Clumio simplifies ransomware protection with ‘virtual air gap’

Clumio this week launched RansomProtect which it claims is the industry’s first air-gapped ransomware protection for private and public clouds and SaaS applications.

According to the cloud-backup, companies seeking a native air gap backup solution for their VMware Cloud or AWS EC2 workloads could ultimately pay more than two times what they are currently paying without air gap backup protection, when local snapshots, remote snapshots and replication costs are factored in. 

“Traditional approaches to ransomware protection are way too complex, requiring additional hardware on-premises or the need to replicate snapshots in the public cloud. The end result is weeks or months of implementation, high costs, and heavy management,” Chadd Kenney, chief technologist for Clumio, said.

Complementing this structure with RansomProtect can save customers more than 20 per cent while completely replacing their native backup system with Clumio to achieve an air-gapped backup can boost cost savings by as much as 67 per cent. 

RansomProtect has 30-day retention for VMware and VMware Cloud on AWS, AWS EC2, RDS and EBS, and Microsoft M365 data. M365 is essentially Office 365 plus extra software such as Skype for Business, SharePoint, OneDrive, Teams, Yammer, and Planner.

RansomProtect can be set up in 15 minutes or less and its features include: 

  • Immutable storage, 
  • End-to-end encryption, 
  • Multi-factor authentication 
  • “Bring your own key” option. 

Clumio says RansomProtect also meets ISO 27001, PCI, AICPA SOC, and HIPAA certification and compliance designations. 

Air gap or not?

We think Clumio is bending the meaning of “air gap”. RansomProtect does not actually include a physical air gap between the computer systems storing the backup data and the systems that sent the backup data to them. There is a network link in place. Proponents of similar public-cloud-based backup systems rely on setting a retention period for files such that they cannot be altered or deleted within a set retention period.

Thus RansomProtect supports a 30-day retention period within which, it says, the files are immutable, and so that is the equivalent of an air gap.

But as we wrote earlier this week: “Ransomware producers can mount phishing expeditions against backup administrators and steal their credentials. They can they log in and reset backup immutability retention periods from months or weeks, to hours. Next, they run a backup to its conclusion, and then delete it after the now minimal retention period.”

A Clumio spokesperson told us: “I think the Clumio team can live with virtual air gap.”

Clumio RansomProtect, with its virtual air gap, is available today.