Immutable Storage: why use it?

Immutable data storage

All of us, especially in the past year, have heard stories of how large companies, hospitals, and government offices have been affected by ransomware attacks, and how they have sharpened and improved their techniques. Indeed, such threats have evolved and continue to do so by becoming more human and consequently more difficult to recognize in time. Thanks to this distinguishing feature of theirs, combined with increasingly AI-driven capabilities, the malicious agents in question are able to achieve, ever more easily, their goal: to corrupt and erase data, both production and backup, and then demand a ransom.

Their "progress" is also confirmed by the fact that they have become able to circumvent the most sophisticated market-leading data protection solutions, giving the perception that the action is being carried out by authorized users.

There are two choices for protecting data in these cases:

  • Use of Tape Library to store data in a maximum-security structure, while still limiting the management and retrieval of the data in a short time frame;
  • Using Immutable Storage,which we explore in more detail in this article.

What is meant by Immutability of data?

We have already addressed this topic a few months ago, more technically, Scalable Storage: how we made our Ceph storage immutable with Veeam, which I invite you to read if you haven't done so yet.

However, coming back to us, immutable data is defined as any information in a database that cannot be deleted or changed. In fact, in most traditional databases, data are stored in mutable states that are overwritten whenever new data are available.

In contrast, databases that store immutable data do not overwrite an old item when new information is available; instead, they preserve historical and current data values.

Dealing with ransomware or malicious attackers, immutability is one of the first technologies to implement to protect backups. By storing in an immutable repository, in fact, it is possible to define policies for a given period that effectively make backups immutable until the chosen deadline.

This means that regardless of whether you face a ransomware attack or an unauthorized administrator, or simply meet regulatory compliance requirements, your data will be safe.

What threats does Immutability protect against?

In most cases, when we talk about threats that can compromise the protection of our data, we are not referring to an "if" it will happen, but to a "when." For this reason, here are what are the possible scenarios in which data immutability can give us comfort.

  • Using storage technology that is unsuitable for the type of data and the needs of the business can cause the data to deteriorate;
  • Intrusion by a malicious external agent can lead to data breach and loss;
  • Actions that can be traced back to an internal malicious agent, which could potentially be an employee who modifies production code and facilitates the intrusion of malicious actors;
  • Physical removal or destruction of data;
  • Accidental errors that could cause data loss if proper and sufficient redundancy is not provided.

As varied as the possible causes are and may be perceived to be far removed from our realities, we should not underestimate them.

The Solution: Immutable Storage

CloudFire, in order to address the need for data integrity, first refers to Veeam's 3-2-1-0 rule, which defines that to ensure data recoverability when most needed, it is necessary to have: three copies of data, on two different devices, with an off-site copy. In addition to the canonical rule you also prepare at least 1 additional immutable offline copy and expect 0 errors with sure backup recovery verification.

Regola 3-2-1-1-0 di Veeam
3-2-1-0 rule

In CloudFire, we apply the concept of data integrity for a specific period of time, minimizing risk and ensuring storage scalability and flexibility with two different solutions:

Scalable Storage Immutable with Veeam

The solution combines the scalability of our Storage Ceph with theimmutability of Veeam .

To activate it, the requirements are:

  • Veeam side: to connect our Scalable Object Storage to Veeam you need to have Scale Out Repository functionality in your licenses. That is, a repository with horizontal scalability for multi-tier data storage, consisting of one or more repositories that can be expanded with additional repositories for long-term storage.
  • S3 Storage Side: on the Storage side, by choosing CloudFire, there are no further implementations to be made as our Scalable Storage, based on Ceph and compatible with the AWS s3 API, supports Veeam's Immutability feature, making the contents of the Tier capacity unalterable for a period of time set at the time of backup creation.

Acronis Cyber Backup Immutable Storage

Through Acronis Cyber Backup 's Immutable Storage solution you get immutable storage functionality ensuring that backups cannot be encrypted or deleted by any attack on the endpoint.

In conclusion, with the increasing number of ransomware attacks and the other possible causes, immutable storage becomes an essential tool for your security strategy.

I hope you found this article useful and helpful in making an informed decision about the potential related to storage immutability, and if not, please do not hesitate to write and ask us more.

You might also be interested