Ransomware Stops HERE!
One of the superpowers of object storage is the intrinsic nature of metadata. Metadata, as part of the object, provides a powerful array of information to describe the content of the object as well as providing descriptive information about how the object should be managed. With the advent of object lock, a process for rendering an object immutable, backup applications like Veeam, Commvault, and Arq use that metadata to manage an object’s immutability and have provided a “last resort” for data backups.
Once upon a time, in a data center just around the corner, backups were a fairly mundane operation. Over time, they evolved, moving from tape to disk-to-tape to disk-to-cloud. Along with this evolution came another maturing technology – malware. Modern malware has the ability to compromise and entire IT operation, encrypting primary data, shutting down virtual machines, AND rendering on-site backups useless. The only haven left, it seems, is having an air-gapped backup, either on tape or in the cloud. But that’s not enough…
I don’t really want to debate the pros and cons of tape versus cloud here. I don’t have the time and you’ll lose interest in another few minutes. Suffice it to say that I’ve worked for companies that sold both and there are merits to both approaches. IMHO, I prefer the cloud. It is fast, reliable, and doesn’t get lost in the shuffle.
That said, our friends at Gartner recently published a paper titled “Detect, Protect, Recover: How Modern Backup Applications Can Protect You From Ransomware”. It is probably one of the better Gartner papers I’ve read in the last year or two, and it makes some excellent points. Chief among them is the assertion to “develop an immutable file storage” for backup data. That means using a technology like object lock, which is free with a Wasabi account by the way, to ensure backups are immune to any intentional or accidental deletion and/or modification.
Let me drive that last point home – with immutable storage NOBODY can delete or alter your backup files. Not you, not the IT Ops team, not the system administrator – NOBODY. Granted, you have to be careful in how you implement an immutable storage system, but that’s the job of the backup software and is well aligned to the retention policies already perfected by most IT Ops teams.
If you are worried about ransomware affecting your data, just like the rest of the world, I strongly recommend reading the Gartner paper to see what else they recommend in addition to implementing immutable file storage.
Check out the paper here.