Pure Storage® takes a different approach by focusing on ransomware mitigation and rapid recovery. We look at the whole attack process: before, during, and after an event—via a resiliency architecure and ransomware recovery SLA. Pure Professional Services can help you with up-front planning and preparation. And our Support team is always ready to help SafeMode users during and after an attack.
At each stage, SafeMode provides a powerful way for your organization to prepare, respond, and recover:
- Before: SafeMode creates immutable snapshots of your data at defined intervals. No single person or process can delete, alter, or encrypt them, even if admin credentials have been compromised.
- During: SafeMode protects immutable snapshots from the attacking software and encryption. Changing or using snapshots requires action from authorized people at both the organization being targeted and Pure Support.
- After: Pure and the affected organization work in pre-defined and authorized ways to rapidly recover the data from the stored immutable snapshots. There’s no need to pay the ransom to recover.
Our SafeMode™ feature provides the ultimate in ensuring continued access to your precious data in the event of an attack. And it also may eliminate the need to pay a ransom. The feature is included in an Evergreen Storage™ subscription, and you can enable it by contacting our Support team.
Setting Up SafeMode Snapshots
To ensure SafeMode is ready, you’ll need to configure a few settings first. These include:
- Arrays: Configure snapshot intervals and length of storage to balance capacity requirements and risk tolerance.
- Authorizations: Define the people authorized to work with Pure Support to utilize the snapshots. Connect them with Pure Support.
- Restoration: Understand and be prepared to implement the recovery process in different disaster and attack scenarios.
Like all software features from Pure, SafeMode comes included with an Evergreen Storage subscription. SafeMode is simple and easy to use and built into both FlashBlade® and FlashArray™.
Many IT teams have activated and set up SafeMode snapshots with minimal help from Pure. But some IT teams may prefer Pure’s help to ensure that everything is ready when they need it.
In any SafeMode implementation, you’ll need to establish several parameters and processes. For example, storing snapshots can lead to additional storage capacity costs. You need to balance capacity costs with risk. You must also make decisions about who is authorized to participate in the recovery process. These decisions, authorizations, and preparations require engagement and participation from several teams in your organization and Pure Support.
The SafeMode Advisory Workshop
To help you prepare, Pure Professional Services offers a short SafeMode Advisory workshop that walks you through the configurations, authorizations, and decisions your organization will need to be fully protected. This remote workshop provides a health check and assessment of up to three arrays, with extensions possible. It configures the necessary parameters and ensures that your team connects with Pure Support to establish proper authorizations and contacts.
The result: Both your IT organization and Pure can be confident that SafeMode is ready to help you recover your critical data in the event of an attack.
