Staying Ahead of Ransomware: The Importance of Immutability
What Is Immutability?
In the basic sense, to be immutable means to be unchangeable. Something that is fixed, set, or permanent can also be said to be immutable.
In the world of cybersecurity and disaster recovery, immutability is important – immutable backups mean that they are fully protected from tampering or deletion. While we don’t want all files to be immutable, adding this barrier of protection to your routine backups – or even at the SAN layer with immutable snapshots – could be the difference between a minor security hiccup and full-blown ransomware disaster.
Why Is Immutability Important?
An immutable repository protects your data from modification, tampering, and even deletion from bad actors, disgruntled employees, or even accidental modification. It allows data to be read, but never changed or removed, thus making it a safer choice when it comes to your organization’s data backups.
The majority of organizations are now running routine backups, but simply having backups available without also protecting them promotes a false sense of security. In fact, only 57% of businesses hit by ransomware reported being able to recover their data from a backup. Bad actors know to focus on compromising backups before aiming at the larger, more important systems to better guarantee complete failure if their ransom demands are not met. Creating immutable, hard-to-reach backups can ensure business continuity in the case of a cyber disaster for your organization.
What Makes a Good Immutable Solution?
One way of protecting your backup data is a practice called ‘air gapping’ — a fully separate system that houses and manages your backups. These systems are often off-site and fully isolated, keeping data fully immutable. Old-school data recording that took place on removable media (floppy disks, CDs, tapes, etc.) had a natural air gap built in — once the media was removed from your machine, it was incapable of being changed. With the emergence of backups being stored in software, on the cloud, and on-premise, this traditional air gap no longer exists. However, out-of-band solutions like utilizing a service provider can achieve similar levels of separation.
With each new day comes a list of new threats. Keeping ahead of these threats is a full-time job often delegated to a CISO or similar – someone whose sole job is to stay on top of potential information security issues and create proactive action plans to protect against bad actors. It’s dually important to keep your backups in mind when maintaining your system security – in the event of a disaster, your backups are your last means of defense.
Outsourcing your backup management to a third party is one great way of adding a necessary air gap between your business operations and your system backups. Rather than individually sourcing rack space at a Colo facility or investing in hardware and spending the time spinning up compatible software to ingest and manage your backup files, allow a DRaaS specialist to take the entire process out of your hands for both a better experience and improved safety. Fully managed solutions are kept under a watchful eye and routinely maintained, checking all of the boxes of true, secure immutability.
Immutability On-Premises and in the Cloud
It is still possible to create ‘immutable’ backups without a traditional air gap, but recovery data is still open to potential vulnerabilities. CIOs and CISOs sometimes have different opinions on what immutability looks like in practice, making the benefits and shortcomings of storing backups without a traditional air gap difficult to weigh. A quick look into the pros and cons of managing backups in-house or without a traditional air gap can help you determine whether the risk is worth the reward:
Pros of Managing Backups In-House
- Can protect against data deletion within a given timeframe
- Ability to choose which levels of admin have access to backups
Cons of Managing Backups In-House
- Disgruntled employees (admins) can still delete backups
- On-premise hardware can be physically stolen or destroyed
- Cloud-based data can still be compromised via stolen credentials
Cyber Liability Insurance Implications
It’s important to fully understand the details of your cyber insurance policy. Just the same as any other insurance policy, certain security and safety benchmarks need to be met to qualify for remediation in the event a breach does occur. If your company is backing up its data, but not securing those backups, there is a chance you could be held liable in the event of a ransomware attack.
Safeguard Your Backups Today
Choosing what kind of immutable backup security solution works for your business can be tricky. Air-gapped solutions offer the highest level of data protection, but taking that data off-premise makes it more difficult to access. However, cloud-based and on-prem backups don’t provide the level of full immutability offered by a fully managed backup storage solution. In every case, it’s important to weigh your options and select what will work best for your enterprise.
If you need help building a data recovery plan that works for your business, Thrive’s DRaaS team is here to help.