How Object Storage Protects Your Data From Ransomware

Posted on April 4, 2022 by rawee.k

The adoption of remote and hybrid work throughout the pandemic accelerated the digital transformation that IT organizations had already been undergoing by months, even years. As organizations shift between public and private clouds, the rise in data breaches and ransomware has prioritized the need for data protection and security.

Now that data is stored everywhere – data centers, public clouds, private clouds, applications, containers, file shares – the lack of control over corporate and private data is unprecedented, as IT departments are juggling a multitude of priorities for prevention and preparedness at the same time.

Researching multi-tenant storage infrastructures that prevent ransomware attacks or a data loss event? Here’s what data center administrators need to know to design a secure multi-tenancy architecture with object storage. Questions? Drop us an email at or book a meeting with a sales advisor.

🛡️ Since the start of the pandemic, there’s been a 500% increase in ransomware attacks

Ransomware attacks have become a threat beyond the industries with data privacy laws and backup regulations, and no sector is excluded. From agricultural producers to oil pipelines, ransomware attacks have increased exponentially since the start of the pandemic. According to a recent study by Cybersecurity Ventures, attacks now occur globally every 11 seconds on average with ransomware and companies are paying – average payouts have exceeded $1.85M.

A key finding of a February 2022 Veeam Data Protection survey reported that 9 out of 10 (90%) respondents could not recover applications or restore data quickly to meet specified service-level agreements (SLAs).

As recent data breaches have demonstrated, even companies that aren’t directly attacked can be impacted. And that means no organization can ignore the rise of ransomware. Based on these findings, 89% of organizations could not recover applications or data as quickly as they wanted, nor recover all the data they wanted.

Any organization with outdated security plans that don’t address the overall general shift toward cloud-based services to support flexible work environments are susceptible. While ransomware attacks can take many forms, a common type involves encrypting user data with the threat that the data will be released (decrypted) or deleted if a ransom is not paid. Additionally, attackers continuously innovate their approach, which makes the prevention of ransomware an on-going challenge.

🧱 The rise of object storage in the data center

The distribution of information workers coupled with the reliance on software-as-a-service means remote workers access the same data across different regions and domains. While workers access data between home and office, the need for greater control over data has increased, as attackers continuously innovate their approach.

As a result, object storage has become widely-deployed in security-sensitive domains, such as financial services, health care (hospitals and biosciences), government agencies and more. The immutable architecture of object storage – meaning data cannot be updated in place unlike with a file system – protects data from threats that attempt to change data, which is ideal for managing:

  • Unstructured Data – Given the rapid growth of unstructured data content, object storage has become a common cornerstone of modern enterprise IT environments.
  • Backups and Disaster Recovery – Disk and tape have been the most popular media types for backups. But object storage is quickly becoming the preferred option, especially to organizations with large remote workforces.

The prevention of ransomware has became an on-going challenge which is why object storage has become a viable solution around security and agility requirements, primarily due to:

  • Object Locking – The built-in immutability feature which prevents data from being deleted or overwritten (for a fixed amount of time or indefinitely) to ensure that your data or backups are not modified by hackers.
  • Multi-tenancy – To service distinct users (or “tenants”), multi-tenant environments pack more customers on shared storage arrays, allowing IT directors to maintain access control and restrictions to virtualized applications or containers for AI/ML.
  • Authentication – Strong authentication control-access and object-level encryption makes user data useless to criminals, while allowing it to be accessed by anyone, from any location.

In addition, the ability of object storage to group resources from different SAN/NAS appliances together, gives IT decision makers the flexibility to modify corporate policies while maintaining compliance.

🔐 How does object locking in object storage feature protect against ransomware?

One of the benefits of Ceph-based object storage systems used with platforms like OSNexus QuantaStor is that each tenant has their own namespace for all of their S3 “buckets”. This makes it easy to keep the storage for different customers and departments completely separate.

In a typical ransomware hack, attackers take over and encrypt an organization’s data, then charge a ransom to decrypt the data. To protect their data, IT leaders need to make sure that hackers are unable to change their data.

In object storage, object locking is a built-in immutability feature which prevents data from being changed or deleted. An important feature to enable for backups, object locking is configurable on a per “bucket” basis. Backup products, such as Veeam Backup & Replication, leverage the object locking to ensure that your backups are not modified by hackers.

How does multi-tenancy work with object storage?

Object storage systems generally provide Amazon S3-compatible object storage so that applications written to use the S3-protocol can work using the exact same APIs using dedicated S3-compatible storage that’s more cost-effective and performant.

One of the benefits of Ceph-based object storage systems used with platforms like OSNexus QuantaStor is that each tenant has their own namespace for all of their S3 “buckets”. This makes it easy to keep the storage for different customers and departments completely separate.

How to Design a Multi-tenant Object Storage Solution

Secure multi-tenant environments that prevent ransomware or data loss must be processed and stored on the right hardware. To accelerate the adoption of multi-tenant environments, we’ve partnered with OSNexus and Western Digital to provide data center users with a diverse range of data protection and security breach protection requirements an integrated hardware and software solution.

Pogo Linux StorageDirector appliances have deep hardware integration with Western Digital high-performance, low-latency NVMe flash storage and NVMe-over-Fabric networking, and the powerful file-, block- and object storage backup capabilities in the OSNexus software-defined storage platform.

If you’d like to learn more about how Pogo Linux storage solutions enable secure multitenant environments that prevent ransomware attacks or a data loss event, give us a call at (888) 828-7646, email us at or book a time calendar to speak. We’ve helped organizations of all sizes deploy scalable, high-performance object storage solutions for just about every IT budget!