Abstract: Embodiments of a system and method to prevent mass deletion of data in a data storage system. A data deletion operation comprises a delete operation marking blocks to be deleted followed by a garbage collection (GC) operation to remove marked blocks from storage media. Based on historical information regarding deletions per GC cycle and certain user-defined thresholds based on data age, the storage system can detect any significant deviations as potentially dangerous. If a deletion in excess of a deviation threshold is detected, the next GC operation is skipped to provide a delay period during which time the user can investigate the data delete command and restore data if necessary. De-risking conditions such as known abnormal high deletion periods or new system installation can be used to override any garbage collection delay.

Abstract: Embodiments of a system and method to prevent mass deletion of data in a data storage system. A data deletion operation comprises a delete operation marking blocks to be deleted followed by a garbage collection (GC) operation to remove marked blocks from storage media. Based on historical information regarding deletions per GC cycle and certain user-defined thresholds based on data age, the storage system can detect any significant deviations as potentially dangerous. If a deletion in excess of a deviation threshold is detected, the next GC operation is skipped to provide a delay period during which time the user can investigate the data delete command and restore data if necessary. De-risking conditions such as known abnormal high deletion periods or new system installation can be used to override any garbage collection delay.

Abstract: Embodiments of a system and method to prevent mass deletion of data in a data storage system. A data deletion operation comprises a delete operation marking blocks to be deleted followed by a garbage collection (GC) operation to remove marked blocks from storage media. Based on historical information regarding deletions per GC cycle, the storage system can detect any significant deviations as potentially dangerous. If a deletion in excess of a deviation threshold is seen, the next GC operation is skipped to provide a delay period during which time the user can investigate the data delete command and restore data if necessary. De-risking conditions such as known abnormal high deletion periods or new system installation can be used to override any garbage collection delay.

Abstract: Embodiments of the runtime risk assessment process monitors deliberate or potentially data destructive operations against a filter of dynamic risk assessment. A filter process recognizes the following conditions as highly indicative of increased risk factors: (1) recent creation of the security officer role, (2) changing of the system time or clock, and (3) disabling of system alerts. If all three of these events occur, the system recognizes this as indicative of a high probability of data attack. The runtime risk assessment process imposes a delay on the execution of each of these commands to provide time to alert the user and an opportunity to re-enter the commands at the end of the delay period. Thus, a potentially dangerous sequence of commands will not occur automatically or immediately, but will instead be delayed to provide an extra validation check or user action.