The golden copy: why immutable backups are critical

Jon Howes at Wasabi outlines how immutable backs up differ from traditional backups, and describes best practices for implementation

 

Ransomware attacks are continuing to rise, and bad actors are becoming more sophisticated at executing them. Bad actors are taking on the largest players in the game and coming out on top. For a business, the consequences mount up, from financial loss to business downtime, to reputational damage and legal hot water – to name a few.  

 

The recent Cyber Security Breaches Survey, carried out by the UK Government, found that half of businesses and around a third of charities have reported some form of cyber-security breach or attack in the last 12 months. The statistics become even more concerning when breaking them down further, with 70% of medium-sized businesses and 74% of large businesses reporting a cyber-security breach or attack in the past year.  

 

While the saying of “it is not a case of ‘if’ but ‘when’” is slowly becoming a classic adage when talking about cyber-attacks, the message could not be any clearer. The threat is real, the consequences are real, and businesses must invest in the right infrastructure to protect their business from the inevitable. So how can they keep their data safe, secure and yet easily accessible? The answer is immutable backups. 

 

Immutable, what? 

Bad actors are drawn to backups. They are a favourite target because encrypting a business’s primary systems and backups increases the pressure to pay up. Immutable backups are designed so that not even the most tech-savvy hacker or accidental click can mess with them.  

 

The data is fixed, it cannot be altered or deleted. Immutable backups establish a form of data that is considered WORM-protected, otherwise known as “write once, read many”. This means that once that data has been saved and stored, it can be viewed many times, but it cannot be altered. Users need to have the correct authorisation and authentication before being able to access the data too, adding an additional layer of protection in place.  

 

Additionally, immutable backups provide a chain-of-custody tracking solution. This means that every data transaction is registered, so if a business does fall victim to a security breach it can be traced back to the unauthorised user via the audit trail. 

 

Immutable backups go beyond simply shielding against ransomware attacks, they act as a safety net against accidental data deletions. In addition to establishing a clear data retention trail, which is critical for adhering to legal and regulatory requirements. By combining immutable backups with first-rate encryption and accessibility protocols, businesses can keep their data safe and protect themselves against threats and errors. 

 

Immutable vs mutable 

Immutable backups offer unparalleled protection against ransomware attacks when compared to traditional strategies. Since immutable backups are designed to be unchangeable, they are an ace card for businesses experiencing a hack. 

 

A traditional backup, otherwise known as a mutable backup, is a backup file or storage system that can be altered or changed after its creation. While traditional backups carry the risk of unintentional or malicious alterations which makes it less suitable for safeguarding against ransomware attacks, they still have an important role in a business’s data protection strategy. They are a key element of a defence-in-depth approach.

 

Traditional backups will often be what businesses most commonly access, update and check. They are more compatible with incremental backup strategies, which is where data modified since the last backup is added. 

 

It is best to view immutable backups as the golden copy, or the failsafe protection, that can be restored from should it be required. 

 

A solid suit of armour for the digital world 

While businesses can implement immutable backups as one part of their cloud security, they also need to have the right infrastructure and strategies in place to ensure their backups are completely secure. 

 

A smart rule to follow is the 3-2-1 backup strategy. This means having at least one backup stored somewhere offsite in case disaster strikes. Cloud-based backup systems can help with this by keeping a spare copy of data in a secure vault, safe from any potential havoc in the primary location. It will still be easy to access if necessary but keeps it separate from everything else. 

 

It should also be a rule to use Multi-Factor Authentication (MFA) for any individual who has access to the business’s backup. It is like having two or more locks on your front door instead of just one. It reduces the chances of someone messing around with the backup as only the people who should be getting in can do so. 

 

Businesses can take it one step further by adopting Multi-User Authentication (MUA), a protection that ensures no individual has sole control of the account that they could delete it without authorisation, or another user’s confirmation.

 

MUA allows businesses to have a very small number of users, usually around three, that must collectively confirm an account deletion. If any of the individuals decline the deletion, it is automatically cancelled. This prevents hackers, rogue employees, or an inattentive administrator from possessing the authority to deleting an account. 

 

Ensuring the team understand the criticality of data security and how to handle backups will make a difference. When the team understands why backups are important and how to use them correctly, they will help to keep the data safe. IT teams should also regularly check on the backup system to ensure everything is running smoothly. By keeping a watchful eye, it allows businesses to catch any problems early.  

 

Teams should also set up their backup system to give alerts and notifications if anything strange happens. This can make all the difference in a business’s security strategy. The real-time warnings let IT jump into action right away if there is a problem.

 

Immutable backups have a solid place in a data protection plan, and if businesses are not incorporating them, they are at risk. With the heightened risk of malicious activity and attacks, businesses need to plan for the worst-case scenarios. It is necessary to have a healthy dose of cyber-paranoia in this digital age. 

 

---

 

Jon Howes is VP and GM of EMEA at Wasabi, the hot cloud storage company

 

Main image courtesy of iStockPhoto.com and NicoElNino