‘True immutability’ puts the power back in the hands of IT team’s backup and specialists

By Paul Speciale, CMO, Scality

Backups are now firmly in the sights of cybercriminals. They know that an organization is more likely to pay a ransom if their backup data has been compromised. Reports show 93% of attacks target backup repositories with a 68% success rate. And in 75% of these events, cybercriminals succeed in debilitating their victims’ ability to recover. World backup day therefore no longer serves as simply a reminder to back up data, but also to make sure that those backups are protected.

Immutable storage solutions have emerged as a vital solution within an organization’s security toolkit. In fact, a recent survey revealed that 69% of IT leaders consider immutable storage essential to their corporate security strategy. However, what is not getting enough attention is that not all immutable storage is equal.

Immutable storage prevents data being modified or deleted for a predetermined period once it has been written. However, many traditional immutable solutions leave gaps between writes, creating a window of exposure. Only solutions based on native object storage design are intrinsically immutable i.e. they preserve data in its original form the instant it is written and never overwrite existing data. This isn’t the case for traditional immutable solutions that can introduce time delays between writes. With S3 object storage, data sets — even those written milliseconds apart — can never be overwritten, deleted, or modified. This architecture protects an organization’s backup data against any attempt by ransomware attackers to encrypt data and extort victims.

Immutability checklist

To ensure that you solution is truly immutable, make sure it meets the following five criteria:

1.  No deletes or overwrites: this ensures cybercriminals cannot delete or encrypt your backups and prevent you from restoring. If any changes are made, a new version of the object  should be created, leaving the original data intact
2.  Locked the very second data is stored: when configured properly, the second you store object-locked data, it is immutable. There’s no time delay like there is with a snapshot,  whereby data is modifiable until the snapshot is taken. If you have true immutable data storage, your data is instantaneously unchangeable
3.  Support for S3 Object Locking APIs: Immutability at the API level helps defend against willful or mistaken attempts to overwrite data by a user or application issuing S3 commands  against a data set, which can happen in a ransomware attack.
4.  Configurable retention policies: each organization has different data retention requirements and so it’s important to be able to customize the duration that your data remains  fully immutable
5.  Compliance mode to prevent anyone (including the system superadmin) from changing immutability configurations

Around the world and across industries, the vast majority of organizations are deploying immutable storage to bolster their backup efforts, but as we outlined here, their data may still be vulnerable. Only the strongest form of ‘true’ immutability is keeping data safe, and IT-decision makers need to ensure that their solution is delivering it.

Sponsored by Scality.