Commvault has added scanning and advising Security IQ functions to all its Metallic data protection as-a-service products.
Ask a locksmith how to secure your house and you’ll be told to buy more locks. Ask a data protector how to secure your data and you’ll be told to backup more files and secure them better. Quelle surprise as the French might say. It’s like having automated lead generation embedded in a customer’s IT environment. Still, having ongoing watchful security audits is much better than nothing.
Manoj Nair, Metallic GM, provided the announcement statement: “It’s the sad truth that too many companies hit by ransomware aren’t prepared. With our multi-layered approach to ransomware protection and secure separation of data from customers’ own environments, we help Metallic users to further identify threats as early as possible so they can recover quickly, minimising their data loss risk.”
An unattributed Commvault blog indicates that, with Security IQ “seamlessly integrated across the entire Metallic portfolio, IT admins can spot risks and vulnerabilities in real-time, limit exposure to cyberthreats at scale, and successfully exceed data recovery objectives.”
Security IQ provides:
- Security posture scoring of the backup environment by evaluating native controls and parameters actively enabled. This guides users to recommended areas of improvement to continuously bolster security stature of Metallic environments.
- Cataloguing of abnormal conditions and behaviours on data (such as anomalous root size changes, suspicious files, failed login attempts, offline clients and more), offering insight into unwarranted changes which can adversely impact backup data.
- Monitoring and tracking anomalous trends in real-time, delivering detailed information on ‘suspect’ data types, providing users with visual guidance on suggested pre-ransomware recovery points.
- Audits that provide visibility into potential ransomware activity and unauthorised changes to configurations, restores, and user logins.
- Honeypots to lure and deflect ransomware attempts on file systems and endpoints.
- A single dashboard across all Metallic services, with actionable insights for multiple Metallic backup environments.
It would be good to have independent audits of the effectiveness of suppliers’ anti-ransomware measures. That would enable customers to make intelligent and more objective choices.