File Data Platform’s Security Stance Fortified with Multi-Layered Protection and Greater Regulation Compliance
Qumulo, the radically simple way to manage petabyte-scale data anywhere, today announced the launch of the company’s new corporate security initiative “Simply Secure,” a multi-layered approach designed to protect data across multiple points of vulnerability. Qumulo’s “Simply Secure” initiative is meant to help organizations minimize the risk of business disruption and protect their data from theft or loss with a complete suite of security features that continue to harden over time, all-inclusive with their Qumulo® subscription, without additional cost for future releases.
The unprecedented rise in cyber threats in recent years is creating dire consequences for businesses: multi-million dollar ransom payments, days or weeks in disruption of operations, and potential loss of valuable data sets. Not only that, cyber attacks which become public often leave behind permanent reputational damage. While most organizations understand and respect the risk of poor security posture, many are strapped for cycles, time, and expertise to build adequate defenses around their unstructured data.
“Trust is mission critical when it comes to security”
Qumulo is meeting its customers anywhere – edge, core, and in the cloud – with a holistic approach to security, making it simple for customers to protect their data from ransomware attacks, data theft, and data destruction. Qumulo not only helps customers ensure lighting-fast recovery but also helps proactively detect and prevent anomalies, so organizations and end users can simply secure their sensitive data. Customers are granted access to each new security feature every two weeks, which is available through non-disruptive software upgrades, increasing the value of Qumulo clusters over time.
“Qumulo’s focus on radical simplicity means it’s taken an approach to security that makes it as easy as possible for customers to protect their data everywhere it’s stored,” said Kiran Bhageshpur, Chief Technology Officer at Qumulo.
Qumulo is constantly developing new and enhancing existing features to provide the most robust security possible.
The most recent releases add five new layers to storage security for greater data protection, including:
Multi-tenancy VLAN Isolation: Organizations can now use virtual local area networks (VLANs) to isolate administrative interfaces from their file system clients, such that the general network population cannot reach the interfaces. This adds an additional guarantee of network protection, while helping consolidate multiple use cases on a single cluster, resulting in potential cost savings.
Single sign-on & Access Tokens: Cluster administrators can now eliminate the need for sensitive user passwords when logging into the Qumulo administrator UI or API since user credentials are prime targets for theft by cyber attackers.
NFSv4.1 Kerberos Authentication & Encryption: All data is encrypted before transmitting across networks, preventing any bad actor that intercepts the data from understanding it in plain text.
Federal Information Processing Standards (FIPS) 140-2 certification of Qumulo encryption: Now, customers with FIPS requirements can maintain compliance and independently verify that Qumulo’s data-at-rest encryption meets the standards set by the National Institute of Standards and Technology (NIST). Customers who don’t require FIPS certification can rest assured their data is protected by the highest standards.
OpenMetrics API provides telemetry data to 3rd party monitoring and alerting systems, so organizations can proactively detect and quickly respond to anomalies at risk of disrupting operations such as an attack-in-progress.
“Trust is mission critical when it comes to security,” said Kathy Ahuja, VP of Information Security at Qumulo. “That’s why we’ve built a security posture with FIPS 140-2 accreditation and enhanced encryption that provides the greatest level of protection for our cryptographic modules. Our customers know they can trust Qumulo with their data. And as cybercriminals continue to advance their own breach strategies, we’re well prepared to continue to improve our security measures to match and defeat the complexities of these attacks.”