.
Image: Ron AI
Ransomware attacks have evolved. They not only lock your data but also target the backup and then scare you by making recovery bordering on impossible.
According to data by Veeam, 89% of organizations have had their backup repositories targeted by attackers. The change in tactics has made traditional ways of backing up data very vulnerable.
If a company’s primary and backup data compromised, it must confront a very undesirable situation. The business can either pay the ransom or face very costly downtime, which could cost the business a lot of money and in the worst-case scenario, people may lose their jobs. About 40% of businesses fail to have their data recovered even after fully paying the ransom.
If a company wants to ensure that all bases are covered having an immutable backup is a non-negotiable cornerstone of modern cybersecurity.
Immutable backups are copies of your data. Once they are created, they cannot be modified or deleted or encrypted for a defined period. Nobody can alter it for a period of time that is set by the company. The immutability is achieved through two technologies, namely Write Once, Read Many (WORM) storage and Object Lock.
WORM storage allows data to be written a single time and be read multiple times. However, the data can never be altered, making it similar to the stone tablet or CD-R disks that was used back in the day. Object Lock is a commonly used aspect of cloud storage. It applies a lock to data and will prevent it from being accidentally or nefariously deleted for a set duration as set by the company following a review of its own company policy and communication with key decision makers.
Having immutable backups are no longer just an option. They are essential for a business to ensure resilience. But using them properly, requires more than flipping a switch or downloading software. It requires deep and strategic planning to ensure that it is properly executed.
A start is to adopt the 3-2-1-1-0 rule:
Several proven technologies can form the foundation of your immutable backup strategy, including hardened Linux repositories, object storage with S3 object lock, and managed cloud vaults.
Hardened Linux repositories use the XFS file system to flag backup files as immutable, protecting them from permanent removal or modification Object storage is cloud-based object storage, such as AWS, Wasabi, or Azure Blob, which offer native Object Lock or WORM capabilities. Managed cloud vaults such as Veeam data and cloud vault provide pre-configured, secure, and air-gapped immutable storage.
Like every effective system, immutable storage requires companies to overcome some challenging scenarios and situations for it to be effective. For instance, when considering storage costs you may decide to use tiered storage policies. You also have to ensure that protective mechanisms like retention planning is in place to preserve and protect your data. Ensuring that the immutability period is configured is essential. The immutability period will be different for each company and needs to be decided by key decision makers and staff. The retention period should be carefully aligned with your compliance needs to ensure that there is minimal disruption to business activities and so that inconvenience is kept at a low level
Ideally you should consult specialists in data protection and storage when implementing and monitoring immutability. If you have resources, consider partnering with a specialist in the field to reduce your stress and to ensure the process is properly carried out for maximum effectiveness.
Immutable backups allow companies to work even in the midst of a cyberattack they ensure that there is always an uncompromised version of your data available. It is a golden insurance policy. Not only immutable backups preserve your data but they also reduce the ability of cybercriminals to demand a ransom if they successfully compromise your data through a ransomware attack.
Immutable backups are more than just plans to save your data. They also provide your business with a productive boost and the ability to continue working even when cyberattacks occur and when there are attempts to steal finances from your business through cyber theft and downtime. They also help to keep your company’s reputation intact—a reputation your company has taken years to build.
Having immutable backups are not just essential to ensure that your business’s important data is preserved, they also ensure that years of hard work spent building your business from scratch is preserved and can be built upon.
ABOUT THE AUTHOR
Chongwei Chen is the President & CEO of DataNumen, a global data recovery leader with solutions trusted by Fortune 500 companies worldwide. Read Chongwei’s Executive Profile here.