Understanding Nasuni’s new ransomware protection service on Google Cloud
Sean Derrington
Group Product Manager, Storage
Bobby Silva
Global Alliances Director, Nasuni
Open ecosystems and collaborative partnerships matter, particularly with cloud infrastructure solutions. Google Cloud maintains a robust partner ecosystem that encourages companies like file-data-services provider Nasuni to create innovative solutions that run on its infrastructure. Partners can leverage what Google Cloud has built and advanced over many years to offer new, exciting capabilities for its customers. Nasuni's new Ransomware Protection add-on service to its Nasuni for Google Cloud offering is an example.
At its core, the Nasuni File Data Platform can help organizations shift capacity off local file storage hardware and into cost-effective object storage. The technology caches files locally for fast access, offers continuous data protection that eliminates backup, and enables efficient global collaboration between locations.
Protection and recovery
Ransomware protection and recovery have been part of the Nasuni platform for years, and are the basis for the new ransomware protection add-on service. The solution stems from a Continuous File Versioning approach to data protection, and protects an exabyte-scale number of files as immutable objects in Google's Cloud Storage, enabling RPOs and RTOs measured in minutes. When paired with Google Cloud Storage’s inherent 11 nines durability, the result is a highly dependable form of file-data protection. In all probability, a customer would have to wait 100 years before losing a single one of a billion objects.
If a ransomware attack occurs, Nasuni for Google Cloud customers can simply roll the file system back to previous, unencrypted versions — with the immutable objects stored securely in Google. As a result, customers running Nasuni on Google Cloud can recover a single file, folder, or even an entire volume in seconds or minutes, rather than hours or days. Our joint customers rest easy knowing they can recover their files and get their business back up and running should the worst happen.
"Nasuni continues to improve and add value to their product. With the latest Nasuni release we have enhanced our business resiliency strategy by enabling the ability to detect, alert and respond to ransomware attacks, as well as rapidly recover from any possible data encryption.” - Brian Erickson, IT Implementation and Acquisition Leader at APi Group, Inc.
Observability, detection and response
The new Ransomware Protection service adds to that comfort. Managing storage and data protection is important, but organizations want a higher level of observability as well. Customers with a global footprint need visibility into all their sites and locations. They need to be able to monitor everything at a global and granular level, too. The Nasuni Management Console offers this for storage and other file data services, and now the Management Console is extending this visibility to ransomware detection.
Any good ransomware preparedness strategy needs to account for prevention, detection, response, and recovery. Nasuni’s customers have made it clear that the ability to protect against and recover from a ransomware attack was appreciated, but they wanted more. Ideally, organizations want that added level of observability — the ability to detect and pinpoint attacks before the damage spreads too far. The sooner you can identify and quarantine an attack, the better.
Simplicity and speed
After listening to its customers, Nasuni prioritized and developed its new Ransomware Protection add-on service, which both accelerates and simplifies recoveries. The features include:
Real-time edge detection of suspicious incoming file patterns (e.g., change in typical read/write patterns) across all locations
Up-to-date intelligence on the latest ransomware variants; Nasuni maintains and frequently updates a library of malware file extensions
Detailed alerts that are dispatched once the service detects suspicious patterns
Mitigation policies that can be tuned and defined to automatically contain attacks and prevent their spread
Notifications that identify all impacted files and users associated with an attack and their source IP addresses
Incident reports that detail the source, scope, and timeline of the attack
Ultimately, Nasuni’s Ransomware Protection add-on service makes it easier for organizations to recover quickly from these potentially devastating attacks. One of the reasons is that it pinpoints every impacted file. Once these files are flagged and quarantined, IT can use Nasuni’s rapid recovery capabilities to point back to the last clean version of each file and return access to users with a few simple clicks.
If you don’t know exactly when and where an attack has happened — or precisely which files were impacted — simply assessing the damage can take hours, days, or weeks. Nasuni’s Ransomware Protection add-on service accelerates that timeline, allowing IT to start remediation and recovery immediately.
A typical Nasuni recovery takes less than an hour from the moment the attack is detected to the resumption of normal business activities. The process is simple, too, as it’s all conveniently managed from a unified console, without complex third-party tools.
Finally, while the service depends on Google Cloud Storage’s inherent durability and builds on Google’s strengths, it also offers Nasuni customers running on Google Cloud an innovative and potentially impactful way to protect against ransomware that isn’t native to the cloud itself. This is precisely the sort of innovative add-on service that Google looks for from its partners, and Nasuni and Google both hope that more of our joint customers will benefit from the service in the years ahead. Learn more about Nasuni’s Google Cloud offering and ransomware protection.