In the modern enterprise data can exist in multiple physical and virtual locations, often making it challenging for organizations to secure. On Jan. 10, data security vendor DataGravity announced its new virtualization product suite that aims to help organizations secure data that is in virtualized environments.
In contrast to vendors that focus on threats coming from the network or from servers, DataGravity CEO Paula Long said that her company is taking a data-centric approach to protecting data. In Long's view, most existing data protection tools today view data as being stored on physical disks. Virtualization provides a different paradigm for data in that it can expand and contract dynamically and it can also move locations.
Long explained that with DataGravity for Virtualization, the management of data is not focused on a disk or a specific file share, rather it's attached to a Virtual Machine (VM).
"So once you put a VM under management with us, it can grow, shrink and move," Long told eWEEK.
The DataGravity for Virtualization product suite deploys a software VM into an organization's existing VMware virtualization environment. DataGravity can plug into VMware's vCenter to be aware of VMs as they move across an environment.
Simply being aware of data moving however isn't enough when it comes to securing sensitive data. Long noted that some data, whether it's for compliance or other reasons, shouldn't move.
"You need to know if you have sensitive data in the things you're moving," Long said. "So if you're moving from one cluster to another, you need to know whether you're violating any regulatory or compliance rules."
In Long's view, many organizations today are blindly moving data around, largely unaware of the potential risk of moving data to a location that would violate compliance policies. Replication of data is also an area of potential risk, if data replicas are stored in a non-compliant location. Long said that DataGravity also looks at VMs that are not powered-on by an organization.
"Some legacy data protection products care whether the VM is powered-on or not," Long said. "You'd be surprised how much of the really scary stuff is on the VMs that are not powered-on."
She added that just because a VM is not powered-on, doesn't mean a potential attacker cannot find or move the data.
A core part of the DataGravity platform is discovery of potentially sensitive information. Long explained that the first thing DataGravity does when a VM comes under management is a full scan of all the metadata.
"Since we understand the schema of a VM, we can go in and find the files within the VM," Long said. "We do full text indexing on approximately 600 different data types."
On top of the data discovery capability, DataGravity also provides activity tracking so the system knows which users and systems are reading and writing any given item of content. The DataGravity system does not actually store any of the potentially sensitive information in its own platform, rather it just tracks where the data is located.
"We're very careful not to keep sensitive data, we just know where it is," Long said.
Among the key use-cases that Long sees for the new product is helping to protect organizations against ransomware risks. Long said DataGravity is able to detect if a ransomware attack is happening and which data has changed. The system can also be used to help block a malicious user as well as helping an organization to restore data back to a stable state.
"So we can detect ransomware, we already take a data snapshot and we can help organizations to get back up and running," Long said.
Sean Michael Kerner is a senior editor at eWEEK and InternetNews.com. Follow him on Twitter @TechJournalist.