Protect your on-premises data with immutable backup: Why and How

When it comes to cyberattacks, businesses increasingly need to consider it as a case of ‘when’ not ‘if’ they will be targeted. Most businesses know this and are already taking proactive and positive steps to protect their networks and defend their data with things like firewalls, endpoint protection, and backups. This is a crucial first line of defence against attack. But for businesses relying on on-premise methods of backup, there’s another threat to consider: the increase in ransomware attacks on backups themselves.

Those businesses that haven’t yet made the move to the cloud need to consider an immutable on-premise backup solution to ensure their data is protected and fully recoverable…

What is immutable backup?

Immutable backup is a form of data backup that ensures any backed-up information can’t be changed, removed, rewritten or altered in any way. This means that, when primary data is lost, stolen or damaged, businesses always have an untampered duplicate of their data that they can recover quickly, ensuring minimal disruption to business.

Why is immutable backup important?

Cyberattacks have become increasingly sophisticated over recent years, and attackers are increasingly tenacious to the point they are now targeting business data backups. As a critical component of a business’s ability to recover in the event of a disaster, backups are valuable, and this makes them an attractive proposition for ransomware attackers. If a business is relying on backed-up data that is changeable, or mutable, cybercriminals that gain access can easily encrypt, modify or delete business-critical data – and this gives them leverage for demanding a ransom payout.

Making your on-premise backup immutable means that, even if a cyber attacker is able to gain access, they will be unable to encrypt your data and extort a ransom.

How does immutable backup work?

Immutable backups work on the WORM principle of data storage. WORM stands for ‘write once, read many’, and it means data can only be written once, but read as many times as needed. This method of storing data prevents any modifications to the data being stored – or backed up – including editing, overwriting, renaming or deleting.

These strict policies can be applied for a set period of time, depending on the needs of the business. Administrators set a retention period for the immutable volumes – this could be a period of weeks, months or even years – and the files are completely locked for that time. After the retention period is up, that backup version may be transferred to an archive, or deleted completely.

It's important to perform backups regularly – ideally through automation – to ensure there is always an up-to-date copy, replica or snapshot of the environment stored in an immutable volume. This is the surest way to help your business restore operations quickly, and with the minimum amount of data being lost.

Why is on-premise backup particularly vulnerable?

While many businesses have cloud-based immutable backups in place, there are many others that use on-premise infrastructure as their primary method of data backup and storage. Whether that’s because of legacy systems, governance issues, compliance matters or simply because your strategy is to keep data on-site, there are plenty of benefits to storing your data and backups on-premise. But there are also certain unique challenges and vulnerabilities that need to be addressed:

• Physically vulnerable. Storing data and backups on-premise leaves them vulnerable to being physically damaged or destroyed by things like fire or flooding.
• Resource intensive. On-premise backups generally require manual implementation and maintenance, as well as off-site removal, which requires dedicated staff and a significant amount of time.
• Human error. Manual backing up of data introduces human-error vulnerabilities in terms of ensuring the most up-to-date version of all data is being stored.
• Duplication of data. Whether your business relies on tapes or hard drives for backup, there’s no way of minimising duplication of files, which leads to bloating and complication of the backup. It also exacerbates issues with;
• Data storage capacity. Businesses are generating more data than ever before, and it all needs backing up. But with on-premise backup, you can only store as much data as you have the capacity for. As soon as you hit the ceiling of your storage, you need to buy more – and that can be costly.
• Version uncertainty. The lack of revision history with on-premise backup can make it difficult to choose the right version to revert to in the event of a disaster.

How does immutable backup work for on-premise data storage?

An on-premise immutable backup solution can actually be a better option than cloud, because it speeds up recovery time and allows for recovery even if you have lost your internet connection.

On-premise immutable backups combine storage software with inline de-duplication to enable protection of data, and come as either an all-in-one physical appliance or as software deployed in virtual environments. Integrating immutable backup into on-site infrastructures is often as simple as plugging the hardware into your network, and then telling it how often you want backups to be made.

In many instances, the on-site appliance will be combined with off-site replication and storage for further backup security, ensuring businesses can restore quickly from the on-site backups and recover fully from the off-site storage once the environment has been secured.

On-premise immutable backup further allows for backups to be made from physical appliances and virtual servers, as well as off-site and cloud locations, to ensure the entire environment is being stored and protected against accidents and attacks.

What are the benefits of using immutable backup?

As a way of storing a version of critical data that can’t be tampered with, accidentally deleted or altered or targeted for ransom, an immutable backup is a crucial part of a good cybersecurity strategy. But there are other business benefits that it’s worth considering too.

Compliance

For many businesses, regulatory requirements require sensitive information to be protected against attack, theft and encryption – exactly what an immutable backup is designed to do. Meet insurance requirements

Cyber insurance providers have expanded the requirements for policyholders over recent months, and many now require businesses to have an immutable backup in place before they will provide cover. The good news is, with an immutable backup you can often benefit from lower premiums and better policy coverage too.

Defend your backup with BCN’s immutable on-premise solution

Here at BCN, we have teamed up with ExaGrid to offer a unique and scalable next-generation immutable backup solution that helps businesses recover quickly and restore fully in the event of a cyberattack or disaster. Our tiered backup storage uses a scale-out architecture to ensure all your data is protected and immutable, even as it grows, and our disk-cache landing zone ensures there’s no unnecessary deduplication of data, so you’re always maximising capacity.

Learn more about our immutable backup solution here, or get in touch with our team today.