Next to employees, data is the most valuable asset of any commercial business, nonprofit or government agency. Protecting both has therefore become a top priority for organizations large and small, around the world. Horrifically however, this past year saw both under attack, as a direct result of the COVID-19 pandemic. From a data protection standpoint, the rush to accommodate new and necessary ways to work, shop and live opened the door to cybercriminals. And consequently, we saw a dramatic increase in ransomware attacks and high-profile data breaches that further cemented the importance of backup.
However, the past year also taught us the criticality of ‘Unbreakable Backup.’ Certainly, the overall objective of backup is the ability to recover from any failure or data loss within a specified period of time. The process of backing up, especially to disk, has become highly automated after initial setup across applications, platforms and virtual environments. But now, as ransomware and other malware attacks continue to increase in severity and sophistication, we understand the need to protect backed up data by making it immutable and by eliminating any way that data can be deleted or corrupted. Unbreakable Backup does just that by creating an immutable, secure format that stores the admin keys in another location for added protection,” Varanasi continued. “For those seeking the ideal Unbreakable Backup solution for their environment, they should seek one that delivers data integrity with policy-driven and scheduled data integrity checks that can scrub the data for faults, and auto-heals without any user-intervention. Next, they should seek a solution that provides high availability with dual controllers and RAID-based protection that can guarantee data access in the event of component failure. Recovery of your data will also be faster, because all RAID-protected disk arrays can read faster than they can write. With an Unbreakable Backup solution with these capabilities in-hand, users can alleviate their worry about their ability to recover — and redirect their time and attention to activities that can more directly impact the organization’s bottom-line objectives.
Indeed, this past year has left organizations engrossed in responding to the rapid shift to remote work and the cyber risks from bad actors using the pandemic as a catalyst to continue carrying out their crimes. Across private and public sectors, there was an onslaught of phishing, malware distribution, false domain names, and other attacks on IT infrastructure as teams quickly pivoted to remote working,” said JG Heithcock, General Manager of Retrospect, a StorCentric Company. “While we continue to navigate the uncertainties of the pandemic this year and beyond, it is also important to reiterate simple steps to avoid or minimize attacks on businesses, such as identify suspicious senders, exercise caution before clicking on links or opening attachments, and instill a backup strategy that utilizes the 3-2-1 rule.
A strong 3-2-1 backup plan includes having at least three copies of data across multiple locations: the original, a first backup stored onsite, and a second backup located offsite,” Heithcock continued. “In the current environment, where ransomware attacks are commonplace, if all organizational backups are on a single disk that is connected to a main computer, those backups can be encrypted at the same time as source data, rendering them useless. With three copies of data – on the computer, on local storage and on offsite storage – rapid recovery from threats such as ransomware becomes much more practical.
When implementing a 3-2-1- strategy, there are a variety of infrastructure options available:
- Disk and Cloud: Combining local disks and cloud storage is a customary strategy, especially with SMBs. An available backup on a local disk translates into very fast recovery time, as the local network allows for much higher bandwidth. A remote backup on a cloud storage location further protects business data from disaster, malware and other problems.
- Network-Attached Storage (NAS) and Cloud: NAS devices can be a very cost-efficient onsite storage solution for backups. Utilizing onsite NAS can provide a large dedicated storage pool and high bandwidth for organizational data. Transferring those backups to the cloud as an offline process eliminates the risk associated with accessing the original source multiple times.
- Disk and Tape: Still the most common storage medium, with tape continuing to make strides in speed and storage capacity. Of course, with a local disk, users can more quickly back up their environment and have the backups available for faster restore. However, using a tape library for offsite storage enables backups to be stored in a safe, air-gapped location.
As it has always been, this year will most certainly be a mix of already familiar and emerging risks. The most important and really only thing anyone can do today, is to build a foundation that actively protects against all that is known, as well as has the flexibility to respond to what is yet to be — whether that is in the backup solution’s own capability to fight new dangers, or in its ability to seamlessly coordinate and enhance the capabilities of new innovations.
Pingback: World Backup Day Special - Cyber Protection Magazine