerly known as DataPlatform, combines a half-dozen services from Cohesity for file and object data protection, including FortKnox, a data vaulting service within AWS; DataProtect, the primary backup and recovery software; and DataHawk, threat detection and incident analysis software.

Capabilities added in this update would normally be in the security team's job description. But these are increasingly becoming the domain of data protection specialists, according to Phil Goodwin, research vice president at IDC.

The shift is reasonable as continued cyberattacks against organizations through ransomware make the security and recovery of data just as important as protecting the technology infrastructure itself, Goodwin said.

Cohesity competes alongside major backup vendors like Dell Technologies, Veeam, Veritas and Commvault, he said. All are moving into a cybersecurity space either with their own technology or through vendor partnerships.

"Traditional [disaster recovery] is inadequate for cyber recovery purposes. There are fundamental differences," Goodwin said. "We're seeing a rapid expansion [of cyber recovery tools]."

Air gapping the human element

Cohesity Data Cloud 7.0 distributes its new capabilities across the platform's available services with hardened security safeguards and management insights into data access frequency or storage location.

Data growth is the only statistic we have on the future. It's a real pain for users solving that issue.
Christophe BertrandPractice director, Enterprise Strategy Group

Cohesity's security features can now split up management keys within an organization across several administrators or with Cohesity support staff, which requires multiple individuals to authorize actions such as deleting backups, according to the vendor. New automated key management system (KMS) failover capabilities let organizations change to another KMS system in case the original is compromised.

Eliminating the need to manually failover during a ransomware attack or other recovery challenge eliminates at least one headache faced by data backup specialists, according to Randy Kerns, senior strategist and analyst at Evaluator Group.

"To do it manually when there is a KMS issue is a pain and requires the right people be available," Kerns said. "It just takes time."

Organizations can also wrangle savings from their backups with new cold storage options in FortKnox. The software previously saved backups to traditional tiers of Amazon S3 storage. Now backups can be saved in the cheaper and slower access of AWS S3 Glacier.

Data in these colder storage tiers still needs to be protected, Goodwin cautioned. Simply moving to a cloud archive won't provide immunity from ransomware attacks.

"A mistake a lot of organizations make is [thinking] an archive tier in the cloud is the same as an air gap. It's not," Goodwin said.

Granular safety

SmartFiles, Cohesity's file and object data management tool, now includes granular recovery and quarantining for ransomware infected files. The software now lets organizations set policies for data retention based upon usage, cost or other factors, vendor spokespeople said.

Data management capabilities of Data Platform are expanding with tools such as visualization and usage analysis for third-party NAS systems. Data protection and backup storage targets now include AWS GovCloud as well as specific third-party private cloud deployments on servers from Lenovo, HPE, Cisco and Dell, according to the vendor.

Data management tools aren't first thought of as having cyber security capabilities. But they can help build up cyber resiliency by giving less of a potential attack space to intruders, said Christophe Bertrand, practice director at Enterprise Strategy Group, a division of TechTarget.

Organizations will face ever increasing amounts of data, he noted. Keeping lean archives with proper protections and policy controls can eliminate the potential attack surface and damage severity if security is compromised.

"Data growth is the only statistic we have on the future," Bertrand said. "It's a real pain for users solving that issue."

Tim McCarthy is a journalist living on the North Shore of Massachusetts. He covers cloud and data storage news.

Dig Deeper on Data backup and recovery software