Cohesity, a leader in next-gen data management, today announced the general availability of Cohesity FortKnox — a software as a service (SaaS) data isolation and recovery solution, adding to the company’s Data Management as a Service portfolio of offerings that run on Amazon Web Services (AWS).
FortKnox is a modern data isolation solution that can play a critical role in helping organizations minimize the impact of cyber attacks such as ransomware. It is designed to provide an additional layer of off-site protection while dramatically simplifying operations and lowering costs compared to magnetic-tape and self-managed data vaults. The SaaS offering also helps enterprises meet recovery service level agreement (SLA) requirements and regulatory requirements.
This announcement comes as customers look for a next-gen approach to data management and security. Traditionally, data was air gapped using magnetic tape as part of a 3-2-1 backup strategy — three copies of data, on two different media, with one of them in an off-site environment. Although tape provides security isolation for data it does not allow for rapid recovery at scale, preventing teams from responding quickly to cyber security incidents, such as ransomware, where large volumes of data may be compromised.
FortKnox powers a modern 3-2-1 option fit for the cloud era that effectively balances organizations’ security and agility priorities. It is a cloud solution that allows customers to simply connect, vault, and recover. Vaulted data is kept secure and out of the hands of bad actors via a virtual air gap that is achieved through physical separation, and network and management isolation. This clean data can be recovered from the Cohesity-managed cloud vault back to the original source location — or alternate targets, including the public cloud — in support of business continuity objectives.
“Cyber resilience is a top business priority for organizations,” said Brian Spanswick, chief information security officer, Cohesity. “Providing off-site data isolation through this SaaS offering is another way we are helping customers combat increasingly sophisticated attacks and accelerate recovery, while also enabling SecOps and compliance teams to sleep better at night.”
“With cyberattacks becoming more and more frequent and destructive, Cohesity FortKnox adds a new layer of protection to our most critical data,” said Olivier Pouvesle, CTO at BRGM.
“Organizations prioritize keeping data secure, but the increasing sophistication and frequency of cybersecurity threats is making data protection not only more critical but also more difficult,” said Adrian De Luca, director of solution architecture, global partner strategic development at AWS. “With Cohesity FortKnox, customers are able to utilize the scalability, security, and accessibility of AWS with Cohesity’s next-gen data management for a solution that can help protect their data from ransomware and other cybersecurity threats.”
Cohesity FortKnox is designed to help customers:
- Keep data safe through:
- Secure connection via a configurable data transfer window, outside of which the data vault is locked
- Tamper resistance with immutability, object lock to prevent changes of vault policy, and quorum that requires a minimum of two or more people to approve critical actions
- Operational isolation achieved with separate Cohesity-managed keys (not accessible to a rogue administrator) and separate workflows for read and write operations
- Strict access controls including granular role-based access control, multi-factor authentication, and encryption both in-flight and at rest
- AI-powered anomaly detection, through our Helios platform, helps identify potential indications of emerging ransomware attacks so administrators can take necessary actions to minimize proliferation and impact
- Connect, vault, and recover — no need to shuttle tapes around, construct a do-it-yourself (DIY) data vault, build out additional storage infrastructure, or devise bespoke recovery processes.
- In case of a ransomware attack, quickly identify a clean copy of data with confidence and rapidly recover safely to the desired location — on-premises or in the cloud.
- Move from a CapEx intensive to an OpEx “as a service” model.
“The ability of organizations to minimize the impact of a cyber attack and quickly regain operations of their core business systems is top of mind for CIOs and CISOs around the world,” said Dave Gruber, senior analyst, Enterprise Strategy Group. ”Data recovery completeness and speed sets apart those who are most prepared. Recent ESG research tells us that isolating data offsite is a leading strategy to achieve these objectives.”
Cohesity FortKnox complements Cohesity’s Threat Defense data security architecture. This multi-layered architecture is continually enhanced to help customers stay a step ahead of cyber criminals. It brings together a range of products, services, and capabilities from Cohesity and ecosystem partners to help customers identify threats via AI and ML, protect their data, and rapidly recover in the event of a cyberattack.