IBM Brings Ransomware Protection, as-a-Service Options to FlashSystem Arrays

Enterprises using IBM storage products tend to point to cybersecurity, cost and deploying hybrid cloud environments when ticking off their concerns, according to an official with Big Blue. 

The tech giant this week decided to address those concerns all at once in its FlashSystem portfolio of all-flash storage arrays with new security capabilities aimed at thwarting cyberattacks. This comes at a time when ransomware and other malware campaigns are not only growing in number, but also in severity and impact.

This fall IBM will also roll out its Storage-as-a-Service offering that will enable organizations to bring FlashSystem infrastructure with cloud-like scalability, agility and consumption terms into their on-premises data center — a nod to growing demand among enterprises for hybrid cloud environments.

The moves echo efforts by other hardware OEMs to offer their infrastructure portfolios as a service, ensuring organizations can run their workloads and move their data seamlessly between multiple public clouds and their on-premises environments. 

The Hybrid Cloud Push

Enterprises for the past several years have begun to settle on hybrid cloud strategies, with some workloads running in the cloud and others remaining on-premises for a range of reasons, from security to compliance. The hybrid cloud push has only accelerated during the COVID-19 pandemic, as businesses ramped up their digitization efforts in response to the sudden shift to teleworking and a highly distributed work environment in response to the global public health crisis.

In its annual State of the Cloud Report issued earlier this year, IT management solutions maker Flexera found that of 750 enterprise executives surveyed, 92 percent said they have a multicloud strategy and 80 percent have hybrid cloud plans.

The introduction of the new Safeguarded Copy function for the FlashSystem portfolio – as well IBM’s SAN Volume Controller – acknowledges that the ongoing evolution of IT means even wider distribution of employees, workloads and data and the need to protect all three, particularly in the wake of such high-profile attacks as those on SolarWinds, Kaseya, Colonial Pipeline and global meat-processing company JBS.

Also read: Mapping Out a Hybrid Multicloud Strategy

Rising Threat of Ransomware 

In a blog post, Chris Saul, program director for product marketing at IBM, wrote that one estimate said that it’s likely a company will be targeted in a cyberattack every 11 seconds, with the total cost of attacks exceeding $6 trillion this year. This comes at a time when the nature of ransomware is evolving, with larger attacks on bigger targets, like Colonial and JBS, due in part to the rise of ransomware-as-a-service, which makes it easier for inexperienced cybercriminals to launch campaigns.

Cybersecurity firm SonicWall found that in 2020, the number of ransomware attacks shot up 62 percent year-over-year, to 304.6 million due in large part to the pandemic-driven highly distributed workforce. That trend is continuing this year, with the number of attacks through May hitting 226.3 million, a 116 percent increase.

“Traditional approaches to data protection work well for their intended purposes but aren’t adequate to protect against cyberattacks, which may encrypt or otherwise corrupt your data,” Saul wrote. “Remote replication for disaster recovery will replicate all changes — malicious or not — to the remote copy. And data stored on offline media or the cloud may take too long to recover from a widespread attack. Recovery has taken some businesses days or weeks of downtime. What’s needed is a solution that combines the protection of offline copies with the speed of local copies.”

Read more: How to Prevent & Respond to Ransomware

SafeGuarded Copy’s Automatic Snapshots

Safeguarded Copy automatically creates snapshots that are isolated within the system, ensuring that unauthorized users can’t access or alter the data. Organizations can recover the data from the snapshots if there is an event like a data breach or malicious activity that compromises data or disrupts operations. The technology is designed to enable businesses to reduce the recovery quickly from a cyberattack to minutes or hours. 

Storage administrators can leverage Safeguarded Copy to schedule the automatic creation of the snapshots at regular intervals. In addition, the technology can be interested with QRadar, IBM’s tool for monitoring activity and detecting signs of an attack. QRadar with Safeguarded Copy can automatically create a protected backup when it finds a threat.

Safeguarded Copy is based on the same technology that has been in IBM’s DS8000 family of high-end disk storage systems since 2018. 

“Since flash-based storage is increasingly the solution of choice for most enterprise IT shops, adding Safeguarded Copy as a free feature in its flash systems (and to IBM SAN Volume Controller) should benefit many or most IBM customers,” Charles King, principal analyst with Pund-IT, told Enterprise Storage Forum. “Additionally, ransomware attacks have placed virtually all IT shops in businesses and public sector organizations on edge.”

The local and air-gapped nature of Safeguarded Copy should protect an organization from a ransomware attack and make it easier to recover, King said.

The technology is among a range of security features IBM is incorporating into its systems, he said, pointing to other solutions like Guardium Data Encryption and the pervasive data encryption features incorporated into the vendor’s z15 mainframe systems launched in 2019.

Going as-a-Service

On the as-a-service front, IBM’s plan to offer its FlashSystem portfolio as a service starting in September is part of the company’s larger Flexible Infrastructure initiative.

“Consumers want to deploy cloud storage as and when they need it without having to plan or complete procurement cycles,” Saul wrote, noting an IDC prediction that by 2024, more than half of data center infrastructure will be consumed as a service. “They don’t want to worry about maintaining storage and instead prefer to have the entire lifecycle managed for them, and they want a similar approach for their data that isn’t stored in the public cloud.”

IBM’s push mirrors what other large infrastructure vendors are doing. Hewlett-Packard Enterprise in 2019 said it planned to make its entire portfolio available as a service by 2022. Dell Technologies last year unveiled its Apex initiative to do the same, and other vendors like Cisco Systems, Lenovo, and Pure Storage are moving in the same direction.

Through IBM’s plan, enterprises pick the storage performance tier, an initial capacity and how long they want to commit to the service. IBM will then deliver the FlashSystem storage that includes 50 percent extra capacity than needed. Customers pay only for what they use. There are one- to five-year options, with IBM handling everything from installation and configuration to other services and support.

For deployments in a hybrid cloud, IBM’s Spectrum Virtualize for Public Cloud is designed to give a consistent storage experience both on premises and in the cloud. In addition, enterprises can use co-location services from Equinix to run the hybrid systems.

Read next: IBM’s Spectrum Fusion Eyes an AI-Driven Storage Future

Jeff Burt
Jeffrey Burt has been a journalist for more than three decades, the last 20-plus years covering technology. During more than 16 years with eWEEK, he covered everything from data center infrastructure and collaboration technology to AI, cloud, quantum computing and cybersecurity. A freelance journalist since 2017, his articles have appeared on such sites as eWEEK, The Next Platform, ITPro Today, Channel Futures, Channelnomics, SecurityNow, Data Breach Today, InternetNews and eSecurity Planet.

Latest Articles

Dell Boosts Flexibility, Security of PowerScale Storage Systems

The new challenges of managing unstructured data has inspired the creation of Dell’s PowerScale line up of storage products.

KIOXIA Introduces PCIe 4.0 Storage Class Memory SSDs

The new FL6 Series bridges the gap between DRAM and TLC-based SSDs by leveraging KIOXIA XL-FLASH Memory.

LTO-9 Products Launched by HPE, FujiFilm, Quantum, Spectra Logic

LTO-9 proponents are pointing to tape storage as an effective way for protecting data against the scourge of ransomware.