For years now, skeptics in the data storage landscape have been yelling from the hilltops how they think tape is dead. Come to find out how wrong they truly are, and that tape has never had such a strategic role in the fight against the rise of ransomware. Due to tape’s high capacity, low cost, and regulatory compliance for the GDPR, tape has made a roaring comeback! In some of our previous blogs you may have noticed us mention the importance of creating an airgap as a defense against cyberattacks. Well we will dive a little deeper into the topic of an airgap solution and how you can set one up to protect your data.
Using an LTO Air Gap to Stop Ransomware There have been multiple reports over the years that talk about the frequency and severity of cyberattacks on companies both large and small. In fact, a company falls victim to a ransomware attack every 40 seconds, making it almost impossible to avoid. Another company probably just got hit in the time it took you to read the last two sentences. Pretty scary isn’t it? So, if cybercrime is difficult to prevent, what can you do to be prepared? A fascinating strategy is to keep an offline copy of your data on tape. This is what we call an airgap. Any data that is stored on tape is removed from the network, meaning ransomware can’t cross the “gap of air” that separates it. This is also where the 3-2-1-1 rule comes into play.
Many of the original theories about backups are producing added value and are now back in style. One of those original data backup models is the 3-2-1-1 rule. This rule suggests that businesses should have three copies of backups on two different media types, one of which is kept offsite and the last copy using an airgap. There are two ways to save an offsite copy – either online access (cloud) or with offline access (tapes). The offsite and offline copy is quickly becoming more important and describes an “air gap”. An “airgap” is an electronically disconnected copy of data that inhibits cybercrime attacks from getting to all your backup copies. The only way to create a physical air gap is to copy data to removable storage medium and store that medium offline. This makes tape media an perfect solution for most data centers. An off-site backup and storage facility can be either online, offline or both and can often be the most physically secure facilities in the industry.
How to Create an Air Gap Solution Using the 3-2-1-1 Rule
1 – Create at least THREE different copies of your data
With three copies of data, if you have your primary data (device A) and two backups of it (device B and device. Creating more than two copies of data also avoids a situation where the primary copy and its backup copy are stored in the same physical location, in the event of a natural disaster.
2 – Store your data on at least TWO different types of media
It is recommended that you keep copies of your data on at least TWO different storage types. For example, internal hard disk drives AND removable storage media such as tapes, external hard drives, USB drives, od SD-cards. It is even possible to keep data on two internal hard disk drives in different storage locations.
3 – Store at least ONE of these copies offsite
Believe it or not, physical separation between data copies is crucial. It’s bad idea to keep your external storage device in the same room as your primary storage device. If you work for a smaller company with only one location, storing your backups to the cloud would be a smart alternative.
4 – Store one copy of data OFFLINE
Put an electronic air gap between your backup server and backup storage by making sure that the backup is not accessible via any network or electronic connection. Most tape cartridges typically reside in library racks meaning they are offline over 95% of the time and are not electronically accessible to hackers.
The air gap avoids malicious cyber-attacks because data stored offline cannot be hacked. Ransomware is the latest crypto-viral blackmail technique, encrypting the victim’s data making them impossible to access, and then demands a ransom payment to decrypt them. These new forms of attacks embed time-delayed hidden malware into your data backup sources. This makes file repair meaningless because once the data is recovered, the ransomware re-ignites and re-encrypts the data all over again.
Whether you have the best backup solution on the market, the latest anti-virus protection available to the public, or multiple data siloes, this next generation of cybercrime is progressing quickly. In a cloud-based backup, data is backed-up over the internet and most likely stored in a shared storage base at an off-site data center maintained by a third-party company. Wouldn’t it be nice knowing YOU have control over where and what is stored, and peace of mind knowing it is virtually impossible for a hacker to access?