Trends in modern backup
One of the main concerns with the impact of a ransomware attack or network intrusion is that the attacker often attempts to make backups inaccessible by encrypting or deleting the data, making it impossible to use them as an avenue to recovery.
Now it’s possible that we can address this in a conventional manner by sending a copy out to magnetic tape, but this is often fraught with the logistical issues of tape capacity*, data transfer speeds*, and access to the tape device (often locked in a comms room or based in a data centre). Most modern backup system send secondary copies to an offsite location over the WAN, but that means these copies are available to a threat actor performing this kind of attack.
* Although we should note that LTO-9 is now available with a native capacity of 18TB and a transfer speed of up to 400MB/sec.
An alternative for Veeam Backup and Replication customers is the use of hardened Linux file repositories and data immutability.
The new hardened repository feature of Veeam V11 provides an effective barrier between an attacker and your valuable backup data by utilising the following features:
- Single-use credentials: credentials that are used only once to deploy Veeam Data Mover while adding the Linux server to the backup infrastructure. These credentials are not stored in the backup infrastructure, so that backups files will be safe even if the Veeam Backup & Replication server is compromised.
- Immutability: when you add a Linux repository, you can select the Make recent backups immutable for check box and specify the time-period while backup files must be immutable. During this period, backup files stored in this repository cannot be modified or deleted.
Utilising data immutability
Another method of utilising data immutability is via Amazon S3 (and other S3 compatible services). By transferring secondary or tertiary copies of data into an S3 service you can protect against malicious (or accidental) deletion or modifications.
Together, Linux Hardened Repositories and Amazon S3 with Immutability provide end-to-end protection of your data, meaning you need never worry about having access to your recovery data during this most stressful of events.
About the author
Jonathan Hammond
Senior Solutions Architect at Koris365
With over 20 years spent in the IT industry, Jonathan has accumulated a vast amount of experience in designing, deploying and supporting server and storage solutions. Since joining Koris365, he has been involved in the migration and consolidation of an immeasurable number of server workloads onto public and private cloud platforms. Jonathan is an evangelist for the Software Defined Data Centre and has developed a deep technical knowledge of the VMware technology stack.