We live in a data-driven age where data is the lifeblood of organizations. Due to this, cybercrime is skyrocketing, cybercriminals seek to exploit human or security vulnerabilities in order to steal passwords, data or money directly.
Many organizations have recently been subject to outages as a result of attacks by cybercriminals, outages that cause loss of data, services, reputation and revenue.
According to research, cybercriminals in 2019 made revenue in excess of $1.5 trillion. To put this into perspective - Walmart, Amazon, Apple, Microsoft, Facebook and Tesla combined made an annual revenue of $1.28 trillion.
Cybercriminals will use any scenario in an attempt to financially benefit -- even the COVID-19 pandemic.
A key goal for every organization is to ensure that cybercriminals are kept out. But due to the number of security vulnerabilities in operating systems and software, it’s almost impossible to do so, even with the best security and infrastructure expertise. Disruptive situations like all staff suddenly working from home outside of internal firewalls can also open up organizations to new or increased threats.
While I’m a fan of disk-to-disk backup solutions due to the speed and simplicity, they are vulnerable to risk if all your backup data resides on network connected devices. It’s a vulnerability I have seen exploited and, unfortunately, if both your primary data and secondary data is locked or infected then you’re exactly where the cybercriminals want you to be, stuck in between a rock and a hard place.
Based on that vulnerability, all organizations require a resilient and robust data protection strategy and solution to ensure they can recover from cyber-attacks. The data protection strategy and solution should enable data to be protected as required via the organization and ensure all services can be restored back to a functional and working state.
So, if a disk-to-disk data protection solution is a vulnerability, what’s the answer?
What’s that? What the term means is a device, computer, or network that has no network interfaces connected to other networks i.e. Internet or LAN with a physical or conceptual air gap. If the location your data resides has no connectivity, then it cannot be hacked. Therefore, an air gap is a security measure that protects data from intrusion and enables immutability.
Many organizations incorporate an air gapped copy into the 3-2-1 backup and recovery strategy.
3-2-1 means you have at least 3 copies of your data, 2 of which are local but on different storage mediums i.e. disk and tape and 1 copy of which is offsite (air gapped) on either tape or in a more modern cloud object storage offering (check the finer details on these as only a few are immutable). 3-2-1 is always a good starting point for organizations creating or reviewing data protection strategies.
See what an example architecture of a 3-2-1 air gapped solution looks like with Catalogic DPX.
Air gap is most often enabled via most opinion dividing media in the market, tape.
It’s the media that more experienced IT professionals tend to love, and execs, marketing, and newer generation IT professionals tend to hate. Let’s have a look into why.
Some of the more common reasons people love tape:
Some of the more common reasons people hate tape:
Love it or hate it, it’s here for the long term. However, if you are really opposed to tape for air gapping, have a look at some of the more modern solutions available such as immutable cloud object storage from IBM, immutable blob storage from Microsoft, and S3 object lock from AWS.
Why are air gaps so important? With them in place we don’t let cybercriminals win - paying the ransom only breeds more of the same kinds of attacks. Ensure your data is protected via a 3-2-1 backup and recovery strategy including an air-gapped offsite copy with Catalogic DPX. Things have come a long way in the world of backup and recovery in the last 20 years, during which Catalogic has been focused on the creation of robust solutions such as air gaps that enable backup data to breathe life back into your organization in times of crisis.
If you want to learn more, get a no obligation quote, or run a proof of concept, feel free to get in contact with us. Look forward to hearing from you.