Securing Cohesity Data at Rest Encryption with Fortanix Data Security Manager
The Backup Data Security Challenge
Backup data is not only critical for business continuity, but it also acts as a last line of defense against data breaches and sophisticated ransomware attacks. Ponemon Institute report quantifies the average cost of a single ransomware attack at $5 million due to productivity loss, downtime, and information theft, while the cost of a data breach averages $8.64 million in the United States.
To reduce cybersecurity risk, organizations should encrypt backup data to avoid data loss, ensure availability and avoid regulatory penalties.
While encrypting data is easy, securing encryption keys from cybercriminals requires enter- prise key management to provide secure access control and a Hardware security module (HSM) to securely store keys.
The Fortanix Data Security Manager and Cohesity Solution
Unified Data Security
Single platform for key manage- ment and hardware security modules (HSM) to secure the Cohesity data and credentials.
Scalable HA/DR
Scale horizontally and geographically, providing automated load-balancing, fault-tolerance, disaster recovery, and high availability.
Compliance
Enterprises can store and backup private keys on-premises with Fortanix FIPS 140-2 level 3 HSM appliance to satisfy compliance requirements
Seamless Integration
Integrates with Cohesity through the KMIP interface.
Secure Credential Management
Fortanix allows enterprises to securely manage and store the credentials used to login to Cohesity appliance in an HSM.
Cohesity eliminates mass data fragmentation by consolidating data silos onto a single, easy-to-manage multicloud data platform. It hosts enterprise-class data services, including backup and recovery, file shares, object stores, DR, dev/test provisioning, and analytics. The joint Cohesity and Fortanix solution provide a unified data security platform that includes immutability, WORM, RBAC, and full enterprise key lifecycle management, a FIPS 140-2 level 3 HSM, encryption to protect backup data from ransomware and data breaches. The solution also helps avoid regulatory penalties from General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), and other privacy regulations. The Fortanix Data Security Manager integrates seamlessly with Cohesity to secures data across multiple public clouds, hybrid, and on-premises environments.
The Fortanix and Cohesity joint solution provides critical layers of defense including:
Enterprise Key Management
Fortanix secures cryptographic keys, protecting backup data whether it is in the cloud or on-premises. With an intuitive web-based interface, businesses can now manage all the data keys from a single centralized platform.
Complete Security for Data and Keys
Fortanix provides end-to-end security for keys and data (at-rest, in-transit, and in-use) protected with a FIPS 140-2 Level 3 HSM and layers of defense including Fortanix Runtime Encryption® technology.
Verifiable Audit and Access Control for Compliance
Fortanix enforces policies that protect against unauthorized access and provides secure, comprehensive, tamper proof audit logs that meet compliance requirements.
About Cohesity
Cohesity consolidates data and applications, including backups, files, objects, dev/test, and analytics on a single, multicloud platform.
Inspired by web-scale architecture, the platform is a scale- out solution based on a unique distributed file system, SpanFS®. The platform ensures seamless and rapid data and application mobility with leading public cloud providers, including Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform. Built to support an API-first approach, it integrates with leading automation solutions and custom business scripts to increase operational efficiency. Learn more at cohesity.com.
About Fortanix Data Security Manager (DSM)
Fortanix Data Security Manager is a unified data security platform that includes key management and HSM that can be delivered as a hardened appliance, SaaS service, or software running on public cloud infrastructure. The Fortanix solution offers central management, tamper-proof logging, rich access control, REST APIs and cloud scalability. Organizations use Fortanix Data Security Manager to secure their sensitive data across public, hybrid, multi cloud and private cloud ― all while drastically reducing integration cost and complexity. Learn more at https://fortanix.com/products/dsm/.
