Cohesity delivers FortKnox – Combating ransomware with a SaaS data isolation and recovery solution


Cohesity, provider of next-gen data management, has announced the general availability of Cohesity FortKnox – a software as a service (SaaS) data isolation and recovery solution, adding to the company’s Data Management as a Service portfolio of offerings that run on Amazon Web Services (AWS).

FortKnox is a modern data isolation solution that can play a critical role in helping organisations minimise the impact of cyber attacks such as ransomware. It is designed to provide an additional layer of off-site protection while dramatically simplifying operations and lowering costs compared to magnetic-tape and self-managed data vaults. The SaaS offering also helps enterprises meet recovery service level agreement (SLA) requirements and regulatory requirements.

This announcement comes as customers look for a next-gen approach to data management and security. Traditionally, data was air gapped using magnetic tape as part of a 3-2-1 backup strategy – three copies of data, on two different media, with one of them in an off-site environment. Although tape provides security isolation for data it does not allow for rapid recovery at scale, preventing teams from responding quickly to cyber security incidents, such as ransomware, where large volumes of data may be compromised. 

FortKnox powers a modern 3-2-1 option fit for the cloud era that effectively balances organisations’ security and agility priorities. It’s a cloud solution that allows customers to simply connect, vault, and recover. Vaulted data is kept secure and out of the hands of bad actors via a virtual air gap that is achieved through physical separation, and network and management isolation. This clean data can be recovered from the Cohesity-managed cloud vault back to the original source location - or alternate targets, including the public cloud – in support of business continuity objectives. 

“Cyber resilience is a top business priority for organisations,” said Brian Spanswick, Chief Information Security Officer, Cohesity. “Providing off-site data isolation through this SaaS offering is another way we are helping customers combat increasingly sophisticated attacks and accelerate recovery, while also enabling SecOps and compliance teams to sleep better at night.”

"With cyberattacks becoming more and more frequent and destructive, Cohesity FortKnox adds a new layer of protection to our most critical data," said Olivier Pouvesle, CTO at BRGM.

“Organisations prioritise keeping data secure, but the increasing sophistication and frequency of cybersecurity threats is making data protection not only more critical but also more difficult,” said Adrian De Luca, Director of Solution Architecture, Global Partner Strategic Development at AWS. “With Cohesity FortKnox, customers are able to utilise the scalability, security, and accessibility of AWS with Cohesity’s next-gen data management for a solution that can help protect their data from ransomware and other cybersecurity threats.”

Cohesity FortKnox is designed to help customers: 

  • Keep data safe through:
    • Secure connection via a configurable data transfer window, outside of which the data vault is locked
    • Tamper resistance with immutability, object lock to prevent changes of vault policy, and quorum that requires a minimum of two or more people to approve critical actions 
    • Operational isolation achieved with separate Cohesity-managed keys (not accessible to a rogue administrator) and separate workflows for read and write operations
    • Strict access controls including granular role-based access control, multi-factor authentication, and encryption both in-flight and at rest
    • AI-powered anomaly detection, through our Helios platform, helps identify potential indications of emerging ransomware attacks so administrators can take necessary actions to minimise proliferation and impact
  • Connect, vault, and recover — no need to shuttle tapes around, construct a do-it-yourself (DIY) data vault, build out additional storage infrastructure, or devise bespoke recovery processes.
  • In case of a ransomware attack, quickly identify a clean copy of data with confidence and rapidly recover safely to the desired location — on-premises or in the cloud. 
  • Move from a CapEx intensive to an OpEx ‘as a service’ model

“The ability of organisations to minimise the impact of a cyber attack and quickly regain operations of its core business systems is top of mind for CIOs and CISOs around the world,” said Dave Gruber, senior analyst, Enterprise Strategy Group. ”Data recovery completeness and speed sets apart those who are most prepared.  Recent ESG research tells us that isolating data offsite is a leading strategy to achieve these objectives.”

Cohesity FortKnox complements Cohesity’s Threat Defense data security architecture. This multi-layered architecture is continually enhanced to help customers stay a step ahead of cyber criminals. It brings together a range of products, services, and capabilities from Cohesity and ecosystem partners to help customers identify threats via AI and ML, protect their data, and rapidly recover in the event of a cyberattack.

Cohesity FortKnox is available globally from Cohesity and its partner ecosystem as a subscription-based SaaS offering.

Add a Comment

No messages on this article yet

Editorial: +44 (0)1892 536363
Publisher: +44 (0)208 440 0372
Subscribe FREE to the weekly E-newsletter