A blog post by a competitor got me all fired up recently because the post referred to all “ransomware guarantees” as a “gimmick.” (Although our $10M Data Resiliency Guarantee is so much more than a ransomware guarantee, many outside people still use that moniker to refer to it.) This caused many people to ask if the claims this vendor made in their blog post apply to us. In short, no they don’t.
The blog was clearly aimed at a shared competitor; almost all of the claims they make only apply to one vendor. If only they could have offered a rubric at the beginning of the article to tell us what vendor they were talking about. It certainly would have made a more, shall I say, cohesive argument.
I know which vendor they’re talking about because we also felt their ransomware guarantee is a gimmick. It contains so many exclusions as to be worthless; it seems only designed to create news and not to give any real protection. Examples include excluding ransomware attacks caused or facilitated by employee malice or incompetence. They’re not the only vendor with weird exclusions; another required all backups to be free of viruses, and they exclude from the guarantee ransomware attacks that didn’t trigger their ransomware alert. (So if the ransomware is good enough to avoid detection, and/or if a copy of it got backed up, you won’t cover me? Seriously?)
Druva’s Data Resiliency Guarantee: Real protection, no gimmicks
We made sure not to include such gimmicky exclusions in our Data Resiliency Guarantee. Our requirements are common sense things like, if you want us to protect you from ransomware, you need to use the features we have provided that are designed to do that (e.g. Data Lock), and you should follow industry standard best practices when using our software (e.g. MFA, etc). It’s also important to point out that ours is a Resiliency Guarantee that protects against far more than just ransomware. We guarantee protection from leakage of backup data (i.e. exfiltration) via the backup system, accidental deletion, hardware corruption, and even downtime!
The competitor that made this blog post doesn’t have any kind of guarantee. My guess is they got sick of hearing about these other guarantees and felt that the best way to respond was to attack the other side. It reminds me of a time when a storage vendor I was working with was told they needed to supply 90 days of user-browsable snapshots in order to be considered for the deal. They spent the entire meeting explaining why snapshots were stupid.
I’m not saying this blogger’s point isn’t valid; I just don’t like how they made it. They painted us all with one big brush, and their claims don’t apply to most of us. I’ll say this in response: if a ransomware guarantee got your interest, you should take a look at our $10M Resiliency Guarantee. So much more protection with so much less effort. Definitely not a gimmick.
Next steps
Take our survey to benchmark your team’s data resilience and receive a copy of our new analyst brief, Understanding the Data Resiliency Challenge.
