DataGravity is a storage startup that says it helps businesses know more about the data they have. Not just how much, but who’s writing it, accessing it, deleting it, and who’s spiriting it out of the company. Now it’s adding more security enhancements to its core product.
“We have new forensics that will see abnormal write behavior on the [storage] array and protect you based on what your norm is,” said CEO and co-founder Paula Long of the Nashua, N.H.-based company. Long knows from storage. She co-founded EqualLogic, a storage startup in 2001 and sold it seven years later to Dell for $1.4 billion.
Basically, the software watches how users interact with storage, and assesses if, based on the normal activity, if someone (or something) is taking a long time writing to that data stash. (In tech parlance, a “write” operation happens when data is stored to the disk or flash storage media for safe keeping, a “read” operation is when that data is accessed.) An abnormally long write session could signal a CryptoLocker attack, she said. These attacks worm their way into a company’s data store and encrypt it. Then the perpetrators typically hold that data for ransom. If DataGravity’s Discovery notes such prolonged write activity, it can protect that storage and also make it easier to figure out who is behind the CryptoLocker, Long said.
With DataGravity Discovery Series version 2, the company is taking a much more aggressive role on security, Long said. And it’s no wonder if you read the headlines lately. There seems to be news of a major cyber break-in nearly every week.
“Up till now, people think about security in terms of the network, the firewall, the endpoints, and shoring up those defenses,” Long told Fortune. “Once you get to the storage, it’s ‘party at my house,'” she said. But when you realize that data is what most hackers are after, that has to change.
DataGravity customers will get the upgrade as part of their service contracts.
It’s a pretty safe bet that DataGravity won’t be alone in beefing up the ramparts around company’s storage. Security experts agree that security has to happen at every part of a company’s IT infrastructure, the aforementioned end-points, the network itself, the storage arrays. One thing is certain, the attacks and attackers keep evolving so defenses must do the same.
Subscribe to Data Sheet, Fortune’s daily newsletter on the business of technology.
Story updated at 8:10 AM PST to clarify product name