by Fred Moore
President, Horison Information Strategies
The changing landscape of the data protection industry has evolved from backing up data to providing recovery from hardware and network failures, software bugs, and human errors, as well as fighting a mounting wave of cybercrime. Over the years, reliability and resiliency level of hardware and software have significantly improved. Cybercrime, however, has now become a bigger threat to data protection than accidental deletion, bit rot or drive failure. And the stakes are getting higher as anonymous cyber criminals seek to profit from the valuable digital data of others. With a ceasefire in the cybercrime war unlikely, we are witnessing the convergence of data protection and cybersecurity to counter rapidly growing cybercrime threats, including ransomware.
Though digital extortion is not new, the exploding use of ransomware – the latest crypto-viral digital extortion technique that slowly infiltrates an organization’s data over time – is a new threat that all organizations must prepare for. Ransomware locks the system’s screens by encrypting the users’ files unless a ransom is paid (typically into an anonymous bitcoin account) in exchange for the deciphering key. Hardware and software vendors are continually working on adapting backup and recovery products and methodologies to stop the new ransomware capabilities – but that alone isn’t always enough.
The offline nature of tape inherently defines the “tape air gap” and has become a critical component of a robust data protection strategy to confront cybercrime. An air gap is an electronically disconnected or isolated copy of data that prevents cybercrime from attacking an organization’s backup, archive or other data. Without an electronic connection or pathway to tape (or any other type of offline media), files stored on tape can’t be hacked. Storing data in the cloud isn’t sufficient if there’s an electronic path to access it.
Most tape cartridges typically reside in robotic tape library slots or in manually accessed media storage racks, meaning they are online only when the tape cartridge is mounted on the drive. After entering a system, typically through email attachments or malicious web links, malware finds its initial residence online – either on HDDs or SSDs – but not on tape. For enterprises using multiple tape formats, Spectra’s TFinity® Exascale Tape Libraries support the open LTO format and the IBM and Oracle enterprise tape formats in the same robotic library, creating an easy-to-manage and unique “tri-media tape air gap” supporting all three current types of tape media in a single tape storage system.
To combat the growing wave of cybercrime, organizations need to start with a strong data protection strategy using the latest capabilities. The most important thing to do when dealing with ransomware is to make sure that a backup copy of critical data is stored offline – behind an air gap – so it can be restored quickly to resume operations as soon as possible. If an organization does not have a robust backup plan, it’d better have a bitcoin account ready to pay the ransom! The tape air gap provides a last line of defense simply because criminals can’t delete or encrypt what they can’t access over the network or any other electronic link. Remember that “backup is one thing – recovery is everything.”For more information on the tape air gap and how it addresses cybercrime, read Fred Moore’s white paper here.