Immutable Backup: The Best Ransomware Deterrent to Your Backups (Well Almost)

Posted by Adam Marget
Share items
Backup

A ransomware attack takes place every 11 seconds. That means by the time you’re done reading this article, ransomware will have been deployed many times over, crippling mission-critical systems and causing unplanned downtime for its unsuspecting victims.

Backups ensure IT professionals have a last line of defense to fall back on when they suffer a ransomware attack. However, simply making copies of your data does not make you invincible against cyberattacks. Advanced ransomware attacks have managed to infiltrate backups as well, leaving organizations with very little chance of recovery and guaranteeing hackers a lucrative payday.

The rampant presence of sophisticated ransomware has led IT professionals to implement immutable backups as part of their Business Continuity and Disaster Recovery (BCDR) strategy.

What Is Immutable Backup?

The Merriam-Webster Dictionary defines immutable as “not capable of or susceptible to change.” The rationale behind immutable backup is that it protects data by making it fixed and unchangeable.

Immutable backups maintain an optimum number of recovery points and prevent any source from tampering with existing data storage blocks. The result is an archive of immutable backups that guarantee recovery by finding and recovering the last clean backup you have on record. It’s how immutable backups protect data from accidental and intentional deletion, as well as ransomware attacks.

However, immutability goes beyond just being a simple add-on for a backup vendor. The concept of immutability should be baked into the backup architecture to remove security vulnerabilities that can potentially impact backup files.

Therefore, it’s no surprise that immutable backups are a favorite of many organizations like:

  • Businesses with strict compliance codes – Immutable backups hold on to critical data safely for a long time while allowing organizations to set a date for permanently removing it.

  • Law enforcement agencies – Immutable backups allow them to safely bank large volumes of video and audio surveillance data to guarantee credibility.

  • Healthcare organizations – Immutable backups help in storing critical medical, pharmaceutical and scientific data.

Benefits of Immutable Backup

The immediate benefit of immutable backup is the untouched version of the primary data that is always recoverable and safe from any kind of cyberthreat. However, there are a few more benefits organizations enjoy if they choose the route of immutability.

Backup integrity

Backups make organizations feel safe. This feeling comes from the assumption that the data backed up is not corrupt and is recoverable. Immutable backups improve the chances of turning that assumption into reality by ensuring the backup copy is valid and can be restored on demand.

360-degree compliance

Immutable backup helps organizations adhere to regulatory data compliance requirements by retaining accurate copies of data. It also includes complying with user requests such as demanding a copy of all the data an organization has collected on them.

No more unauthorized changes

The backup environment is accessed by many users with varying levels of permission. They may modify or delete backup data either accidentally or maliciously, leading to a failed recovery. Immutability keeps backup data secure from unauthorized changes by default since data cannot be altered irrespective of the permission levels.

What Is Air-Gapping?

Air-gapping is a common way to achieve immutability. An air-gap backup and recovery strategy includes a copy of your organization’s data (backups) stored offline — through replication to separate media — disconnected and removed from the network.

The 3-2-1 backup rule is a perfect example of air-gapping. The rule suggests three (3) copies of your data on two (2) different storage media, with one (1) copy located off-site (immutable copy). It ensures recovery during any disruption, whether technical failure, natural disaster or ransomware.

To sum it up, air-gapping backups deliver better protection by:

  • Stopping the spread of malware to backups by removing them from the network

  • Making it more cumbersome for hackers to get to the air-gapped (immutable) backup

  • Improving the probability of recovery from any business disruption

But there’s a catch…

Air-gapping is not a 100% guarantee against ransomware and other cyberattacks. The timing of the replication plays a crucial role in the success or failure of air-gapped backup and recovery strategy.

For instance, let’s say, as part of your BCDR protocols, files are backed up weekly. But one of the files has been corrupted with malware. If this corruption goes unnoticed before the next weekly backup cycle, the malware-infected file replicates, giving ransomware access to the backup environment.

Achieve Complete Immutability With Unitrends

The limitations of air-gapping or the 3-2-1 backup rule are not new to seasoned IT professionals. However, many still work with old, traditional backup architecture because they are not well-versed with modern backup architecture like Unitrends.

Unitrends offers Immutable Audit Logs, ensuring data being handled by backup and recovery systems is appropriately managed and accessed by staff. To double down on regulation access to the backup environment, IT administrators can use the Role-Based Access Control feature. It allows users to operate within the environment under a defined scope, limiting the operations they can perform or the assets they have access to.

However, to achieve true immutability, Unitrends provides (in addition to the above features) a dedicated cloud service, Unitrends Forever Cloud, for secure off-site retention. While you can access the data to read and import back to your local appliance, no outside source has the ability to modify, change or delete data written to the cloud target. Beyond securing backup copies in the cloud, you can perform Recovery Assurance on backups before replicating. This fully automated, application-level testing and failover with an isolated environment ensures guaranteed restoration in a data loss incident. In other words, it validates the immutable backup.

Immutable backup is just one part of ransomware prevention. Download the eBook Ransomware: What IT Pros Need to Know to effectively combat ransomware attacks.

About Adam Marget

Adam Marget is a Product Marketing Manager at Unitrends, a leader in data center backup and disaster recovery solutions. An experienced technical marketing professional, Adam has been a member of the Unitrends team since 2016, during which time he’s held several roles. Driven by a love and curiosity for technology, Adam’s been delighted to have been afforded the opportunity to help both end users and channel partners solve challenges around disaster recovery and business continuity. Prior to joining Unitrends, Adam worked with national IT solutions provider CDW where he leveraged a variety of partner solutions to help his customers achieve their goals across backup, networking, security, power & cooling, endpoint, and data center technologies.

Related Posts

Why Backup and Recovery Is Critical for Your Organization

Posted by Adam Marget on 01/30/23

Much has already been written about data and its significance in the current...