Cohesity Announces Strategic Collaboration with AWS to Deliver Comprehensive Data Management as a Service

Cohesity today announced that it has formed a strategic collaboration with Amazon Web Services (AWS) to address the growing customer need for data management that is flexible, available, scalable, and reliable. Together, both companies are bringing to market a modern Data Management as a Service (DMaaS) offering unlike any other on the market today.

The DMaaS solution is designed to provide enterprise and mid-size customers with a radically simple way to back up, secure, govern, and analyze their data, all managed directly by Cohesity and hosted on AWS.

As data continues to grow exponentially, many organizations are looking to manage data in ways that allow their IT teams to focus on policy versus infrastructure, provide consumption-based pricing, accelerate the move to the cloud, make it easy to derive value from data, remove data infrastructure silos, and support multiple use cases — including data backup and archiving, disaster recovery, file and object services, copy data management, and analytics.

“AWS is delighted to establish a strategic collaboration with Cohesity as we share common goals — helping customers lower costs, become more agile, innovate faster, and do more with data,” said Doug Yeum, Head of Worldwide Channels and Alliances, Amazon Web Services, Inc. “Working with Cohesity, we are charting a new course in how data is managed in an as a service model, leveraging disruptive, modern data management capabilities from Cohesity, and industry-leading cloud services from AWS.”

As part of the strategic collaboration, Cohesity and the AWS Partner Network (APN) are investing in resources to design the DMaaS solution on AWS and to engage in joint go-to-market activities. Additionally, Amazon has made an equity investment in Cohesity.

“This collaboration between Cohesity and AWS shows a continued commitment to bringing data management solutions to enterprise and mid-size customers that provide unmatched simplicity, flexibility, and reduced total cost of ownership,” said Mohit Aron, CEO and Founder, Cohesity. “Cohesity and AWS are also focused on helping customers derive value from data. Through AWS, customers can access a wealth of AWS services, including Amazon Macie, to help customers meet compliance needs, and Amazon Redshift for analytics. We are thrilled to collaborate with AWS and look forward to ushering in a new era in data management for customers globally.”

“The DMaaS solution from Cohesity and AWS is a significant improvement over what’s available on the market today,” said Michael Graff, Senior Manager, IT Architecture, Dolby Laboratories. “I’ve been using Cohesity and AWS for years and both have brought amazing value to our organization. Now, I’m even more excited about a comprehensive DMaaS solution that can provide even greater simplicity, choice, and flexibility from best-of-breed cloud and data management providers.”

Cohesity Helios: The Foundation for Data Management as a Service

The foundation for this new DMaaS solution is Cohesity Helios, a proven SaaS-based data platform that currently serves more than 1,500 customers. Today, Helios empowers customers to see, manage, and act on their data globally across environments which they manage. Moving forward, customers will also have the option to use Helios to do the same for data that resides in a Cohesity-managed environment. Through this offering, customers will be able to benefit from:

●       A unique, comprehensive set of data management services: Within the DMaaS solution,customers will be able to subscribe to discrete data management offerings addressing a widerange of use cases — all from one provider. Accessing each of these capabilities through Cohesity — versus selecting one provider for backup, another for disaster recovery, and yet others for file and object services, copy data management, data security and governance — reduces infrastructure silos and addresses mass data fragmentation.

●       Advanced security and ransomware detection: Helios currently analyzes over 400,000 events daily and uses machine learning (ML) to detect anomalies that could signal a ransomware attack in progress. DMaaS customers can use these capabilities to detect, respond, and rapidly recover from such an attack.

●       Data management made simple: Customers will have the ability to easily and seamlessly manage their existing on-premises and cloud environments, as well as the policies for their data in the new Cohesity-managed environment all through Cohesity Helios. 

●       A shift to predictability and simplicity: Consumption-based pricing provides cost predictability and eliminates over-provisioning. The DMaaS solution also removes equipment procurement headaches and reduces operating expenses and administrative overhead.

●       Sophisticated cloud-based services that derive additional value from data: Once on AWS, customers can also easily take advantage of cloud-based services provided by AWS. Customers can use these services to help ensure compliance, enhance security, and extract additional insights and business intelligence through ML and analytics.

Providing Greater Choice for Today’s Modern Businesses

The DMaaS solution builds on Cohesity’s existing data management offerings that, according to a recent Forrester Consulting study entitled “The Total Economic Impact™ Of Cohesity,” enabled customers to realize a 66 percent reduction of backup and data management costs, save thousands of hours on planned downtime work, and realize a three-year return on investment of 150 percent.*

With DMaaS, Cohesity is now providing customers with an even broader set of options to choose from when managing their data. Customers can manage data infrastructure themselves — in the data center, at the edge, or in the cloud. They can also utilize this DMaaS solution where associated infrastructure is managed for them, or they can use a hybrid combination of both.

“Most customers prefer choice in how their data is managed,” said Graff from Dolby. “With some vendors you are forced to choose either-or, but with Cohesity, you have the flexibility to manage data your way.”

The first offer that will be made available to organizations as part of this DMaaS solution is Cohesity DataProtect delivered as a service. This Backup as a Service (BaaS) offering is currently in early access preview with general availability planned by the end of the year. Customers interested in getting early access can join the interest list here. Other DMaaS offers addressing additional data management needs will follow in the coming quarters.

For more information

  • Join the wait list for early access to our Backup as a Service offering
  • Watch the webcast “Modern Data Management for the Cloud Era” for more details from Cohesity and AWS on the DMaaS Solution
  • Read the Forrester Consulting study entitled “The Total Economic Impact™ Of Cohesity”

*Source: Data points delivered in the commissioned study, The Total Economic Impact™ Of Cohesity, conducted by Forrester Consulting, August, 2020.

Building a Human Firewall to Address Insider Threats

By Renée Tarun – Deputy CISO and Vice President Information Security at Fortinet

During the first half of 2020, the FortiGuard Labs team found that evolving work environments and a greater reliance on personal devices presented new opportunities for cyber criminals to exploit enterprise networks. One method that threat actors have heavily relied on as of late is the creation of legitimate-looking phishing emails that can be used to tailor and launch attacks with ease. While this is not a new tactic by any means, these types of social engineering attacks have only grown more sophisticated and damaging as employees continue to work remotely and remain isolated from their teams. 

The Need to Mitigate Insider Threat Risk

Whether they know it or not, employees can pose a significant risk to the security of enterprise networks and the data they hold. Considering that 68% of organizations feel moderate to extremely vulnerable to insider attacks, as noted in a recent study, it’s clear just how significant this issue is. In addition to those that are considered malicious insiders, these threats can also be attributed to the group known as the “accidental insiders.” According to this same study, security teams view falling victim to phishing attacks (38%) as the top cause for accidental insider threats, followed by spear phishing (21%), poor passwords (16%), and browsing of suspicious websites (7%). In other words, opening the door for cyber criminals can be as simple as clicking on a link or downloading a file without taking the time to determine whether or not it is legitimate.   

Careless and negligent behaviors can have a lasting effect on organizations, especially in the case of a data breach. And with more employees working from home, unable to walk over to a coworker’s desk to get their thoughts on a suspicious-looking email, these individuals are more likely to be susceptible to social engineering attacks. With this in mind, it is more important than ever that CISOs prioritize their employees’ cybersecurity awareness to help them understand the role they play in keeping networks secure, and reducing the insider threat risk.  

Creating a Human Firewall Through a Culture of Security

Considering employees can be the best line of defense, it is crucial that CISOs protect their organizations by including employee education and awareness in their cybersecurity strategy. By embracing this technique, leaders can ensure the workforce is prepared to face the various threats. 

Regardless of job titles or roles, all employees should understand the repercussions of a security event and how it could affect the organization and them personally. The importance of this enterprise-wide strategic approach was highlighted in a 2019 Forbes Insights survey of over 200 CISOs. When asked which security initiatives they plan to prioritize in terms of funding over the next five years, 16% of respondents noted the creation of a culture of security. 

While this is a step in the right direction, establishing a baseline for good cyber hygiene must begin with CISOs helping their employees take cybersecurity seriously. This can be achieved in the following ways:

Prioritize Cyber Awareness Training 

Social engineering attacks are extremely prevalent across organizations simply because they work. In fact, Verizon’s 2019 Data Breach Investigations Report (DBIR) found that approximately one-third of all data breaches involved phishing in one way or another. To combat this risk, CISOs must educate their employees about common attacks that could appear in the form of phishing, spear phishing, smishing, or other tech support scams. Whether these lessons are provided through online meeting spaces, video chat, or email, they should be prioritized. Understanding these threats and their associated red flags will be critical in helping employees avoid falling victim to fake emails or malicious websites.

In addition to teaching about common indicators of cyber scams (i.e., the promotion of “free” deals), these training offerings should also feature simulated phishing exercises designed to test knowledge and determine which employees might need more assistance. Through tactics such as these, employees will be better equipped to know when they are the target of a social engineering attack and can, therefore, act accordingly. Fortinet’s NSE Training Institute offers a free Information Security Awareness training service to educate employees about the increasing risks of cyberattacks and how to identify threats. 

Create a Partnership Between the Security Team and Other Departments

Cybersecurity cannot fall on the shoulders of the security and IT teams alone, especially as cyber threats continue to grow more sophisticated and challenging to detect. In addition to ensuring that employees can identify phishing attacks, leaders should also encourage collaboration between the security team and other departments. This means helping both sides understand expectations. While the security team will be the expert in terms of determining the risk and threats, other departments will be critical in helping to develop user-friendly policies that are easy to follow both in the office and in remote work environments, even for those who are not entirely cyber aware. 

Through collaborative efforts, CISOs can ensure that all individuals across the organization are not only aware of security policies but also understand the impact their actions can have on the organization as a whole. Helping employees understand safe cybersecurity practices and the ramifications their actions can have should lead to improvements in how these individuals respond when confronted with a suspicious email or website, even while working from home.  

When employees know what is expected and feel like they are a part of the team, they are more encouraged to follow best practices and help chip away at the behaviors that cause accidental insider issues, such as forgetting to change default passwords or neglecting to use strong passwords. And as more employees follow suit, the human firewall acting as the first line of defense to the organization will only grow stronger. 

Establish Straightforward Best Practices

Even once employees are made aware of what to look for in the case of a social engineering attack, they may still need some guidance when it comes to next steps. While it is easy to ignore or delete a suspicious-looking email, what about those that appear normal that the receiver is still unsure about? In this scenario, CISOs should encourage employees to ask themselves certain questions to help make the right judgment call: Do I know the sender? Was I expecting this email? Is this email invoking a strong emotion like excitement or fear? Am I being told to act with urgency?

While these questions should help clear up any confusion in regards to whether the email is malicious, the receiver should still take extra steps to protect themselves and their organization. This includes hovering over links to see if they are legitimate before clicking, not opening unexpected attachments, calling the sender to verify they actually sent the email, and reporting all suspicious emails to the IT or security team. By explaining these steps to their employees from the beginning, CISOs can avoid negative repercussions down the line.

Final Thoughts on Insider Threats

The ability to be cyber aware is a critical piece of the puzzle when it comes to keeping organizations secure. Whether employees realize it or not, their actions could open the door for cyber criminals to access sensitive information, meaning passivity towards security is no longer acceptable. 

By prioritizing training and collaboration between departments and the security team, CISOs can lay the groundwork for a strong culture of security. Identifying suspicious behaviors, keeping devices up to date, and practicing safe cyber behavior should be built into the fabric of all job roles to ensure that the human firewall continues to stand firm.

The Edge Opportunity is Real, Yet Organizations in UAE Cite Hurdles to Unlocking Its Full Potential

The ability of organizations to realize business value from data increasingly depends on their capacity to collect, process, store and analyze it at the Edge, new research from Aruba, a Hewlett Packard Enterprise company, suggests.

As networks become increasingly congested with huge volumes of data generated from user and IoT devices, IT leaders are recognizing that analyzing real-time data nearer to the Edge yields greater efficiencies and insights, which results in improved business outcomes. According to the UAE results of a global study of 2,400 IT decision-makers (ITDMs), 61% of UAE enterprises are already actively using Edge technologies to deliver new outcomes, with another 14% planning to do so in the next year. There is also a growing recognition (86%) of the urgency around the need to implement integrated systems to handle data at the Edge.  

“This research suggests that the vast majority of IT leaders are already embracing the Edge or are preparing to,” said Jacob Chacko, Regional Business Head – Middle East, Saudi & South Africa (MESA) at HPE Aruba. “Developing an Edge strategy against the backdrop of existing cloud implementations is becoming a necessity as the number of connected devices increases and it becomes impractical to transfer vast volumes of data to a cloud or data center environment, especially as organizations undergo digital transformation to advance their business objectives and address customer needs.”

The survey findings form part of a report entitled, “At the Edge of Change: Navigating the New Data Era,” that assesses the implications of the shift in data processing from cloud to Edge, how ITDMs are responding to this trend, the opportunities the Edge presents for a number of major industries and the critical role networking plays in this transformation. Key findings reveal:

Organizations are Drowning in Data, Yet See the Edge as a Solution

The benefits of Edge technologies are becoming increasingly important as ITDMs grapple with the growing amounts of data generated within their networks and look towards the cost and latency advantages of storing and processing it at the Edge.

  • 47% of ITDMs in UAE said that “there is too much data for our systems to handle” and 43% stated that “we cannot process the data quickly enough to take action.”
  • Over a third also highlighted problems with complying with data regulation (37%) and an inability to integrate so many different data formats (33%). Other challenges included lack of budget to analyze the data/build and deploy analytical models (28%) and poor quality of data (26%)
  • Over half (52%) of ITDMs in UAE recognize “improved collaboration and workflow activities between IT and other business units” as a result of optimizing machine learning and Artificial Intelligence (AI) on their networks.

Boosting Efficiency and Creating New Experiences Ranked at the Top

ITDMs cite a variety of benefits from capturing and analyzing data at the Edge, from operational efficiencies to the opportunity to create new products, services and revenue streams.  

  • 58% of ITDMs in UAE highlighted “improving operational efficiency and costs” as one of the biggest benefits of capturing and acting upon data from user devices and 50% cited “increase in security”.
  • In parallel, 46% of respondents in the country believe the data increases workforce productivity, 44% cited the opportunity to create “new differentiated products, services, revenue streams and business models” and 43% said it optimized maintenance costs and scheduling.
  • Across EMEA, ITDMs are focused on utilizing the Edge to improve safety, visibility and the customer experience. By sector, the most popular Edge use cases were tracking and monitoring individual items through the supply chain in retail (51%), the use of facial recognition in the hotels/hospitality industry (49%) and improving healthcare providers’ experience with always on tools and applications (49%).

Concerns Over Cost, Skills and Security Abound

While ITDMs show a growing interest in processing and analyzing data at the Edge, they are also concerned about various barriers to adoption.

  • 42% of ITDMs in UAE pointed business acceptance of autonomous decision making by Edge devices as the top concern. Notably, the overwhelming majority (96%) think they are missing at least some skills needed to help their organization unlock the value of data.
  • AI and Machine Learning skills (46%), risk management/information security skills (42%) and analytical skills (40%) ranked highest in terms of areas of expertise that companies are lacking.
  • Overall, there were mixed feelings about the security implications of the Edge. While 66% of ITDMs in UAE said that connecting IoT or user devices at the Edge had made or would make their businesses more vulnerable, 68% identified improvement of operational efficiency and costs as one of the biggest benefits of capturing data from user devices.

Bridging Edge to Cloud

As businesses continue to increase their dependence upon data, it is critical that it is analyzed and processed at the source of collection reliably and securely. Traditional network architectures and operational processes built to support the cloud and mobility era need to adapt to these new requirements.

As organizations move ahead to build an Edge infrastructure, there are a few key concepts to keep in mind for a successful implementation:

  • Unify – The Edge incorporates all network domains including wired, wireless and SD-WAN; and all locations including Campus, Branch, Data Center and Remote Worker environments. Network operations teams should only consider solutions that can manage all domains and locations from a cloud-native, single pane of glass that can centralize and correlate all cross-domain events and operations.
  • Automate – Network uptime and performance are critical at the Edge. Network operations teams should only consider solutions that provide reliable, highly accurate and specific AI-powered insights, and automation that can resolve issues more quickly, before they impact the business or users.
  • Protect – The proliferation of IoT devices generating the data that fuels new business outcomes also presents new security challenges. Network operations teams should consider solutions that use AI to detect, classify and continuously monitor these devices and work seamlessly with access control solutions to automatically place devices in centralized policies that ensure they remain secure and only communicate with predetermined resources.

“Harnessing insights at the Edge is an opportunity for enterprises to revolutionize their approach to data and unlock its value as a business asset,” concludes Chacko. “Organizations that can process, store and analyze data at the Edge will be able to use that data first to optimize their existing business model, and over time, will develop innovative products, services and experiences that will not only augment, but transform their offerings for customers and employees.”

To find more about Aruba’s flexible IT solutions go to: https://www.arubanetworks.com/solutions/technology-solutions/