Pure Storage FlashBladeBlogCyber ResiliencePure FlashBladePure StorageCommvaultPrimary StorageData Protection & Cyber RecoveryData CenterSecurity Transformation
Blog • • 8 minute read

Preparing for DORA Compliance with Pure Storage and Commvault?

WWT's take on the new DORA compliance joint solution brief from Pure Storage and Commvault that aims to help customers meet requirements and will aid in your cyber resiliency plan.

In this blog

  1. Why?
  2. What is it?
  3. Deep dive
  4. Takeaways
  5. Commvault and Pure Storage inside the Advanced Technology Center (ATC)

To set the stage for this blog post, let's first make sure we're all on the same page for a couple of key terms by seeking some help from the WWT-GPT engine, Atom Ai.

What is cyber resilience?

What is the Digital Operational Resilience Act  (DORA)?

 Why?

Cyber crimes are something that every business and individual should care about and do their best to protect themselves against. As the old saying goes, "It's not a matter of IF, but WHEN" a cyber attack will happen in this always on, always connected world we live in. As the definition above calls out, there's no single offering or solution to completely stop the bad guys. Instead, the effort will require many tools. The Pure Storage/Comm Vault solution brief is a blueprint for companies of all sizes to start with and should be coupled with well-defined processes, planning and testing. The effort will require teamwork to not only protect one's environment and data, but also recover in a timely fashion when a cyber event occurs. 

In many instances, data is a company's most valuable asset, no matter what vertical/industry they reside in, so having a rock-solid cyber resilience plan is a must. This is especially true for financial institutions doing business in the EU and their critical third-party technology service providers around the world as they need to be prepared to address the effects of the DORA compliance regulations that go into effect early 2025. Even though DORA focuses on the EU financial industry, it is safe to assume that other countries will quickly adopt similar regulations if they have not already. 

 What is it?

Ok, so we know why Pure Storage and Commvault teamed up to deliver a cyber resilience solution to help with DORA compliance, but let's dive into what exactly the solution is composed of at a high level:

Secure Primary Storage

  • Pure Storage FlashArrayâ„¢ immutable snapshots for ultra-short RTO
  • Application consistency with Commvault IntelliSnap
  • Secure, efficient replication into the Cyber Resilient Vault

Secure Backup

  • Commvault secure replication into air-gapped Cyber Resilient Vault
  • Pure Storage immutable data copies with SafeMode
  • Data integrity checking with Commvault Threat Scan

Secure Validation 

  • Clean room powered by Commvault and Pure Storage Rapid Restore
  • Validation zones for Incident Response and Application teams
  • Disaster recovery zone for return to service

Secure Restore

  • Enhanced operational recovery with Pure Storage
  • Primary backup immutability with SafeModeâ„¢
  • Improved data transfer into the Cyber Resilient Vault

 Deep dive

Let's dig a little deeper in a few areas. 

  1. As called out above, the quickest way to recover from any data corruption or data loss is at the storage array level using space efficient, point-in-time snapshots to quickly get you back up and running.
  2. During the dwell time before a cyber attack starts, the bad actors will target your primary, secondary and backup storage systems in hopes of stopping replication, removing snapshot schedules and deleting existing snapshots before they encrypt your data and demand you pay their ransom.
  3. Because all communication and access into the vault is controlled from within, the vault is not easily detectable to the bad actors that are snooping around inside your network.

Pure Storage's FlashArray and FlashBlade are enterprise-grade storage systems providing six 9's+ of reliability, including a full suite of storage services to meet your block, file and object primary and secondary storage needs. One of those included features is called SafeMode, which locks down snapshots, snapshot policies and other things like object buckets from being deleted and/or shortened. With SafeMode enabled (it's included and free, so why wouldn't you) a local admin or a bad actor can only increase the policy retention time for SafeMode snapshots to be retained on the system. The SafeMode feature on your primary and secondary storage is one of those tools you can use and is great for keeping snapshots on the primary array for one to four weeks typically. Note - snapshot retention, while efficient, does require free array capacity and is based on the retention duration and the daily change rates. WWT highly recommends working with your Pure account team to plan, size, and configure SafeMode on a production array to prevent any capacity issues.

While array-based snapshots are great and serve a purpose, companies need the belt and suspenders approach, and that's where Commvault comes in with their Commvault Cloud Platform. Their best-in-class data management software simplifies the protection of your data for backups, off-site replication and recovery. Commvault's widely used IntelliSnap feature integrates with the Pure Storage FlashArray to provide application-consistent backups (and restore!) of array-based snapshots. Commvault Storage Accelerator makes backup and restore more efficient by letting systems read and write directly to the Pure Storage FlashBlade via S3. 

When you are in a cyber recovery event, it's all about how fast you can recover and with the FlashBlade's scale-out architecture, you simply add more Blades to meet the performance and capacity needs for your RPO/RTO. But what good is a lighting fast, rapid restore storage array like the FlashBlade if your backup data has been deleted or changed? Fortunately, like the FlashArray, the FlashBlade also supports SafeMode to make both file and object data immutable and indelible. As part of the jointly created DORA compliance solution, Commvault writes the backups to the FlashBlade via the S3 protocol to a bucket that has object lock and SafeMode retention lock enabled. This prevents those bad actors (if they can login to your storage array) from deleting your backup data or buckets so your backups are available immediately when you need them. 

FlashBlade's object offering provides many bucket-level configuration options around permissions, who's allowed to connect, how long to lock the data before deletion, versioning enabled, worm enabled, etc. Thankfully Pure Storage added a workflow to Commvault's workflow library to make things easy.  By using the Pure Storage FlashBlade workflow to provision object storage on the FlashBlade, it drastically simplifies the setup steps and implements the joint solution best practices for configuring and locking down the target storage bucket. It not only can create the object accounts, users and buckets on the FlashBlade, but also provides the option to limit which Commvault systems can delete objects in the buckets and automatically stores the S3 Access Key and Secret Key that were created on the FlashBlade in the Commvault Credential Vault.  What normally would require multiple steps to create the user, configure all the object settings on the FlashBlade, and then copy/paste the access credentials to the Commvault credential vault, have now been replaced by a single, quick and simple-to-use workflow that can reduce human error. We published a short video to demo the workflow in action here.

 Takeaways

Protecting your data from accidental user deletes and hardware failures is a challenge on its own, then you add in the cyber criminals that are looking for every imaginable entry point to encrypt and destroy your data to force you to pay up, and it almost seems like a no-win situation. Fortunately, the cyber resilience solution (blueprint) from Commvault and Pure Storage, while new, combines proven data management technologies with highly performant and secure storage solutions to aid you in the battle. 

Trying to have a single product offering fit every customer's shape and size is not feasible, but providing a blueprint that includes the necessary hardware and software components gives our customers the ability to customize and size accordingly for the data they need to protect. In the end, a logically air-gapped, Cyber Resilient Vault powered by Commvault and Pure Storage will aid in returning data services to production as fast as possible after an attack happens. 

Not sure where to start? Don't worry, we've got your back.  WWT's Cyber Resilience and Recovery teams have been helping customers of all sizes prevent, protect and recover from cyber attacks. To get started, talk to your WWT sales team today. 

 Commvault and Pure Storage inside the Advanced Technology Center (ATC)

Want to learn more?  WWT has Commvault and Pure Storage labs running in our Advanced Technology Center (ATC) that are accessible 24 hours a day from anywhere in the world via wwt.com. Whether you are in finance, healthcare, retail, manufacturing, etc., if you would like to see what a cyber resilience solution looks like in action for your business, talk to your account team today. 

For more information about a demo or proof-of-concept running in the ATC, contact a WWT Expert. Learn More

Technologies