IBM builds ransomware protection into on-prem storage

IBM's Safeguarded Copy takes a snapshot of your systems and stores it where ransomware can't reach it.

ransomware attack
Andrey Popov / Getty Images

With ransomware attacks growing in frequency and little being done to stop them, IBM is well-timed with its anti-ransomware Safeguarded Copy for its FlashSystems and on-premises storage-as-a-serivce offerings.

Safeguarded Copy is part of the IBM FlashSystem family of all-flash storage arrays, and it automatically creates immutable snapshots of date and stores them securely—meaning they cannot be accessed or altered by unauthorized users, the company says.

Safeguarded Copy is based on technology from IBM’s DS8000 mainframe storage array, which does the same thing as described above: it creates immutable copies  of data that can be used to restore damaged original data volumes or build new and uncorrupted volumes.

The backups are not directly accessible by a host, and the data can be used only after a backup is recovered to a separate recovery volume, so there is a middle step in the restoration process designed to wall off ransomware from getting into the backups.

Safeguarded Copy is included with IBM Spectrum Virtualize for Public Cloud software, which comes with every FlashSystem. Spectrum Virtualize supports IBM Cloud and AWS.

One of the most common fixes to ransomware is to restore an infected machine to a saved uninfected state.

“Protecting against ransomware and other forms of malware requires a two-pronged approach to resiliency that involves automated protection and rapid recovery,” said Denis Kennelly, General Manager, IBM Storage, in a statement. He says that is why the company is adding Safeguarded Copy across the IBM storage portfolio. “Cyberattacks are on the rise, but data can be protected and restored when you are prepared,” he says

IBM also announced that Safeguarded Copy can be integrated with its Security QRadar security software. QRadar monitors activities for signs that an intrusion may be under way, such as unauthorized logins. So Safeguarded Copy could take an emergency snapshot if QRadar suspects an intrusion is underway.

IBM announces storage-as-a-service

IBM is getting into the on-premises storage-as-a-service market starting in September with an offering that it says combines the control of an on-premises deployment with the ease of a cloud service.

Like the on-prem offerings of HPE, Dell, and Pure Storage, customers will have FlashSystem arrays installed in their own facilities with one-to-five-year options, and pay a single rate based on use rather than buying the gear. In this case, the rate is figured based on TB/month at a fixed annual rate and the performance level of the system deployed.

Customers will be able to scale storage capacity up or down as needed, and pay only for what they use. IBM handles all of the maintenance, from install and configuration to concierge level services and support.

Join the Network World communities on Facebook and LinkedIn to comment on topics that are top of mind.

Copyright © 2021 IDG Communications, Inc.

SD-WAN buyers guide: Key questions to ask vendors (and yourself)