Data has always been an important part of doing business. But in recent years, the dependency on data has grown exponentially. This growth hasn’t gone unnoticed, (cyber) criminals are targeting organizations, both large and small, from all angles trying to find a way in and crippling your organization in the process. A commonly heard statement is that it’s not a matter of becoming a victim of ransomware, the question is when it happens. And when it does, are you ready to mitigate the effects before the damage becomes too big?
I became a victim of ransomware. Time to start restoring!?
Even though your organization implemented several layers of defense against ransomware, such as a modern endpoint security solution or Microsoft AppLocker, chances are cyber criminals still found a way in. And they might’ve even been present within your organization for quite some time before they start encrypting your files.
Once the attack is noticed, the first thing to do is obviously stopping it and making sure it has no chance to spread further. After this it’s time to run an inventory of the damage and start the recovery process. This would’ve worked in the early days of ransomware, but attacks have evolved over the years. Shadow copies are removed or corrupted, and even your backups become a victim of ransomware. Worst case scenario, they even ruin the tape backups you created.
So, if you aren’t prepared, paying the ransom might seem like the only option.
What are immutable backups?
How would you prevent cyber criminals from ruining your backups, so you can recover from one of their attacks? By using a backup, that cannot be altered or changed after it is created. This type of backup is called an immutable backup, making “regular” backups mutable backups. An added benefit of using immutable backups, is they can help with meeting compliance regulations too, as you actively keep multiple copies of historical data.
Immutable Storage for Hosting Backups
In terms of backup media there isn’t really a preferred solution. As there are tapes, storage arrays, backup appliances and even the cloud which can be used to store your immutable backups. Yes, even those trusty old tape drives can still be used and were probably even used for immutable backups by some organizations for many years. As some tapes can be set in a “write once, read many” mode, making them a perfect media type for immutable backups.
With the huge amount of cloud solutions being offered today, the cloud might be one of the more interesting options to host your immutable backups. As the cloud solution typically is already air gapped from the datacenter but can be restored from in an instant. Whereas a tape drive had to be collected from a remote location.
Implementing an immutable backup plan
Organizations have long relied on the 3-2-1 rule for their backups, which refers to the following:
- Have 3 copies of your data
- Store them on 2 different types of media
- Of which 1 is remote
And while the idea behind this strategy is still viable, it is important that we reevaluate the way it is implemented.
Looking back at the 3-2-1 rule, storing one copy of your data on immutable cloud storage already covers a big part of the strategy, without having to do a revamp of your entire IT infrastructure.
Wrapping Up
It shouldn’t be a question if you need immutable backups because you do. Ransomware is coming to an organization near you, and it’s coming soon. I wouldn’t say defending against it is pointless because it always helps. But making sure you can recover from it, within a timely fashion (RTO) and without too much data loss (RPO), should be a topic high on the agenda.
For smaller organizations this can become a costly thing to implement depending on the amount of data and number of copies required, but keep in mind that the bill that comes with a ransomware infection is always bigger.
BDRSuite delivers comprehensive backup and disaster recovery to protect all your workloads (Virtual, Physical, SaaS, and Cloud). It is a feature-rich product tailored to cater to the data protection needs of SMBs and is highly affordable.
Download BDRSuite – 30 Days Free Trial.
Follow our Twitter and Facebook feeds for new releases, updates, insightful posts and more.