facebookpixel

World Backup Day

CMMA Blog

Today is World Backup Day and we are celebrating and gently reminding IT organizations across the world, backup your data! Though we celebrate it once a year, it does not mean we backup data once a year. Let’s consider 3 reasons why backing up to protect your data is crucial to your organization: 

The Rising Tide of Data 

Managing data is becoming a challenge for many IT organizations. The continued rising volumes of data is putting pressure on backup strategies that were once effective. IT leaders need to find the latest, fastest, most cost-effective forms of backup solutions that can make sizeable backups manageable and easy to implement. IDC projects that there will be 79.4ZB of data created by connected IoT devices by 2025, growing from 13.6ZB. Unstructured content related to entertainment (creation, production, distribution and consumer consumption) continues to be the largest category of data.” This volume of data presents many challenges so backup methodologies and strategies need to be revisited often. Finding the right backup tools and methodology are an essential piece to finding the right recipe for your organization as is preparing your infrastructure for the vast amount of data that is being generated. 

Back Up Regularly to Avoid Disaster 

Why do you need to backup anyway? Because you never know. Infrastructure hardware will fail. Malware, such as ransomware will strike, and humans will make errors. There is no question IT Managers must be prepared for those moments when disaster strikes a blow when you least expect. Backing up your data regularly will ensure you can protect and recover data quickly and effectively. In addition, they should be done intelligently to address the hyper-growth and the requirement for hyper-availability. Part of finding the right solution requires an analysis to help determine the value of data to efficiently manage greater volumes that applications are generating. It is a necessity not a luxury to future-proof your infrastructure.  This exercise helps organizations acquire the correct tier of technology to not only manage but restore within the specified SLAs of the organization. 

Ransomware 

Highlighting ransomware is important because of its prevalence in cyberspace. Threats and attacks are getting more aggressive and those ransomware-focused threat actors are using creative means to break into systems and deploy ransomware for the threat actor’s payday (Source: TechCrunch). There is a rule as old as time that has been proven true time and time again:

Keep 3 copies of your data, using 2 different storage media types (object, flash, HDD, tape) 1 offsite (physically separate from the building such as DR site), and 1 offline (completely disconnected from your network).

Keeping a clearly defined data copy offline and air-gapped to protect against malware attack will enable you to retrieve that data and get back up to speed faster and back to business sooner in the case where your network-connected copies are compromised. 

Conclusion 

World Backup Day is not about backing up just one day of the year. Let today serve as an awareness day to remind enterprises and SMB’s that protecting data by backing it up regularly will prevent disasters that can come in any form. Restoring data from a backup copy will allow businesses to resume operations effectively. There is value in protecting your data. What is the value? In many cases, unquantified. Preserve and protecting your data, whether for the three factors mentioned or to simply provide the continuity of business operations. Learn more about our Enterprise Backup and Archive solutions .

To view our Partner blog, click here

Ransomware’s Latest Hits

CMMA Blog

Ransomware remained at the top of the charts last year, as one of the most cunning and vicious forms of data theft. Ransomware attacks take place every 14 seconds and have increased by 700% since 2016. The loss of access to production data cost companies around $11 billion in financial, productivity, and downtime losses in 2019. Sifting through the latest ransomware news, I find it alarming that some organizations still do not see ransomware protection as a number one priority to protect their IT infrastructure. With the continued attacks on unsuspecting companies, the crafty criminals are getting away with a huge paycheck and with your data.

Public, Education, and Healthcare Organizations
are Likely Targets

According to recent data, public organizations and the healthcare industry are the most likely targets that could be hit the hardest this year. Many public and healthcare organizations may not have the budget to invest in the latest cyber-security software available in the market today nor do they have the systems in place to perform upgrades as needed, thereby leaving their systems vulnerable to attackers. Understandably so, it is seen as a weakness and one to be exploited where healthcare facilities can’t provide critical services to their patients. A published article by Tech Target quotes Caleb Barlow, president and CEO at healthcare cybersecurity firm, CynergisTek, in Austin, Texas. He states, “The most common attack on healthcare has involved data theft, but that’s starting to change. Today, hackers are using ransomware attacks more frequently, which have a destructive, “kinetic impact” to them. That means, you didn’t steal the data; you locked it up, destroyed it, or changed it,” Barlow said. “When those things happen, you can’t see patients.”

Ransomware is a destructive force and medical organization need to brace themselves in 2020 because these attacks will spread wider and with more frequency. This reminds me of the Campbell County Health 2019 attack, which was one of the worst recent hits because it put lives at risk. (Source: Campbell-county-memorial-hospital-ransomware attack ).

Latest string of Companies Crippled
by Ransomware

  • March 2, 2020 (Reuters) – Currency service provider Travelex on Monday estimated a 25 million pounds ($31.9 million) hit to first-quarter underlying core earnings due to the ransomware attack in late December and said it has restored all its customer-facing systems. (Source: UK Reuters/ransomware attack ). Travelex services remained offline for more than two weeks following the attack, leaving some customers cashless during the busiest travel season.
  • Among small and medium-sized businesses, in the last 12 months, twenty-two percent of organizations had to cease business operations immediately because of ransomware; Eighty-one percent of businesses have experienced a cyberattack; Sixty-six percent have suffered a data breach and thirty-five percent were victims of ransomware (Source: https://www.malwarebytes.com/ransomware/ ).
  • Legal services giant, Epiq Global, has been hit by a ransomware attack. A source with knowledge of the incident said the ransomware hit the organization’s entire fleet of computers across its 80 global offices.
  • And just recently, Visser, a parts manufacturer for Tesla and SpaceX, was hit by a more advanced, data exfiltrating ransomware. A portion of the files stolen from the company were published by the ransomware group. (Source: https://techcrunch.com/2020/03/02/epiq-global-ransomware/ ).
  • How about the Ransomware attack against the New Orleans city government earlier this year, which cost the city $7 million dollars.
  • Albany County in New York was hit by three cyberattacks in the span of three weeks in late 2019, including a Christmas day attack on the Albany County Airport Authority (ACAA) that resulted in an undisclosed ransomware payment by the ACAA. (Source: Times Union https://www.timesunion.com/business/article/Ransomware-attack-cripples-airport-authority-s-14963401.php ).

Important to know: Ransomware is getting craftier

While some reports say ransomware
is going down and others say it’s going up, the bottom line is to understand
that the illegal activity will attempt to hit your datacenter, and the only
unknown in this equation is when? The answer is you never know, but there is
ninety-nine percent chance that your organization will be targeted,
unfortunately.

It’s important to protect your IT
environment by becoming aware and by applying old but true principles of data
protection (DP) and business continuity (BC) as follows:

  • Prevention and recovery should
    both be an important part of your DP and BC strategy.
  • Upgrading legacy backup
    infrastructures is top of the list, so it doesn’t become an easy target.
  • Next, is having your backups
    current and up to date, so you can recover the most recent instances of your
    data.
  • Whether you choose to back-up on
    disk or keeping an air-gapped copy on tape, the latter of which is iron clad
    protection from ransomware because it’s air-gapped, physical barrier, you will
    ensure recoverability.
  • Backup copies should not only be
    recoverable, but they should be predictably recovered. In other words, test,
    test, test the integrity of your backup recovery system and verify it. And
    speaking of predictability, the NCSC (UK National Cyber Security Centre) has
    updated its guidance and is suggesting greater emphasis is needed on that
    offline copy.

In conclusion, the most sensible approach to protecting your data should be prevent, detect, and respond, but also protecting your backup with the 3-2-1-1 rule : 3 copies of your data, 2 different media types, 1 offline and 1 offsite.

Visit our Ransomware Protection Solutions page for the latest information on our Ransomware Protection packs, our deduplication back-up appliances, and tape solutions with LTO-8 technology .

To view our Partner blog, click here

Air-Gap: A Cybersecurity Benefit

Archive

Of course, magnetic tape is an old technology but the simple reason of being old does not make it ineffective or impractical to use in the modern data center. Many would dare to say, magnetic tape is so retro its totally new again. I am inclined to believe that. Why? For one, the most modern data centers, called hyper-scalers, are leveraging the use of magnetic tape and cost-efficiency for such large magnitudes of data. For the rest of us, it mainly has to do with the cybersecurity benefit of air-gapping a backup copy.

I recently did a webinar where I teamed up with one of Quantum’s IT managers to discuss mainly what his IT organization did to protect against Ransomware. (If you missed, see here: Ransomware Webinar ).  Maybe for some it felt like it was a pitch for tape coming from a company that owns more than 30% of the tape market, but the reality is that we have seen and heard from many companies how air-gapping a backup copy truly became the best last line of defense against the nemesis of Ransomware. Plus, if we didn’t use the solution ourselves, would you really buy it from us?

When your organization was saved multiple millions of dollars because you stored a backup copy of your asset or last week’s data on tape and saved the most precious intangible commodity of time, creativity and effort plus the tangible ones like new data of new customer acquisitions, market intelligence and new product analysis you too would also say, damn tape is freakin’ awesome. Ransomware, due to the patience and tenacity of the criminals behind it, can sit and pause for any length of time inspecting your network from a distance until they discover a way to bypass your security. This is not to say, that the cybersecurity software in the market today aren’t amazing solutions, but if we’ve learned something it is that cyber-criminals are tenaciously patient and very hungry to be rewarded. This is why, air-gap is the best last line of defense. Working together with cybersecurity software, SDDs, flash and replication technology as data moves from a hot to cold status, air-gapping becomes very cost-effective and the best way to store long-term data.  In no way, are we saying replace your ultra-speeds that SSDs or flash offer in a back-up scenario, but rather include an air-gap backup copy on magnetic tape in the event you find your network connected devices compromised by ransomware. The enterprise backup environment is being hit hard by these vile characters and you don’t want to be caught by surprise.

To view our Partner blog, click here

Tape Storage – a Proactive Layer of Protection Against Ransomware

Archive

As we close out another year, cyberattacks like ransomware continue to be top of mind for many organizations. We expect it to be top of mind in 2020 and beyond as organizations make investments in the latest technology. With all the energy and spend going towards new technology and cybersecurity efforts, I can’t help but wonder what continues to give these cyber adversaries the upper hand? I’d be naïve to say that profit isn’t a huge motivator because there is a straight line from development to profit. It is a well-known fact that these intrusions are expected to yield more than just profits when they cripple your systems, they seek to yield the grand prize – your company secrets, your data is the currency of choice. An article published by Tech Republic states, “Cybercriminals are searching for higher returns on their investment, and they can reap serious benefits from ransoming organizations over individuals, who might yield, at best, a few personal files that could be used for extortion or identity theft.”

A backup strategy is important to overall protection

Backups are a critical component to your overall protection strategy. Is all your critical information being backed up. Is it being stored offline? Has the backup strategy implemented been tested to ensure it works? The FBI has recommendations for ransomware preventions and responses fo r CEOs. It is not a surprise to see that the first answer to the question of ho w to protect your network was Backups.

Tape storage: Your last line of defense

We have learned that ransomware seeks and attacks known vulnerabilities in the
network, where data on servers, storage, and everything else connected to it
will most likely be compromised. For your data to be truly protected, we recommend
an offline or airgap copy in your backup strategy that works in conjunction
with your security software, hard disk drives (HDD), and cloud storage.

Because tape storage is an ‘offline’ storage technology, it provides
effective protection against ransomware and malware. Tape is your last line of
defense—simply because criminals can’t delete or encrypt what they can’t access
over the network. To fully protect your data against ransomware, prevent the
infection in the first place, and then perform regular backups, replicating
data to off-site and offline media such as tape.

Tape offers high-speed restore rates

Not only is tape storage cost-effective, but it offers high-speed restore rates, currently with LTO-8 generation it has an up to 750MBps transfer rate. That makes it ideal for both storing large volumes of data over the long term, as well as protecting your assets. Although replication technologies can provide faster restores, let’s remember they do not protect from ransomware.

Make tape part of your backup and DR strategy

Given the prevalence of ransomware attacks, you need a strategy for
defending your files against these debilitating events. We’ve seen state and
local governments, educational institutions, and private enterprises rendered
helpless in their ability to continue their day-to-day business after an attack.
Start with a proper data protection strategy.

Understanding what part of your data is critical to your operations is the
first step to ensure that a backup copy is readily available on magnetic tape. Keeping
a disconnected offline copy of your data is important to your data recovery
(DR) plan because tape storage provides the best offline option, is
inexpensive, portable—and offline.

When ransomware hits, you want to be proactive, prepared, and in the
position to stand up against ransomware threats. Let’s stop giving them the
upper hand and may this 2020 be uncompromising and ransomware-free.

To view our Partner blog, click here