The threat of ransomware has put a heightened focus on the value and integrity of organizations’ backups. To maintain their value, more organizations embrace air-gapped technologies to protect their backups from a ransomware attack. However, when introduced, air-gapped technologies present five specific management challenges. Prior to using these technologies, organizations should verify their backup software effectively addresses the management challenges they present.
Ransomware represents one of the largest, most pervasive threats to business operations that many organizations have ever encountered. Hackers actively target organizations of all sizes with ransomware in hopes of encrypting data to extract a ransom from them.
This tactic works well. A 2021 survey found that 37 percent of organizations across 30 countries were hit by ransomware in the last year. Further, of those that were hit, 54 percent reported cybercriminals encrypted organizational data.
While alarming, good news exists. 96 percent of these same organizations got their data back. To get it back, many used backups as a source to recover production data.
Using Air-gapped Technologies to Protect Backups
The effectiveness of using backups for recovery from ransomware attacks helps negate the need to pay ransoms. However, as backups succeed in this role, hackers more frequently seek to compromise organizations’ backups.
Organizations may secure their backups by using backup software that leverages air-gapped technologies. Storing backups on air-gapped technologies prevent ransomware from accessing backups to delete or encrypt them.
The Five Challenges
While effective in this role, air-gapped technologies create their own set of problems. To get the benefits they expect, organizations should first validate their backup software addresses these five challenges that using air-gapped technologies to store backup can present:
Challenge #1: No Support for Physically Air-gapped Technologies
Newer backups solutions may only support disk (locally or network-attached) or cloud storage. These solutions may have limited or no support for physical, removable media, such as tape and thumb drives. Organizations often want to use these types of removable media due to their affordability, availability, and practicality.
Challenge #2: Limited or No Support for Bucket or Object Lock.
Most general-purpose and purpose-built cloud storage providers now offer a bucket or object lock feature. This feature makes backup data immutable to prevent data deletions or changes. However, effectively utilizing these immutability features requires the backup software to recognize and manage it. Some backup software does not yet support this functionality. Alternatively, it only works with some cloud offerings.
Challenge #3: Unacceptable Performance.
Air-gapped technologies may not provide the level of performance organizations need to meet their operational requirements. For instance, organizations may find they cannot back up or restore data in an acceptable time.
Challenge #4: Cost Creep.
Storing backup data on air-gapped storage solutions may result in an “out of sight, out of mind” situation. Behind the scenes, however, backup data stores may quickly grow. This then creates a follow-on effect where air-gapped storage costs also grow equally fast. These costs may show up in two ways. If storing backup data on cloud storage, these costs recur and will increase over time. If using removable media, it may incur monthly recurring storage costs plus transportation costs to move it.
Challenge #5: Policy Creation and Management.
Storing data on air-gapped storage in an immutable format should not equate to infinite data retention. Organizations must develop and create policies that manage backup data retention. These policies must align with business and regulatory requirements and delete backup data at the end of its useful life. They must also set policies that release the physical media for re-use or return cloud storage back to the cloud provider once they no longer need it.
Effectiveness of Air-gapped Technologies Hinge on Backup Software
Organizations must now operate under the assumption that ransomware will one day attack their IT environment. Further, ransomware continues to become more sophisticated and increasingly targets weak links that may exist in organizational cybersecurity defenses.
Air-gap technologies can play a critical role in helping organizations neutralize and repel these attacks. They help ensure ransomware attacks do not compromise existing backup data while positioning organizations to respond. However, organizations must properly implement and manage these air-gapped technologies to ensure they get the benefits they expect. This begins by selecting a backup software such as Arcserve UDP that addresses these key management challenges that air-gapped technologies present.
Keep Up to Date with DCIG
To be notified of new DCIG articles, reports, and webinars, sign up for DCIG’s free weekly Newsletter.
Technology providers interested in licensing DCIG TOP 5 reports or having DCIG produce custom reports, please contact DCIG for more information.
Note: Arcserve is a client of DCIG.