In October 2020, cybercriminals managed to gain access to the systems of the Sky Lakes Medical Center in Klamath Falls, Oregon, with a ransomware attack. It was potentially disastrous for the non-profit hospital, a 176-bed facility that serves around 80,000 people.
The hackers had gained access to some 650 servers and 100 applications, crippling the hospital’s digital infrastructure and putting patients’ lives at risk. The cybercriminals had managed to encrypt multiple systems, including vital medical records for cancer patients. However, the hospital never had to pay a penny. It is a customer of Cohesity, a next-gen data management company that offers comprehensive security built into its solutions.
“They say that we literally saved human lives,” says Mohit Aron, Cohesity’s Founder and CEO.
Cohesity, which Mohit founded in 2013 and which launched in 2015, is able to offer a wide range of scalable data management solutions to its customers, which are supported by key partnerships with major, long-established companies. One of these important partners is India’s Tata Consultancy Services (TCS), the largest IT service company in the world by market capitalization.
“With TCS, we are able to jointly help customers accelerate their digital transformation,” Mohit says. “We bring them from a world where they had their data massively fragmented, sitting in little silos. We bring it together on one massively scalable platform that spans their multi-cloud infrastructure, and now they can manage it all.”
Security and ransomware are becoming really important. It’s definitely one of the boardroom discussions that’s happening out there.
Raman Venkatraman, Senior Vice President and Global Head for TCS’s HiTech & Professional Services Industry Unit, says that bringing about this shift for enterprises must be done in harmony with the customer’s needs. “We are not doing the transformation just because any technology is superior, and it is also not about ‘rebuild and replace’,” he says.
“Our fundamental goal is to create systems in a way in which we can add new systems during the disruption. So we want a transformation that achieves results, but not too much of a disruption either in process or technology. We at TCS believe that it is not a single transformation; it is a journey towards multiple phases of transformations.”
As the attack on Sky Lakes shows, it is vital for customers that security be more than an afterthought in their digital transformation. In fact, this is something that executives across many industries keep at the front of their minds, Mohit says: “Security and ransomware are becoming more important by the day. It’s definitely one of the significant boardroom discussions that’s taking place. Every CIO wants to be protected from a ransomware attack now, and that’s definitely helping our data management business.”
Threat defence framework
Many firms adopt a zero-trust approach for their digital security architecture, which aims to protect systems by eliminating the concept of trust so that a hacker cannot move around freely once they infiltrate one area of the network. Cohesity, which has approximately 1,700 employees, has built upon that approach with a concept that offers even more protection.
“What Cohesity has done actually goes above and beyond a zero-trust framework,” Mohit says. “We have what we call a Threat Defence architecture for addressing it. This entails a three-pronged approach, in which the first prong is protection. What are the guardrails that we put in place?
“Along that axis, we have built an immutable data layer. When you back up the data that’s immutable, you can’t come and rewrite or delete it, and any new backups are going to be written separately. Then we provide more guardrails. We provide role-based access control. We provide multifactor authentication. We provide data at rest encryption.”
Cohesity also provides data lock, which adds an extra layer of protection even in the event that a hacker does get access to a network. “Let’s say for some reason the hacker is able to access the system,” Mohit says. “They can’t go to the admin console and start deleting files if you have a data lock on it. It’ll get deleted at the schedule that the customer has set for it.”
We at TCS believe that it is not a single transformation; it is a journey towards multiple phases of transformations.
All of these basic guardrails, which are referred to by the company as the axis of protection, form only the first prong of the three-pronged approach that Cohesity follows as the standard for all of its customers. The second prong is detection, which kicks into gear when the basic guardrails are not sufficient and cybercriminals manage to penetrate the defences and cause some damage.
“Usually, what happens is they will infect things like files and applications outside Cohesity, and then the backups that are being done, the later backups, are actually infected,” Mohit says. “The earlier backups are immutable, they’re safe, but the newer ones might be infected.”
To prevent that from happening, Cohesity has machine learning algorithms that run constantly inside its clients’ systems and are designed to help detect anomalous behaviour, giving the customer an early warning to tell them they are prone to a ransomware or malware attack.
The third part of the three-pronged approach is what Cohesity calls the axis of response with the company’s security systems having built-in architectural features to quickly respond to or recover from a ransomware attack.
“Our systems are designed so that we can inform the customer that, say, their backups are infected but can also say, ‘Here are the ones that are not infected, based on our machine learning algorithms,” Mohit says. “Then the customer can start the recovery, and we have various aspects of what we call instant mass recovery. So, in very short order, a virtual machine will go up and run on the customer’s production environment. Right away, the background, the data will be served by Cohesity temporarily as it’s being migrated to the customer’s environment.”
Apple-like manageability
Key to Cohesity’s success is a commitment to fulfilling all the requirements needed to offer truly next-gen data management, which saves time and energy and costs for customers transitioning from older systems.
“Let’s look at legacy infrastructure,” Mohit says. “First and foremost, it’s very complex and expensive. There are multiple silos all over the place. Everything has to be managed separately. It’s a huge time sink for our customers, and they have an army of IT teams managing it. This actually results in a significantly high total cost of ownership by having all those clunky pieces connected to each other and keeping copies of your data, and frankly, you can’t even use all of it all the time.”
Raman says the switch to digital-only channels during the COVID-19 pandemic has helped accelerate a shift toward more agile systems. “When you look at large enterprises, the existing architectures that are there are all single, monolith systems that have been built over a period of time,” he says.
“That is a problem even just in terms of agility, but COVID has meant that you will need to respond faster; you need to look at data in a different way and experience all of those things that are there. Existing architectures are not able to do that.”
We are figuring out problems before the customer even realises there are problems.
With legacy systems, there may be multiple data silos where data is kept and often used for different purposes – say a silo for back up, or a silo for development and testing, or perhaps another silo for analytics. Often, customers will try to stitch together a host of products to manage each one of these silos. But, managing that complexity can be very costly and overwhelming, especially if you have multiple products for each silo.
For those reasons, one thing that is key for next-gen data management is simplicity at scale. Cohesity has developed a data platform that spans a customer’s vast infrastructure environment; from the data centre, to the edge, to the public cloud. “Our platform has Google-like scalability and Apple-like manageability,” Mohit says.
One example of this impressive functionality is backups, something that was highly important for Sky Lakes Medical Center. When a firm fills up one silo of a backup from a legacy vendor, it has to build another silo, and then another when the next is full, even if it’s from the same vendor. Eventually, the customer has large numbers of silos sitting in its infrastructure, all doing the same thing. And yet, the customer is unable to manage them with a single user interface.
With Cohesity, it’s a different story. “You should be able to manage your whole multi-cloud environment using just one platform and user interface,” Mohit says. “There are no silos. Things just happen behind the scenes. That’s what simplicity at scale is all about.”
Mohit has plenty of experience with building large-scale systems. Before Cohesity, Mohit co-founded the Delaware-based cloud computing company Nutanix, which is now valued at around US$9 billion and has more than 6,000 employees.
He also spent five years working at Google, helping to build the Google File System, a web-scale system that houses all of the data the company has, whether it is gathered by the company crawling the web or given to the company through its services like Gmail and YouTube. “I learned how to build web-scale systems at Google, and that’s what I brought to building companies like Nutanix and Cohesity,” he says.
Partners and customers today are asking for more on data management. They are looking for a digital transformation.
With Cohesity, it is the versatility of the platform and its scalability that helps to deliver an ideal formula for TCS, Raman says. “If you have a fantastic data management platform, it also needs to look at great amounts of data that are coming in and still be able to manage the different formats of data that are going to be there,” he says.
“So it is fundamental that the architecture we are laying things on is extremely scalable and can handle huge types of data that are going to come in the future. That’s the reason we believe in the platform.”
Mohit sometimes likes to draw an analogy between what Cohesity does and what the “hyper-scalers” have done. The likes of Google and Amazon Web Services have built massive platforms behind the scenes and now host multiple apps and services on those platforms. Just as Google started by hosting search, then went on to host Gmail, YouTube and Google Maps, Cohesity starts by offering enterprises one thing on its platform and then keeps offering them more.
“We tend to bring a similar transformation to our customers because they get access to this multi-cloud environment,” Mohit says. “They start by maybe using one service, perhaps it’s enterprise backups, but then they go on to do so much more.
“They can use it as a filer, a massively scalable place to put their files and objects. They can use it for doing test and development. They can use it for analytics. It really accelerates that digital transformation that they are looking for.”
Making systems intelligent
Another key part of next-gen data management – the second pillar – is security, which Cohesity excels at even according to next-gen standards, which require a zero-trust approach. “Security is an integral part of next-gen data management. A lot of the legacy vendors offer no protection or very little protection against security attacks,” Mohit says.
The next issue that next-gen platforms must address is the fact that legacy infrastructure is highly unintelligent, meaning companies’ IT teams have to manage every aspect of a system’s operations without any assistance or forewarning of upcoming issues. It is essentially a manual task to manage any problems, requiring IT workers to look at dashboards themselves to figure out what went wrong.
The answer is to use artificial intelligence. “Next-gen data management is all about AI,” Mohit says. “The AI built into our platform helps make smart decisions. We are often figuring out problems before the customer even realises there are problems. Even before a customer has realised they’ve been hit by a ransomware attack, at times we can recognise that. Without having admins constantly pouring over dashboards to figure out what’s wrong, the infrastructure is automatically doing stuff, automatically healing itself or moving stuff around.
“Legacy products have little or no AI or machine learning built in, and you have to do everything manually. Their program can just do one thing. They can’t learn anything. They can’t adjust. They can’t figure things out or make any smart decisions.”
It is not about what we are getting from a partner or what the partner gets from us. It’s about what we as a partnership are going to deliver to the customer.
Another feature of legacy infrastructure is that it is closed. “You buy it from a vendor, and that’s it. They are designed to just run that single, siloed function that they were built for,” Mohit says.
That means if you buy a legacy backup product, all it can do is create backups and nothing more. The way such products are built makes them difficult to extend or upgrade to do more, which leads to fragmentation as more and more silos are built for new functions. “As you build more silos, you also end up proliferating your data,” Mohit says. “Every one of these silos is probably keeping unnecessary copies of the same data.”
Next-gen data management dodges these issues with what is known as third-party extensibility, which allows a platform to do multiple things at once. “When Cohesity sells our platform, it’s not a one-trick pony. You may use it to start with for doing enterprise backups, but it can also be used as a filer,” Mohit says. “It can also be used to keep your objects, or to do some tests and development. You can also use it for analytics.”
On top of that, Cohesity has a marketplace not unlike an app store on a smartphone, allowing its customers to extend the power of the platform with, for instance, an app that can anonymise data, which could be useful for compliance purposes.
“You can back up your data and clone it using our technology and then anonymise it using an app from a third-party vendor, and then give that anonymised data to the developers for testing,” Mohit says.
“Simplicity at scale, zero-trust security principles, AI powered insights and third-party extensibility – in my mind, any vendor who wants to call themselves next-gen in data management needs to enable these four pillars,” Mohit says. “If you don’t comply with these four pillars, then unfortunately you are not next-gen yet.”
Choice and flexibility
Another way Cohesity offers greater flexibility to its customers is with its Data-Management-as-a-Service (DMaaS) portfolio of Software-as-a-Service (SaaS) offerings, which are designed to allow companies to easily back up, recover, secure, govern, and analyze their data – all managed directly by Cohesity and hosted on AWS. Through DMaaS, the customer can further simplify data management, enjoy even greater cost predictability, and derive greater value from data.
The platform can also be used in collaboration with whatever system the customer has, allowing them to combine everything and manage it all using a single user interface. “We believe in giving choice to our customers and letting them manage the data as they see fit,” Mohit says. “They can manage it themselves by buying our software, or they can manage it as SaaS, or they can use a combination and move it back and forth.”
TCS is able to tell us, rather than us figuring it out the hard way, what customers want.
Cohesity’s DMaaS offerings are a growing suite of services designed to provide enterprise and mid-size customers with an extremely simple tool for data management, allowing them to back up, secure, govern and analyse their data, with everything managed by Cohesity and hosted on Amazon Web Services. “There’s really a lot of choice and flexibility,” Mohit says.
In addition to its backup as a service, the company has rolled out disaster recovery as a service, with more services due to be unveiled in the near future. “For partners, this is a great extension to our portfolio of offerings,” Mohit says. “Partners and customers today are asking for more on data management. They are looking for a digital transformation. All this helps both our partners and our customers accelerate that transformation.”
Value in engagement
To enact the transformations customers want, it is vital to have an ecosystem of partners with whom the company is closely tied, Raman says. “Partnerships have become extremely important in our ability to deliver those kinds of transformations for our customers,” he says.
Raman considers Cohesity to be among TCS’s best strategic partners because TCS is able to leverage a highly flexible data management platform that can, for example, run multiple analytics and integrate in different cloud platforms. “Whatever the customers want in any kind of an environment, we are able to do that,” he says. “I think from that perspective, it really puts Cohesity on the top of the set of partners that we have.”
Such partnerships are fundamentally about the customer. “It is not about what we are getting from a partner or what the partner gets from us,” Raman says. “It’s about what we as a partnership are going to deliver to the customer. Is one plus one greater than two? I think that is the most important part of this equation in any successful partnership.”
For Cohesity, the partnership with TCS offers numerous benefits. TCS deals with a large number of customers and has built extensive cloud expertise as well as unique industrial based solutions. They also have a big talent pool with expertise in the cloud and global delivery capabilities.
All that combined means Cohesity is able to provide more value to customers while benefiting from TCS’s expertise, Mohit says. “TCS is able to tell us, rather than us figuring it out the hard way, what our mutual customers want.”
COVID has meant that you will need to respond faster; you need to look at data in a different way and experience all of those things that are there. Existing architectures are not able to do that.
“Young companies like Cohesity, we’re all about what the customer wants and what they are looking for next,” Mohit says. “When we are able to get an insight into a customer’s business strategy, then we are able to shape our vision and our roadmap accordingly. So it’s a huge help getting an insight into the customers that TCS works with.”
TCS also has deep relationships with partners working in the cloud space, meaning Cohesity benefits from these partnerships too because it integrates with TCS’s cloud frameworks and solutions. “We and TCS combined now get access much more deeply to those cloud partners with whom TCS has deep relationships,” Mohit says. “We’ve independently built some relationships, but TCS’s relationships, of course, extend the reach that we have.”
Cohesity is also a COIN partner of TCS, otherwise called a co-innovation partner, meaning the companies co-create solutions. That might involve developing a replicable approach specifically for protecting against ransomware. The companies can create pre-built solutions and advertise them and install them with customers using TCS’s outreach, which is much larger than Cohesity’s, Mohit says. “We really find value in that engagement.”