In the face of ransomware, backup must become unbreakable – but how?

Sep 4, 2020 | Nexsan, StorCentric

Charles Burger, Global Director of Assureon Solutions at Nexsan, discusses how data management flexibility combined with safe and effective backup is among the most critical capabilities in an organization’s data management strategy.

Backup is a core part of any organization’s overall data management strategy, but the ability to simply store and access data is not sufficient – maintaining consistent copies of data over time and being able to access it at any time is vital.

Unfortunately, backups have become the latest malware target, as evolving and more sophisticated ransomware attacks now not only seek to attack on-site production data, but every possible copy, wherever the copies reside. If infected users have access to the location where data has been backed up, there is a real risk that it will also be encrypted by the attack.

This is of major concern, because when backups are compromised by malware, it can eliminate any chance of recovery and this could be the difference between Business Continuity or business failure.

In this context, data management flexibility combined with safe and effective backup is among the most critical capabilities in an organization’s data management strategy. This is also important from an efficiency and cost perspective because modern data-hungry organizations need to protect all of their unstructured data – all the way through the backups.

To raise their game, many IT strategies wisely follow the 3-2-1 rule for data management, which recommends the maintenance of: Three copies of data, two copies on different media and one offsite or immutable copy. This layered accessibility allows the retrieval to the state of data at an earlier point in time or allows restoration due to data loss within the primary storage layer.

But what are the backup destination requirements in an era when unbreakable infrastructure is becoming key to defeating the threat of ransomware? There are several vital components:

  1. Agile and effective data ingest and recovery

A backup destination must be capable of integrating into any backup solution and ingesting and recovering data with multiple GB/s of throughput. The benefits this offers users is that it enables plug-n-play deployment, scaling to multiple backup clients and the ability to quickly access backups when desired.

  1. Scale and capacity

Backup capacity is typically sized to be multiples of the amount of source data. Approaching the planning process in this way allows a user to maintain several full backups and incremental backups only constrained by backup storage capacity. A backup destination therefore needs to be able to scale to PBs and more.

  1. Integrity and Availability

Despite significant industry-wide advances in reliability and longevity, storage media has finite endurance. It is important, therefore, that a backup target, like any primary storage solution, should provide the ability to tolerate storage media failure and keep backed up data readily available.

  1. Security

Some backups are considered of higher value than others, such as those protecting data that is absolutely essential to the functioning of a business – data that cannot be lost due to cyberattacks, malware, ransomware or even human errors.

  1. Low total cost of ownership

The purpose of backup storage is to ingest and retain vast amounts of data, and as such, it is not primary storage. Access is only needed when primary data is not accessible, or when an earlier point-in-time backup is needed. Such a layer needs to be extremely dense and cost-effective.

Integrating these functions and capabilities should help to deliver a completely secure, locked down, immutable and unbreakable backup layer. In these situations, even administrators cannot tamper with locked down data in this layer until the expiration of the policy that governs the secure backup. This approach ensures protection from data corruption and data loss, and places organizations on a much firmer footing to meet the growing ransomware challenge with confidence.