Evergreen//One STaaS Cyber Recovery and Resilience SLA: Get Clean Arrays after an Attack or Disaster

Pure Storage now has a Cyber Recovery and Resilience SLA in Evergreen//One, which guarantees a clean environment for data recovery and augmented staff when you need it most.

Ransomware SLA

7 minutes
image_pdfimage_print

Ask an information security team what they need most in the wake of a cyberattack or business disruption, and you likely won’t hear things like manuals, compliance reports, insurance, or PR teams. This is when IT teams’ nerves and best-laid plans are put to the test. What they really need is to get back online—fast.

When Pure Storage announced the first-of-its-kind ransomware recovery SLA for Evergreen//One™, our storage-as-a-service (STaaS) offering, we were able to guarantee organizations a clean storage environment following an attack. This included a full recovery plan, a data transfer rate, and bundled professional services to help during worst-case scenarios. 

At Pure Storage, we understand the importance of data integrity and availability in today’s dynamic and often unpredictable environment. That’s why we are excited to announce an expansion to this Evergreen//One service. Building on our ransomware recovery SLA, we are now introducing the Cyber Recovery and Resilience SLA, encompassing both ransomware and general disaster recovery scenarios.

What does this mean for you and your organization? Peace of mind, a clean environment for data recovery, augmented staff when you need it most, and a comprehensive cyber resiliency strategy.

Beyond the Firewall: Insights and Strategies from Leading CISOs

The Evergreen//One Cyber Recovery and Resilience SLA: A Guaranteed Clean Storage Environment

Many organizations overlook a critical fact of ransomware attacks and disaster scenarios: Your existing arrays will be off-limits. For those hit by ransomware, that means that any affected array flagged for forensic investigation by insurance or law enforcement cannot be used and needs to be left alone. And in the case of a fire or flooded data center, equipment may be destroyed entirely. Without the data storage infrastructure to get systems back up and running, you’re stuck. 

“By utilizing Pure’s consumption model, we are able to guide clients through uncertain times while also simplifying renewals and ensuring consistent value for their investment.  With the current emphasis on sustainability, security, and scalability, Pure’s Evergreen//One solution, which now includes a ransomware SLA guarantee, is able to meet the needs of our clients.” –Juan Orlandini, CTO, North America, Insight

Evergreen//One, an enterprise-grade storage-as-a-service subscription, offers a unique add-on service to mitigate risk with a cyber recovery SLA that guarantees:   

  • Next business day shipping of clean recovery array(s)* 
  • 48 hours to finalize a recovery plan
  • 8 TiB/hour data transfer rate
  • Bundled services, including a technical services engineering team to finalize the recovery plan and an onsite professional services engineer from time of array arrival through replacement of affected service infrastructure
  • Quarterly cyber resilience reports, prepared by Pure Storage and reviewed with you directly 
  • Remediation services provided by Pure Storage Security Architects if you wish to address vulnerabilities identified in the report

Pure’s Evergreen//One offers true storage as a service that scales alongside us to meet the demands of modern, data-driven healthcare systems. With the new ransomware recovery SLA, our ability to enable the advancement of end-to-end care management, improve patient outcomes, and decrease administrative costs will be bolstered by a powerful ransomware recovery strategy.” –Kendra McCormick, Senior Manager of Infrastructure Engineering, HealthEdge

*Shipment schedule: Next business day shipping of arrays to North America and EMEA. Three business days to Asia and Australia/New Zealand. Expedited shipping may be available depending on region.

Covering You before, during, and after an Attack or Disruption

The Cyber Recovery and Resilience SLA covers you after an event—but Pure Storage also has your back before and during. That means offering protection, detection, response, and recovery. 

This SLA, coupled with our latest AIOps innovations, is part of our broader strategy to deliver our customers a full, modern resiliency architecture—data storage and services that account for security from every angle. Prevention only goes so far, and backups aren’t always enough, or fast enough. 

Resilience isn’t just about adding an “air gap” and hoping for the best. It’s what you’re doing to detect and protect but also how you’ve mapped actions against every scenario and the technologies you have in place to get up and running to restore business operations. And if the worst occurs? You should have all the support you need to get back online to normal operational level as fast as possible, not just a temporary fix.

But that’s not all. We’ve also reinforced every stage of the resilience design lifecycle with our AIOps capabilities and additional service level agreements (SLAs)—meaning you’ve got an even better chance at detecting anomalous behavior before it becomes a threat. If an attack does happen, you can restore business operations as quickly as possible.

“Between the fires and cyberattacks, we realized that we needed to be ready for anything. Pure Storage has the technologies that we need to deliver superior data protection and strong recovery—no matter what the challenge.”Roger González Pérez, Deputy Director of Digital Technology, DATIC

Pure1 AIOps: A Smarter Protection Plan for the “Before”

Perhaps the biggest challenge in preventing and detecting ransomware attacks is the “before.” It takes immense power and enormous log data sets to find that needle in the haystack—the anomaly that says “someone is lurking on your network.” That time pocket is critical.

To help reduce the chances an attacker on your network can escalate from lurking to acting, we’ve enhanced and added new AIOps features to Pure1®. These next-generation capabilities bolster existing protections geared toward the “before” of attack, empowering you to fortify cybersecurity with a multilayered strategy. 

The Pure1 AIOps platform’s new capabilities include:

1. Data Protection Assessment

Want to know how secure your Pure Storage array is? Our Data Protection Assessment  helps you implement Pure Storage’s best practices for local and DR data protection in your own environment to:

  • Ensure SafeMode™ is enabled on the array
  • Maintain at least one snapshot per day with a seven-day retention
  • Check that data is replicated to another array protected by SafeMode
  • Verify at least 80% of the objects such as volumes on the array are protected

New enhancements include object-level exclusion controls to ensure lower-risk environments like “test” or “QA” don’t skew your Data Protection Assessment results. 

Spice up your data resiliency with Digital Bytes >>

2. Security Assessment 

Pure1 has also introduced a Security Assessment that scores your storage infrastructure from 0-5 to reflect your security posture across your fleet. This assessment provides deep visibility into fleet-level security risks and offers actionable insights to maximize cyber resilience and ensure compliance including:

  • End of life Purity versions in use 
  • Pending Purity optimizations, upgrades, and patches 
  • Public or open access to buckets 
  • Default passwords in use 
  • And much more 

3. Anomaly detection

Anomaly detection is key to being able to recover quickly after an attack. Pure1’s AIOps leverages machine learning to identify anomalous drops in data reduction ratios and measures performance irregularities against historical norms which could indicate that an attack occurred. This detection helps customers understand what volumes were impacted by an attack as well as identifying when the attack took place to quickly pinpoint the ideal recovery time point for backups or snapshots.

4. Self-service administration and configuration of SafeMode in Pure1 

SafeMode is a customer’s last line of defense providing a safety net that prevents the manual eradication of critical snapshots. Pure Storage has implemented stringent security measures to validate requested SafeMode changes to prevent social engineering. Traditionally this involves multiple parties being on the same call to authorize these changes. Pure1 offers customers a new approach to this method allowing asynchronous and secure authorization which reduces the need to coordinate schedules and enables them to implement changes much faster.

Beyond the Firewall: Insights and Strategies from Leading CISOs

What Other SLAs Does Evergreen//One Offer?

With Evergreen//One, Pure Storage owns and is responsible for all of a customer’s hardware and maintenance. The same product portfolio that customers get in traditional Pure Storage deployments also supports storage as a service and is backed by concurrently guaranteed SLAs.   

Evergreen//One is committed to providing:

  • Unrivaled storage performance aligned with service tier
  • 99.9999% uptime guarantee
  • Zero data loss for data durability against loss or corruption
  • 25% storage capacity buffer relative to usage
  • Zero planned downtime for upgrades or maintenance 
  • No data migrations, eliminating forklift upgrades 
  • Energy efficiency measured by maximum number of watts per TiB 
  • New! Clean array next day guarantee for ransomware, disaster recovery, and cyber resilience
  • New! Site rebalance SLA, enabling customers to adjust reserve commitments across licenses

Read the Evergreen//One Product Guide for more information on service level agreements. 

Read the press release.

Written By: