The idea of data permanence and reliability has been around for a long time as humans desire to retain information indefinitely. However, today’s most valuable type of information is more ethereal. Since digital data is now the lifeblood of business, government, and everyday virtual lives, it is more critical than ever to secure data, keep backups, and enable quick restoration when needed.
Unfortunately, ransomware attacks are growing exponentially daily, crippling mission-critical systems leading to unplanned downtime and costly recovery for unsuspecting victims. Backups ensure companies and IT professionals have a defense to fall back on when the inevitable happens. However, merely making copies of your data doesn’t make you invincible against cyber-attacks.
In recent years, advanced ransomware attacks have infiltrated backups, leaving organizations and governments with little chance of recovery while guaranteeing malicious actors a lucrative payday. Sophisticated ransomware led IT professionals to implement immutable backups into their business continuity and disaster recovery strategies.
However, immutable backup is not a new concept. It existed even during the days of tape when organizations physically set tape media as write once, read many (WORM), making it immutable. WORM refers to a data storage device that you cannot modify once you write information on it. Thus, the write-protected data remained unchanged, making it impossible to tamper with or erase after it’s written/stored.
This post looks at immutable backups, how they work, and how to implement a sound strategy. It also discusses immutable cloud storage, the benefits and drawbacks of immutability, and its role in protecting against ransomware attacks.
An immutable backup or storage refers to data that is fixed, unchangeable, and undeletable. Having an immutable backup is critical for organizations that need to ensure they have a copy of recoverable data that remains secure from unforeseen and undesirable accidents or incidents.
Once an organization stores an immutable backup, it remains unchanged or unaltered, essential for protecting against malware and ransomware. Data stored in immutable storage is impervious to ransomware infections.
Additionally, by keeping archives of immutable backups, organizations guarantee recovery from ransomware attacks by finding and recovering from a clean backup kept on record. Immutable backups also enable companies to meet data security and compliance regulations by keeping accurate copies of their historical data.
Immutable Backup Storage Media
IT professionals set immutability on the storage medium organizations use to store their backups. Today, several options are available for immutable backup, including optical technology, purpose-built backup appliances, enterprise disk arrays, and the cloud.
Unsurprisingly, the cloud is arguably the go-to medium for immutable backup for modern backup architectures.
Is Object Storage Immutable?
There is no way you can modify data within an existing object or modify it in place. Therefore, all objects within a given object store are immutable. However, this immutability restricts object storage to write once, read many (WORM) workloads, limiting their application to data archival.
Object storage offers substantially better scalability, durability, and resilience than other parallel file systems. Additionally, for specific workloads, it delivers staggering amounts of bandwidth between compute nodes as well.
Object storage abandons the notion of directories and files to achieve these new heights of overall performance. Thus, they don’t support POSIX/IO calls (open, read, write, seek, and close) that file systems do. Instead, they support only two operations: PUT and GET.
Are Databases Immutable?
Yes, there are immutable databases. These are centralized database systems that store information in a way that cryptographically verifies its integrity. They track every data change and maintain a complete history of changes to verify the integrity of the database over time.
In this aspect, developers call these databases immutable since they maintain a history of all the changes performed within the data store. Thus, whenever there is a malicious or unintended modification, someone will detect, report, or even recover it.
Is Data Domain Immutable?
Yes, you can store data in an immutable manner using Data Domain Automatic Retention Lock. The feature stores immutable data for a set duration that the automatic retention period’s section value set defines.
Retention lock refers to functionality that you can use on Data Domain Restorers to prevent deletion or modification of given files set for a predetermined period. It means retention locked files remain read-only until the expiry of their retention period.
Data domain in data management and database fields refers to the range or collection of acceptable values that a data element contains. It defines the model schema plus other attributes for that focus. Enforcing the data domain keeps database information consistent and within acceptable parameters.
As discussed earlier, an immutable object in computing is one whose state remains unchanged or unmodified after its creation. Therefore, immutable storage refers to data that you cannot change, encrypt, or delete once it’s backed up.
On the other hand, a mutable object remains modifiable after creation. In a database structure, you can change data once it’s stored and such changes overwrite and replace the previous record. Therefore, previous data iterations are lost unless you have a system of backups and transaction logs tracking them. What’s more, mutable databases are record-based, meaning there are limited data spaces.
Types of mutable databases include SGL, NoSQL structures, and relational database structures. They are the majority of traditional databases and originated in an era with smaller data volumes which were more expensive to store and characterized by transactional systems.
In contrast, immutable databases are newer and more common today because the data points remain unchanged. They are log-based and create new spaces for storage when additional data appears. Additionally, they are more flexible and critical to modern business practices due to the vast amounts of data available today, the increased cybersecurity risks, and the affordability of cloud-based storage.
An immutable system utilizes file system technology and takes a modern approach. It enables organizations to use object storage in any platform in a public or private cloud environment. It appears like a familiar file system to the end-user that they can open, edit, copy, save, or delete with authorized access.
The systems store files as blocks in cloud object storage as an authoritative data set accessible to every user in the organization. The data blocks are immutable, meaning administrators store them in a write once, read many (WORM) form. Therefore, once held, no one can edit, overwrite, or delete them until the lapse of a set time. They are also impervious to all malware.
You build immutable backups by copying data bits to cloud storage. Once you copy the data to the cloud, you can set an immutability flag that locks it, preventing accidental deletion, corruption, and malware infections. In addition, you can set a specific timeframe for the flag – for example, if you select 30 days, you cannot modify or delete the backups during that period.
You can store short-term immutable backups locally. Additionally, you can also tier data backups into off-site immutable object storage.
There are three primary types of backups:
Full Backup: This is a complete backup type that clones all selected data, including files, folders, hard drives, SaaS applications, and more. However, it takes longer to backup and overloads storage space.
Differential Backup: This backs up data from the last full backup to capture changes or new data.
Incremental Backup: This refers to the subsequent backups after a full backup and stores only those changes made to the previous backup. It gives businesses flexibility in spinning as many incremental backups as they wish, storing only the most recent changes.
After deciding on the best type of backup suitable for your needs, you need to consider where to store it. There are several types of media available for storing data, including:
Optical media such as CD, DVD or Blu-Ray
Mini disk (MD)
External hard disk
The apparent risk of failing or skipping a data backup is you have no fallback for disaster. Organizations should appreciate and mitigate the potential impact of data loss. Failure to perform a data backup could result in the loss of business-critical data such as:
Partner and contracts information
General business data
Apart from data loss, the failure to backup data could have the following additional consequences:
Lower efficiency and productivity
No data available for customer support and services
Finally, organizations also risk the following legal consequences:
Utilizing the cloud for backup and recovery is necessary for business continuity and disaster recovery best practices. Fortunately, managed service providers (MSPs) have realized that solutions employing the cloud are not similar. There are differences in cloud design that could significantly impact the backup and recovery of data.
As it turns out, numerous solutions that utilize the private and public clouds for backup and recovery are mutable and prone to alteration. Hackers and other malicious actors can still corrupt the data and information. They are increasingly targeting cloud backup systems making it impossible for organizations to recover from ransomware attacks without paying.
Typically, the cloud is secure because vendors air-gap it from the primary storage, giving it instant protection from natural disasters. Similarly, it is accessible from anywhere, allowing immediate air-gapped backups and recovery, unlike in the past where the IT team would need to retrieve tapes from an off-site location.
Additionally, the cloud offers unique features like placing a time window on immutability. Thus, an organization can set immutability for a period, keeping its data copy unchanged, undeletable, and unalterable for the duration.
Implementing a sound immutable backup strategy protects an organization’s data and gives it a fast response to cyber-attacks without needing to pay hefty ransoms.
Many data backup and recovery best practices are prone to attacks. For instance, data replication to remote data centers does not provide ransomware protection because successive backups can overwrite healthy files with infected or encrypted versions. In such cases, it becomes difficult to accurately pinpoint the infection’s starting point.
One suitable strategy is implementing the 3-2-1 backup rule involving keeping at least three data copies. One copy is off-site (for example, an air-gapped immutable cloud backup), while two are local but stored on different mediums (disk, tape rotation, NAS etc.).
Below are some best practices for planning and implementing an immutable backup.
Data Integrity: Store your data backup on platforms that prevent modifications. Some MSP vendors provide object-based storage making it impossible to make data modifications and encryption.
Zero Trust Model: Include strict identity verification for users accessing data backups on private networks. This holistic approach consists of several technologies and principles to ensure advanced security levels and backup safety. A suitable method is using multi-factor authentication (MFA) to reinforce security.
Multi-Level Resiliency: Excellent defense strategies combine immutable backups with the latest cybersecurity tech and employee training. A suitable protection level is using the write once, read many format.
Automate Response: Implement an automated response system that quarantines infected systems immediately even if nobody is present when an attack occurs.
Clean Restore Point: Ensure your backups are free from malware before storage to prevent reinfection by scanning them first. Alternatively, you can store immutable backups to protect against encryption and ensure clean recovery.
Immutable backup allows organizations to have a read-only backup that nobody can delete, including an authorized administrator. Implementing immutable backups assumes that the organization has instituted a comprehensive security program already, which includes:
Multi-factor authentication for all facing applications and services
A vulnerability program
Proper next-generation firewalls
An endpoint detection and response solution
Passphrases and passwords
Use principle of least privilege
Security awareness training for employees and other end-users
As a business-critical part of organizations, data requires a high level of protection from malicious actors and cyber-attacks. Ransomware is a malware type known to encrypt data making it no longer usable or accessible. The encryption level can reach the Master Boot Record level, preventing booting, which extends to backups.
Ransomware attacks primarily bring down vital business services, crippling organizations and leaving them at the mercy of the attackers – until they pay a ransom.
One way to mitigate ransomware attacks is by regularly backing up your data as the last line of defense. However, making regular copies of your data still does not guarantee its safety. Unfortunately, advanced ransomware attacks are now targeting backups as well. Hackers can modify, encrypt, or delete backups.
Immutable backups prevent such situations because they remain unchanged and undeletable and prevent unauthorized access. Hence, backup immutability ensures you have the most recent clean copy of data, safely stored and recoverable at any time.
Not all backups are equal. For example, you may invest in different types such as encrypted, off-site, and replications and think you are covered. However, while that is a necessary start, you still face the risk of hackers gaining access to your backup server and encrypting, modifying, or deleting data.
The only way to safeguard your data is by preventing any form of modification or deletion under any circumstance. Hence the need for immutable backups.
The entire concept of mutability is that hackers cannot modify, delete, or encrypt backup files, even when they gain full admin access to the server. Thus, if ransomware occurs and you lose access to your files and servers, you can spin up a new server and restore your entire operating environment from your cloud-based immutable backup repository.
The risk of ransomware attacks remains the topmost pressing risk facing virtually every organization worldwide. Ransomware can strike anytime and any internet-accessible device without warning, spreading throughout the entire infrastructure and crippling businesses or organizations.
A single attack can disable business operations costing significant money and time to resolve. It can also result in downtime that can hurt a business’s bottom line and reputation. Unfortunately, the pervasive use of network sharing techniques and capability throughout enterprise computing further elevates the risk of spreading malware to the entire system or network once malicious actors breach a connected device.
Conventional data backups may prove ineffective for restoring and recovering data encrypted by an attack since the backup could also suffer from data deletion or encryption. In addition, ransomware attacks specifically targeting backups are on the rise.
So how do you ensure your backup data is secure?
Your primary storage systems must remain open and available to client and employee systems, but you should isolate your backup data and keep it immutable. It’s one of the surest ways of ensuring quick recovery when your production systems are compromised.
Data protection goes beyond mere file permissions, folder ACLs, and storage protocols. Since these protocols are not entirely secure, a malicious actor can circumvent them and encrypt or delete them. Therefore, immutability must be an integral part of your backup architecture and not an afterthought.
A built-in immutable backup ensures recovery from ransomware attacks because it is a clean backup. Thus, you will recover your data after a ransomware attack and avoid downtime or paying a ransom.
Additionally, keeping immutable backup helps your organization conform to regulatory requirements for data compliance and security by retaining accurate data copies.
Data is critical to all businesses, and leveraging an immutable copy of an organization’s data ensures it has a clean version of that source data, which is always recoverable and safe from various failure scenarios. Apart from this immediate benefit, organizations also enjoy the following when they choose the backup immutability route.
Backup Integrity: Backups make businesses and organizations feel safe. That feeling comes from assuming that their data backup is secure, recoverable, and not corrupt. Immutable backups almost guarantee this assumption by ensuring the backup copies are valid and restorable on demand.
No Unauthorized Changes: Often, the backup environment is accessible by many users, while anything on the internet is open season for malicious actors. Easy access for users with varying permission levels could modify or delete backup data accidentally or maliciously, causing a failed recovery. Immutability ensures secure data free from unauthorized changes by default.
Compliance: Immutable backup helps businesses adhere to data compliance regulations and requirements by retaining accurate data copies.
Immutable backup provides an appealing sense of immediate relief when disaster strikes, but organizations must also understand the technology’s drawbacks. These include:
Immutable backups retained on-premises are susceptible to physical damage like a natural disaster event
Malicious actors could redirect the backup after accessing it for a live mount
Paying for cloud storage hosting could prove expensive over time, given the volume of storage required
Immutable backups are an essential component of cybersecurity and compliance. They ensure backups are secure, recoverable, and accessible at any time. Still, they are not an all-encompassing solution. Organizations must also implement cybersecurity best practices and safeguards such as access control tools, authentication, employee training, encryption, and isolating (air gapping) immutable backups to round out their approach.
No. By definition, an immutable backup is unalterable.
Yes. Uploaded objects cannot change throughout their storage lifetime. You cannot make any changes, such as appending or truncating operations.
Immutable data architecture is fundamentally resistant to attack by design. While antivirus software protects data and defends against attacks like ransomware, immutability significantly reduces the impact of such attacks since attackers cannot alter or encrypt backups.
As the name implies, the idea behind an immutable file system is that the data storage remains completely static and pristine throughout its entire existence. It allows adopters to designate specific data and store it in a form that nobody can tamper with, modify, or remove.
Yes. One way to mitigate ransomware attacks is by regularly backing up your data as the last line of defense. They allow organizations to recover lost data, preventing downtime and enabling business continuity.
Backups do not protect against ransomware but its adverse effects. Making regular copies of your data does not guarantee its safety. Unfortunately, advanced ransomware attacks are now targeting backups as well. Hackers can modify, encrypt, or delete backups.
Yes, any encrypted data is hackable, but it requires advanced software tools to decrypt backups if the hackers don’t have the decryption key.
Retention Lock refers to functionality that you can use on Data Domain Restorers to prevent deletion or modification of files set for a predetermined period. It means retention locked files remain read-only until the expiry of their retention period.