IBM Adds Enhanced Data Protection to FlashSystem to Help Block Cyberattacks

IBM is bringing advanced data protection capabilities to the IBM FlashSystem family of all-flash arrays to help companies better plan for—and recover quickly from—ransomware and other cyberattacks.

Explaining the need to escalate security protocols, IBM said that over the last year cybercriminals have taken advantage of the increasingly distributed data landscapes and ramped-up the frequency of their attacks. Ransomware in particular, which is used to gain access to and then encrypt corporate data to block its access and/or expose it unless a ransom is paid, is on the rise.

And, according to cybersecurity firm SonicWall, ransomware attacks rose to 304.6 million in 2020, up 62% over 2019, mainly due to the highly distributed workforces caused by the pandemic. In fact, through May of 2021, the group reported 226.3 ransomware attacks already, up 116% year to date over 2020.

To help companies fortify their enterprises and better protect their data, IBM has announced IBM Safeguarded Copy for the IBM FlashSystem family of all-flash storage arrays. Safeguarded Copy automatically creates data copies in "immutable snapshots" that are securely isolated within the system and cannot be accessed or altered by unauthorized users. In the event of data loss, a data breach, malicious activity or any other event that compromises data or disrupts operations, customers can recover their data from the snapshots based on known points-in-time prior to the breach.

"Protecting against ransomware and other forms of malware requires a two-pronged approach to resiliency that involves automated protection and rapid recovery," said Denis Kennelly, General Manager, IBM Storage. "That's why we're standardizing our modern data protection software, Safeguarded Copy, across our portfolio, bringing even more cyber resiliency to IBM FlashSystem. Cyberattacks are on the rise, but data can be protected and restored when you are prepared."

Protecting Data and Business

With Safeguarded Copy storage administrators can schedule the automatic creation of the logical point-in-time snapshots for scheduled intervals of their choice. Because the software separates the snapshots into distinct Safeguarded "pools" on the storage system, they are immutable and inaccessible. Once in the pool, the data is only actionable after it has been recovered, eliminating the risk of data tampering or deletion.

Customers can also leverage Safeguarded Copy to extract and restore specific data from the backup snapshots to diagnose production issues. In addition, Safeguarded Copy can be used for regular validations of the copies to provide early detection of a problem and aid in the investigation of compromised data. And unlike some comparable snapshot solutions, IBM Safeguarded Copy enables customers to configure the systems and schedule backups themselves, rather than rely on the storage provider to log onto the customer's system and set it up remotely.

In addition, IBM announced that Safeguarded Copy can now be integrated with IBM Security QRadar. QRadar monitors activities and looks for signs that an attack may have begun, such as the attempted logging in of an unauthorized person. With today's announcement, QRadar can now be used to proactively invoke Safeguarded Copy to automatically create a protected backup at the first sign of a threat.

Safeguarded Copy is based on the same proven technology within the IBM DS8000 familydelivering security, cyber resiliency and recovery innovations across the entire IBM Storage portfolio. From encryption at rest and in motion, as well as data replication, to the physical "air gapping" available with IBM tape solutions, to the Write-Once-Read-Many (WORM) capabilities within the virtual tape libraries, IBM storage solutions provide customers many ways to protect their data and recover quickly in the event of a breach.

On-Prem Storage as a Service

IBM also announced plans for this fall to roll out the new IBM Storage as a Service offering which is designed to give customers a fast, new way to integrate hybrid cloud storage into any data center environment, eliminating the need for upfront capital expense of a system purchase.

As part of the company's new Flexible Infrastructure family of pay-as-you-grow offerings, IBM Storage as a Service makes it simple for customers to choose the storage they need by determining the right performance, capacity, and service term that matches their workload and business needs. With 1-5 year options, and no new contract penalty, customers pay a single rate based on TB/month at a fixed annual rate and the performance level of the system deployed. IBM handles the rest—from install and configuration to concierge level services and support—providing an experience that combines the benefit of an on-prem deployment with the ease of a cloud service.

Customers will be able to dynamically scale their storage capacity up or down as they need with variable pricing, only paying for what they use. And unlike some comparative services, IBM Storage as a Service's base and variable pricing (when extra capacity is needed) are the same. In addition, customers are not penalized for having data that is not compressible.

The solution will be expandable to support hybrid cloud use cases with the monthly-priced Spectrum Virtualize for Public Cloud, which supports IBM Cloud and AWS, and with planned support for Microsoft Azure. IBM Storage-as-a-Service will also support hybrid cloud solutions deployed via cloud-adjacent architecture at Equinix.

IBM plans to make IBM Storage as a Service available across North America and Europe in September. The company plans to extend the service to other regions around the world in the future. The service joins IBM's existing as-a-service offerings, including the IBM Storage Utility service and IBM Cloud Storage Services, all of which are designed to provide customers with the ability to access and integrate IBM innovation in the most effective manner possible, across any hybrid cloud environment.