Close this search box.

Initial Observations from Cyber Secure Storage Research

The relentless rise of cyberattacks has placed data security at the forefront of every organization’s priorities. This is particularly true for high-value sectors like financial services, telecommunications, and government agencies, where a data breach can have catastrophic consequences. These types of entities remain the top adopters of high-end storage arrays.

Cyber Secure Storage Depositphotos 176380872 L

In response, high-end storage providers are incorporating advanced features that not only safeguard data but also use AI and machine learning for ransomware anomaly detection, facilitate response by automatically creating a snapshot whenever an anomaly is detected to aid in limiting the scope of the attack, and streamline recovery processes.

Our initial research findings reveal several key trends shaping the landscape of cyber secure high-end storage.

Cyber Secure Storage Features in High-end Storage

High-end storage solutions are now equipped with a range of advanced security features to combat evolving cyber threats. Here are some of the most noteworthy findings from our research:

Multiple Array Management Roles: Storage array providers are responding to the evolving security landscape by providing for multiple storage system administration roles. These include:

  • Storage and Security Administrators provide active management and day-to-day operations. Their responsibilities include granting and revoking access to storage resources based on user roles and needs, troubleshooting storage-related issues, and optimizing performance, and implementing necessary security patches.
  • Storage and Security Auditors conduct regular security audits of the storage infrastructure to identify vulnerabilities and ensure compliance with regulations, evaluate the effectiveness of existing security controls and recommending improvements, identify potential security risks associated with storage configurations and access controls, recommend corrective actions, and report audit findings to management.
  • Data Protection Admins: These specialists manage data backup, replication, and recovery processes. They ensure sensitive information is consistently backed up and readily available for restoration in case of a cyberattack.

Multiple Approvals for Some Actions: Our research found that the majority of high-end storage arrays now require multiple approvals for sensitive storage operations. This multi-layered approach helps prevent data loss.

Immutable Snapshots: These read-only copies of data provide a point-in-time view, allowing for rapid recovery to a clean state in case of ransomware attacks or accidental deletions.

Ransomware Anomaly Detection: These features identify suspicious changes in data access patterns that could be indicative of ransomware encryption, allowing for early intervention. Some high-end arrays now embed these capabilities within the storage system, while others provide a cloud-based service to analyze data access patterns and identify anomalies that indicate a malware attack.

Automated Compliance Monitoring and Alerting: Some of the high-end storage systems can automatically monitor compliance with relevant data security regulations and generate alerts for any discrepancies, streamlining the process for security teams.

Near-instantaneous Recovery: Advanced storage solutions enable near-instantaneous recovery of data in the event of a cyberattack, minimizing downtime and ensuring business continuity.

Granular Cyber Recovery at Scale: Some of these solutions enable administrators to pinpoint and recover specific files or objects affected by an attack, rather than restoring entire datasets, improving efficiency and minimizing recovery time.

Fenced Network Forensic Environment: This secure, isolated environment facilitates forensic analysis of compromised data without contaminating other systems, aiding in identifying the source of an attack.

Kubernetes Change Management Analysis: By analyzing deployments, builds, events, and alerts within Kubernetes environments, this feature automates the process of identifying the root cause of issues within complex containerized applications.

Ransomware Recovery Assurance and Guarantee: Some advanced solutions offer guarantees for successful ransomware recovery, providing organizations with peace of mind and reducing the impact of attacks.

Guided Disaster Protection Planning/Execution: High-end storage providers can guide administrators through the disaster protection planning process and facilitate disaster recovery processes, ensuring efficient and timely response to disruptions.

Guidance for Business and IT Leaders

Our initial research into cyber secure high-end storage arrays reveals a dynamic market driven by the urgency to protect data and mitigate the ever-evolving cyber threat landscape. DCIG expects that innovative security features like ransomware detection and response with recovery assurance and automated forensic analysis will continue to shape the future of high-end storage.

Every business and IT leader should incorporate cyber security features into their evaluation of storage solutions during the product selection process.


Over the next several months, DCIG plans to publish multiple TOP 5 reports focusing on cyber secure features of both backup targets and primary storage. To be notified of new DCIG articles, reports, and webinars, sign up for DCIG’s free weekly Newsletter.

To learn about DCIG’s future research and publications, see the DCIG Research & Publication Calendar.

Technology providers interested in licensing DCIG TOP 5 reports or having DCIG produce custom reports, please contact DCIG for more information.


Click Here to Signup for the DCIG Newsletter!


DCIG Newsletter Signup

Thank you for your interest in DCIG research and analysis.

Please sign up for the free DCIG Newsletter to have new analysis delivered to your inbox each week.