Wasabi Technologies today announced Covert Copy, a new resilience feature for its Hot Cloud Storage platform.
Wasabi's patent-pending tool uses logical air gaps and multi-user authentication to safeguard data backups against malicious actors.
The release comes in response to evolving ransomware threats, where data backups and cloud storage are increasingly targeted.
"Data Security is critical for any organization, and giving users simplified yet effective tools protects them. Not just against external cyber threats, but also against insider risks," said Jasdeep Singh, a research manager at IDC.
Air gaps are a common data protection practice where copies of data are stored on an infrastructure that is not accessible through the network. This renders the data immutable, meaning it cannot be altered or deleted, as well as invisible to outside attackers.
Some air gaps are physical, with data copied to tape drives that are hosted off-site and disconnected from external networks. Covert Copy uses a logical air gap, which replaces physical distance with strong access controls.
Logical air gaps are in use by competitive data protection vendors such as Veeam and Cohesity to provide immutability. But according to David Boland, vice president of cloud strategy at Wasabi Technologies, Covert Copy takes protection even a step further.
Other data protection tools on the market can protect data from being seen, altered or deleted by external users, said Boland. "But what they can't do is hide it from people who have access to the account."
With traditional air gaps, hidden data is still visible to users within the storage console, who can alter or delete it. With Covert Copy, the data is kept hidden from anyone who could change it, including users within the company.
Maintaining tight control over who can access data is becoming a crucial aspect of ransomware protection. According to the Sophos report, The State of Ransomware 2025, compromised credentials are the second most common reason for data breaches.
Covert Copy uses Wasabi's multi-user authentication, which is a pre-existing feature of the vendor's security portfolio. Unlike multi-factor authentication (MFA), which is done by one internal user, multi-user authentication requires at least three designated security contacts within the organization to delete data.
If somehow the actor still gets access to the copy, it still requires multi-user authentication to delete, which makes it much more secure.
Jasdeep SinghResearch manager, IDC
This added layer of protection makes Covert Copy an appealing option for highly regulated industries such as healthcare and government, according to Singh.
"If somehow the actor still gets access to the copy, it still requires multi-user authentication to delete, which makes it much more secure," said Singh.
While companies like AWS, Microsoft and Google offer immutable cloud storage, multi-user authentication is a feature that must be configured separately. Covert Copy's authentication is built into the management console, so additional configuration is not required.
Organizations are facing major data sovereignty and compliance challenges today, according to Singh. The rapid evolution and expansion of AI technology has added even more risk that organizations must prepare for.
"With the pace that AI has advanced, ransomware attacks have evolved too, targeting systems, networks and identity layers," said Singh. "I think this is an additional layer that will help organizations improve resilience."
Covert Copy is included at no additional cost with Wasabi Hot Cloud Storage. According to Boland, the Covert Copy feature will also be supported by Wasabi's high-performance SSD, Wasabi Fire, in 2026.
Erin Sullivan is a senior site editor for Informa TechTarget's data technologies group.
