Home / Disaster Recovery / Immutable Backup Is the Best Defense Against Ransomware

Immutable Backup Is the Best Defense Against Ransomware

By Ahsan Siddiqui, Director of Product Management, Arcserve

Rampant ransomware attacks are now exploiting vulnerabilities to breach companies, encrypt data and extort large ransom payouts. The healthcare industry experienced a 755% increase in ransomware attacks in 2021. According to the 2022 Cyber Threat Report, attacks worldwide more than doubled last year. Businesses now suffer a ransomware attack every 11 seconds, with total damage at $20 billion annually.

Ransomware attackers are getting much more sophisticated and their exploits more ingenious each year. For instance, IT organizations increasingly rely on backups to quickly recover from a ransomware attack without paying the ransom. Attackers realize that backup copies threaten their criminal enterprise. So, they’re now attacking the backup infrastructure first, deleting backup copies and then encrypting the primary production data.

What can organizations do to stop the bad guys? One key to protecting your company is immutability. Immutable backups provide robust data protection because immutable copies of your backup data are impervious to ransomware infection. Immutability means data is converted to a write-once, read many times format, and can’t be deleted or altered—not by hackers or your administrators. There isn’t any way to “read” or reverse the immutability, which ensures that all your backups are secure and accessible.

Immutability ensures that there is no programmatic way a hacker can go in and delete or modify a copy of the data you have in your backup. Even if attackers get their hands on compromised admin credentials and gain full access to your network, immutability makes it harder for them to delete your copies or alter the data’s state. Bottom line: if you’re attacked, you won’t have to pay a ransom to recover your data and get your business back on its feet.

Even if an organization’s primary data infrastructure has been compromised, if it has immutable backup, it still has a reliable fallback position: a recent copy of its primary data that has not been modified.

Immutability available to all

There is one problem with immutability. Many organizations still don’t know about it, and adoption remains slow. There is a lack of awareness about the storage systems needed to achieve immutability.

The good news is that there are now cost-effective solutions on the market that provide this capability to businesses of every size. Companies can quickly implement a storage system that natively gives them immutability – a critical layer of protection.

Snapshots provide continuous protection

There are several crucial pieces of immutable data backup. First is an immutable object store, with every object written only once and never modified. Any modification you make to the file system always creates new objects. This kind of continuous data protection takes snapshots every 90 seconds. Snapshots are the view of the file system at the instant when the snapshot is taken. Since the underlying objects are immutable and cannot be changed, the snapshots inherit this immutability and hence cannot be altered or modified by an external source. Snapshots enable you to go back to specific points in time and recover entire file systems in minutes.

Another critical piece of an immutable storage system is an object-based scale-out storage architecture. Many traditional solutions fall short because they have limited scalability and performance. Once an organization reaches the scalability limit, the only available options are to add another standalone array with separate management or undertake the arduous task of a forklift upgrade and replace the existing array. Object-based storage offers a seamless pool of capacity through a single namespace for dynamically scaled-out storage, which means you can effortlessly add drives and appliances as your data grows.

Intelligent tiering saves money

The third element of immutable storage is intelligent data tiering. An ideal storage system will use analytics to identify frequently used data that the organization should always backup and seldom-used data that doesn’t have to be. It gives organizations an intelligent, tiered data architecture that provides rapid access to mission-critical information. It also enables organizations to save money on data storage while keeping their essential data safe from catastrophe.

For instance, if you’re a law firm, all your legal documents are automatically qualified as data that needs to be retained in its original form without being altered. Similarly, if you’re a financial services company, all your journals and ledger entries are automatically classified as mission critical. Organizations can feed those classifications into their backup and disaster-recovery policy, which translates into greater protection against a ransomware attack and the ability to go back and recover historical point-in-time data.

Final takeaway

Safeguarding your organization against data loss is now vital. With immutable backup, you can protect your business against ransomware attacks, avoid crippling ransom payments and quickly get your operations back up and running if an attack does occur.

Ahsan Siddiqui is Director of Product Management at Arcserve. He’s been in the industry for 17 years, working with partners and customers. 

Share to...