Air Gap – Allowing your backup data to breathe life back into your organization in times of crisis Posted on Mar 27th, 2020 by William Bush

Categories: Data Backup, Data Recovery

We live in a data-driven age where data is the lifeblood of organizations. Due to this, cybercrime is skyrocketing, cybercriminals seek to exploit human or security vulnerabilities in order to steal passwords, data or money directly.

Many organizations have recently been subject to outages as a result of attacks by cybercriminals, outages that cause loss of data, services, reputation and revenue.

According to research, cybercriminals in 2019 made revenue in excess of $1.5 trillion. To put this into perspective - Walmart, Amazon, Apple, Microsoft, Facebook and Tesla combined made an annual revenue of $1.28 trillion.

Cybercriminals will use any scenario in an attempt to financially benefit -- even the COVID-19 pandemic.

Cybercriminal activity is one of the biggest challenges that humanity will face moving forward

A key goal for every organization is to ensure that cybercriminals are kept out. But due to the number of security vulnerabilities in operating systems and software, it’s almost impossible to do so, even with the best security and infrastructure expertise. Disruptive situations like all staff suddenly working from home outside of internal firewalls can also open up organizations to new or increased threats.

While I’m a fan of disk-to-disk backup solutions due to the speed and simplicity, they are vulnerable to risk if all your backup data resides on network connected devices. It’s a vulnerability I have seen exploited and, unfortunately, if both your primary data and secondary data is locked or infected then you’re exactly where the cybercriminals want you to be, stuck in between a rock and a hard place.

Based on that vulnerability, all organizations require a resilient and robust data protection strategy and solution to ensure they can recover from cyber-attacks. The data protection strategy and solution should enable data to be protected as required via the organization and ensure all services can be restored back to a functional and working state.

So, if a disk-to-disk data protection solution is a vulnerability, what’s the answer?

An Air Gap

What’s that? What the term means is a device, computer, or network that has no network interfaces connected to other networks i.e. Internet or LAN with a physical or conceptual air gap. If the location your data resides has no connectivity, then it cannot be hacked. Therefore, an air gap is a security measure that protects data from intrusion and enables immutability.

Many organizations incorporate an air gapped copy into the 3-2-1 backup and recovery strategy.

3-2-1 means you have at least 3 copies of your data, 2 of which are local but on different storage mediums i.e. disk and tape and 1 copy of which is offsite (air gapped) on either tape or in a more modern cloud object storage offering (check the finer details on these as only a few are immutable). 3-2-1 is always a good starting point for organizations creating or reviewing data protection strategies.

See what an example architecture of a 3-2-1 air gapped solution looks like with Catalogic DPX.

Air gap is most often enabled via most opinion dividing media in the market, tape.

It’s the media that more experienced IT professionals tend to love, and execs, marketing, and newer generation IT professionals tend to hate. Let’s have a look into why.

Some of the more common reasons people love tape:

  • It’s reliable - magnetic tapes can still be read safely after 30 years, while the average hard drive will generally only last around five years
  • It’s secure and enables air gapped solutions
  • It’s scalable
  • It’s cost effective - mostly due to high capacities, with LTO-8 providing 12TB native and up to 30TB compressed capacity per cartridge and it has reduced energy costs vs. disk
  • It’s quicker than its given credit for, with a max uncompressed speed of 360MBps and a max compressed speed of 900MBps when using LTO-8
  • It’s used by technology giants such as Amazon, Microsoft and YouTube
  • It isn’t going to die anytime soon with LTO-9 and LTO-10 already announced and capacities and transfer speeds continuing to increase

Some of the more common reasons people hate tape:

  • Complex management and requirement for expertise in a backup product to manage and orchestrate the tapes. If not correctly managed, it quickly becomes unmanageable and can result in data not being recoverable and tapes becoming misplaced
  • Time to restore - a DR scenario involves the movement of the tape to an offsite location and then manual steps taking via experts to get the data restored. DR testing is key to understand the RTOs that are achievable from offsite tapes
  • High initial capex investment to purchase suitable librarie(s), drives, connectivity, server(s) and tapes for production and DR (DR could be a shared site offered via a business continuity provider with access to the relevant infrastructure)

Love it or hate it, it’s here for the long term. However, if you are really opposed to tape for air gapping, have a look at some of the more modern solutions available such as immutable cloud object storage from IBM, immutable blob storage from Microsoft, and S3 object lock from AWS.

Why are air gaps so important? With them in place we don’t let cybercriminals win - paying the ransom only breeds more of the same kinds of attacks. Ensure your data is protected via a 3-2-1 backup and recovery strategy including an air-gapped offsite copy with Catalogic DPX. Things have come a long way in the world of backup and recovery in the last 20 years, during which Catalogic has been focused on the creation of robust solutions such as air gaps that enable backup data to breathe life back into your organization in times of crisis.

If you want to learn more, get a no obligation quote, or run a proof of concept, feel free to get in contact with us. Look forward to hearing from you.