Reading Time: 7 minutes

A legacy data storage technology has become the hero of recent times

According to the Cyber Observer: The United States ranks highest with 18.2% of all ransomware attacks and 43% of breach victims were small and medium businesses (link).
However, not only small and medium organizations are falling victims, but also enterprise companies as big as Google and Uber have faced cyber-attacks. These cyber-attacks are highlighted by their sophistication and the way they reach deep into the datacenter to do fierce damage. But more interesting are the findings that 34% of data breaches involved internal actors, which implies that companies need to protect themselves internally the same way they do externally.

The decisions on how to prevent threats and how to mitigate the loss of data in case of a ransomware attack lead to a more general question, how can your organization provide cyber resiliency to its most critical data?

Air Gap solution to increase business resiliency

Ransomware quickly infiltrates the network; therefore, the most effective way to prevent data access is to fully isolate the data. In this case, an air gap solution can prevent the destruction of data, by blocking the direct or remote access to the most critical data. This process needs to include the creation of a golden copy where storage plays a key role in preventing data loss in the total cyber-resilience solution when implementing an air gap strategy.

There are many considerations to be taken when creating copies of the data; for example, what methods to use to create copies of the data? and, where to store it?. To copy the data, replication services or backup services are two options to consider. To store the data, many organizations are using a backup solution and offloading the data to tape. Performing a backup to tape is the most practical way to create a gold copy and keep it offline.

Tape is now more important than ever

A backup solution offers the most cost-effective and practical way of maintaining data off-line. Storing your most critical data on disk could become costly, and as the disk footprint increases the cost exponentially. However, Tape is reliable and cost-effective when compared to disk. It can store the most amount of data with less footprint and maintenance cost. “Equivalent levels of backup for tape versus disk results in about 4x cost savings for devices” (according to an analysis conducted by BackupWorks.com).

The medium is considerably less expensive than disk or flash storage. Part of the reason is that, unlike disks, one tape machine can accommodate an unlimited number of tape drives or cartridges.

The use of tape makes it also easier to maintain data off-line. The only time the tape media is using a network connection is when data is being written to tape or restored from tape and this process can be scheduled. Every other time, physical tapes are offline and can be kept in a library or moved to a rack or vault.

IBM Tape backup solution along with Spectrum Protect can provide distinct benefits

There are several advantages when using IBM Tape backup paired with Spectrum Protect for managing backups in an Air Gap solution. 

Five of the distinctive benefits are:

  • Very long shelf life: It can store huge amounts of data and remain offline for decades

  • Low power cost: no requirement of 24 x 7 power consumption

  • Write Once Read Many: IBM offers LTO and Tape Systems with WORM technology. It locks the files so data cannot be changed preventing anyone from modifying any files

  • Security: Offers encryption

  • Speed: Backup can be very fast when implemented with the use of multiple tape drives and tape media to work together during the backup process

When the tape backup and restore process is managed with Spectrum Protect, then there are added resiliency benefits such as:

  1. Offers encryption of data at rest
  2. Detects unusual activities through notification as an extra layer of security to prevent attacks from internal attempts
  3. Ability to setup security domains and checks for the number of backups according to schedule; this detects unusual activity to prevent an internal breach

For an extra layer of security, IBM offers the version Spectrum Protect for Data Retention. There are several data security features that this version offers, specifically against insider attacks. This security is based on SW WORM that enables retention rules to be set to detect and prevent attempts to delete data.

How to ensure the backup copy is readable again when needed?

Data auditing is a process that can ensure the data saved on off-line media is readable again by Spectrum Protect when needed. Changed data can be physically readable, but could be logically corrupt; therefore, to check for data integrity, it’s best practice to conduct an audit of the gold copy stored on tape.

This audit is done using the Spectrum Protect “AUDIT VOLUME” command; which checks for inconsistencies between database information and a storage pool volume. Setting up the audit requires adding parameters to specify volume or storage pool names and schedules. This audit process can be automated using the Tape Audit Tool. Currently, the only solution that automates this process in the market is Tape Audit, read more at https://www.svasoftware.com/backup-archive/tape-audit-tool/.

The Tape Audit tool gives you control and efficiency and reduces complexity when conducting the audit process of a large number of tapes.

CONCLUSION

As a summary, an air gap solution provides that physical isolation needed to protect your company’s data and prevent a complete shutdown. To implement an air gap, Tape is the infrastructure that stores huge amounts of data while giving you the best bang for your buck.
Don’t neglect the importance of ensuring that the backup copy can be read again when needed. For more information visit Tape Audit Tool or check out the post  “Ensure data integrity of long-term retention data when using Spectrum Protect“.

Visit this link to know more about IBM Spectrum Protect: https://www.ibm.com/products/data-protection-and-recovery?lnk=STW_US_STESCH&lnk2=demo_SpecProtect&pexp=def&psrc=none&mhsrc=ibmsearch_a&mhq=spectrum%20protect

SVA Software, Inc.

provides solutions to secure, monitor, improve and troubleshoot the data and performance of your IT infrastructure, get in contact with us for more information.

  • General IT infrastructure automated monitoring: check out more about BVQ which provides transparency on the status and communication of your entire infrastructure from the compute to the Storage and SAN layers. (link)
  • Mainframe performance optimization: visit our Mainframe Service platform that provides solutions from reporting up to automated dynamic capping and maintenance. (link)
  • Ensuring data quality of your backup & archive data on tape media: visit our Tape Audit Tool solution which provides automated auditing on the quality of your backup data and ensure the data can be read when needed. (link)
  • Disaster Recovery: visit our IDR solution which provides a stand-alone application that makes it easy to be Disaster Ready. (link)
  • VMware License Management: visit our GetVMware solution which helps you manage and decrease the licensing cost of your VMware infrastructure using different dashboards and tables in Splunk. (link)