Today, Pure Storage announced the first-of-its-kind ransomware recovery SLA for Evergreen//One™, our storage-as-a-service (STaaS) offering, guaranteeing a clean storage environment following an attack. This makes Evergreen//One the only STaaS offering to guarantee delivery of clean arrays, including a recovery plan, a data transfer rate, and bundled professional services. What does this mean for you? The peace of mind that you can speed up the recovery process having a place to recover to, along with augmented staff when you need it most. 

This SLA coupled with our latest AIOps innovations is part of our broader strategy to deliver our customers a full, modern resiliency architecture—data storage and services that account for security from every angle. Prevention only goes so far, and backups aren’t always enough, or fast enough. 

“Pure’s Evergreen//One offers true Storage as-a-Service that scales alongside us to meet the demands of modern, data-driven healthcare systems. With the new ransomware recovery SLA, our ability to enable the advancement of end-to-end care management, improve patient outcomes and decrease administrative costs will be bolstered by a powerful ransomware recovery strategy.” – Kendra McCormick, Senior Manager of Infrastructure Engineering, HealthEdge

Resilience isn’t just about adding an “air gap” and hoping for the best. It’s what you’re doing to detect and protect, but also how you’ve mapped actions against every scenario and the technologies you have in place to get up and running and restore business operations. And if the worst occurs? You should have all the support you need to get back online to normal operational level as fast as possible, not just a temporary fix.

Your infrastructure should ensure business continuity with measures that cover it all: protection, detection, response, and recovery. No vendor could cover all of this—until now.

The Evergreen//One Ransomware Recovery SLA: A Guaranteed Clean Storage Environment 

When it comes to the “after” of an event, many organizations overlook a critical fact of ransomware attacks: Your existing arrays will be off-limits. That means that any affected array flagged for forensic investigation by insurance or law enforcement cannot be used and needs to be left alone. Without the data storage infrastructure to get systems back up and running, you’re stuck. 

“By utilizing Pure’s consumption model, we are able to guide clients through uncertain times while also simplifying renewals and ensuring consistent value for their investment.  With the current emphasis on sustainability, security, and scalability, Pure’s  Evergreen//One solution, which now includes a ransomware SLA guarantee, is able to meet the needs of our clients.” –Juan Orlandini, CTO, North America, Insight

Evergreen//One, an enterprise-grade storage-as-a-service subscription, offers a unique add-on service to mitigate risk with a ransomware recovery SLA that guarantees:   

  • Next business day shipping of clean recovery array(s)* 
  • 48 hours to finalize a recovery plan
  • 8 TiB/hour data transfer rate
  • Bundled services, including technical services engineering to finalize the recovery plan and an onsite professional services engineer from time of array arrival through replacement of infected array(s)
*If shipping to North America, Europe, or the UK. For Asia-Pacific, it will be 48 hours.

This critical capability bolsters what Pure Storage can offer customers during the response and recovery phases of an attack:


But that’s not all. We’ve also reinforced every stage of the resilience design lifecycle with our AIOps capabilities and additional service level agreements (SLAs)—meaning you’ve got an even better chance at detecting anomalous behavior before it becomes a threat. If an attack does happen, you can restore business operations as quickly as possible.

“In a world where ransomware attacks have become commonplace, customers are finding they are unequipped to deal with this major impact to business. What Pure Storage has put together is a way for customers to remove one of the biggest burdens during an attack, a sheer lack of storage to continue business operations. With Pure Storage creating a service to help customers with this burden is a first in the industry, and if paired with FlashRecover Powered by Cohesity’s Instant Mass Restore technology, brings the first total ransomware response strategy to the market. Pure Storage has done it again with an innovative offering for their customers to help them in their greatest time of need.” –Brian Doyle, Alliances Field CTO, Cohesity

Check it out on Digital Bytes

Pure1® AIOps: A Smarter Protection Plan for the “Before”

Perhaps the biggest challenge in preventing and detecting ransomware attacks is the “before.” It takes immense power and enormous log data sets to find that needle in the haystack—the anomaly that says “Someone is lurking on your network.” That time pocket is critical.

To help reduce the chances an attacker on your network can escalate from lurking to acting, we’ve added new AIOps features to Pure1. These next-generation capabilities fortify existing protections geared toward the “before” of attack, empowering you to fortify your multilayered strategy. 

The Pure1 AIOps platform’s new capabilities include:

1. A new Data Protection Assessment

Want to know how secure your Pure Storage array is? Our Data Protection Assessment  helps you implement Pure’s best practices for local and DR data protection in your own environment to:

  • Ensure SafeMode™ is enabled on the array
  • Maintain at least one snapshot per day with a seven-day retention
  • Check that data is replicated to another array protected by SafeMode
  • Verify at least 80% of the objects such as volumes on the array are protected

Spice up your data resiliency with Digital Bytes

2. Anomaly detection

Anomaly detection is key to being able to recover quickly after an attack. Pure1 Meta’s AIOps leverages machine learning to identify anomalous drops in data reduction ratios which could indicate that an attack occurred. This detection helps customers understand what volumes were impacted by an attack as well as identifying when the attack took place to quickly identify the ideal recovery time point for backups or snapshots.

See it in action on Digital Bytes!

3. Self-service administration and configuration of SafeMode in Pure1 

SafeMode is a customer’s last line of defense providing a safety net that prevents the manual eradication of critical snapshots. Pure Storage has implemented stringent security measures to validate requested SafeMode changes in order to prevent social engineering. Traditionally this involves multiple parties to be on the same call to authorize these changes. Pure1 will offer customers a new approach to this method allowing asynchronous and secure authorization, which reduces the need to coordinate schedules and enables them to implement changes much faster.

What Other SLAs Does Evergreen//One Offer?

With Evergreen//One, Pure owns and is responsible for all of a customer’s hardware and maintenance. The same product portfolio that customers get in traditional Pure Storage deployments also supports storage-as-a-service and is backed by concurrently guaranteed SLAs.   

Evergreen//One is committed to providing:

  • Zero planned downtime for upgrades or maintenance 
  • 99.9999% uptime guarantee
  • 25% storage capacity buffer relative to usage
  • Unrivaled storage performance aligned with service tier
  • Energy efficiency measured by maximum number of watts per TiB 
  • New! Ransomware recovery guarantee to ship clean array

See below for an overview of the Evergreen//One guarantees.


To understand SLAs better, check out these blog posts:

Read the Evergreen//One Product Guide for more information on service level agreements.