It’s 2020, and you’ve already modernized your backup platform with disk storage optimized with deduplication and compression, with network efficient offsite vaulting. The daily routine of managing tapes and dealing with the mechanics of a tape library is no longer a burden. Backup speeds are no longer limited by mount points in a library and restores from disk are fast.
You don't miss tape.
Until, you’re reminded that tape, with its portability, provides a very obvious physical “air-gap” between your backup data and the production environment. Then someone asks how your new disk-based solution is protecting backup data from a potential cyber-attack, such as ransomware? Each backup vendor has their own approach to protecting backup data from those threats which may corrupt and destroy production data.
The day you are hit with a ransomware attack, you need to be able to rely on your backup copies to recover data, fast. You need assurance that those copies are “clean” and can be recovered. In an age where onsite and offsite recovery time objectives demand the speeds only offered by disk (and even flash), the idea that recovery of corrupted data may be delayed by having to recall and read data off tape may be considered a backward step.
A disk-based backup design deserves a disk-based "air-gap”.
This is where Dell PowerProtect Cyber Recovery comes in to play. Taking advantage of Data Domain technology, the Cyber Recovery solution provides an air-gapped vault for backup copies on disk, securely isolated from the production infrastructure behind a firewall and out of harm’s reach. The vault is essentially offline to the production environment but online in terms of readiness for recovery.
Automatically updated with copies replicated daily from production, copies in the vault are analyzed by CyberSense forensic tools in order to confirm data is “clean” before being swiftly recovered within an isolated “sandbox” environment. Such processes are impossible with tape, at least not at this level of speed and automation.
Not all data is valued equally.
We recognise that there is a sliding scale of risk tolerance when designing protection for backup data against cyber-attacks. That is why we lead with a consultative approach, taking into account required service levels, applying policies dependant on the value of data and the impact of data loss on the business.
Each technical approach has its own virtues, and our Helix Discovery service will help illustrate the advantages and shortcomings of an existing environment when responding to a cyber-attack with a simulation of potential recovery times. We identify solutions to protect and respond to an event and evaluate new technology with an independent perspective of the market.
In the coming weeks and months, let us help you review your data protection against cyber threats, and ensure that your data protection platform develops in step with the times.
By Daniel Banche, Senior Technical Sales Architect