+31 (0)43 30 88 400 | office@comex.eu
Why offsite backup is really necessary
Backup and archive data are best protected offsite, for the simple reason that these data cannot then be unauthorized damaged by ransomware, hackers or sabotage. Of course, data can also be accidentally corrupted, by a wrong action, for example. The latter mode does not need additional security, as this is precisely what backup is for.
Ransomware
Briefly, what ransomware does is encrypt data. Then the key is to have a non-encrypted backup somewhere. You can achieve that by having an airgap, that is, data physically separated from the system. But actually, for ransomware, this is not necessary. You can already achieve ransomware security by storing data on a linear medium with permanent snapshot. If you format Silent Bricks linearly and overwrite the data with new data, the old version remains available. If ransomware changes anything in the data, you can still revert to the previous version via the snapshot.
Hackers
A hacker who has broken into the system has and usually takes all the time he needs to browse around quietly. At some point, a hacker has all the information he or she needs to change passwords or delete snapshots. Or format a Silent Brick or encrypt data. And so then you have no use for the snapshot functionality. Yes, you can work with 2 factor authorization and that gives very strong security. So strong that an airgap then is not necessarily necessary. The Silent Bricks are also now equipped with this functionality.
So why an airgap anyway?
An airgap is needed to secure data in case of sabotage. A malicious administrator could be such a saboteur, or another employee who also has access to the data via the 2 factor authorization. Or the security provided by 2 factor authorization is bypassed by a bug or a hack – after all, it remains just another piece of software that monitors access.
Archives
For archives, the problem plays out to a lesser extent. You can store static archive data on WORM bricks. And WORM is and always will be Write Once Read Many: the data are cast in concrete, so to speak, and cannot be changed. Nor by a hacker or saboteur. For a backup, a WORM is not suitable for the same reason: after all, backup data is constantly changing.
Want to know more?
Inquire about the options Comex can offer! We are happy to tell you all about our services and products.