Tag: ransomeware

Hardware v. Software Backup and DR

Backup
Image courtesy of Stuart Miles at FreeDigitalPhotos.net

There have been a lot of changes to disaster recovery since I started my career in IT years ago.  Back then, the hardware stored things and the software moved backups to tape.  It was a simple if somewhat stilted environment.  It also took forever, as anyone who did “fulls” on the weekend can tell you.  An all weekend backup window can really put a damper on things.  Like when tapes need to be changed.  Of course, that was before “the cloud”.

Now, we have many of those functions converging.  Hardware is becoming “smart” and can now make copies of itself.  Software is becoming smart as well, with the ability to search through catalogs of backup files to show multiple instances of files, or different versions.  So – how do you fit these into your environment?

Hardware Snapshots

Smart hardware platforms and arrays have sprung up almost everywhere.  From the old days of JBOD – Just a Bunch of Disk to intelligent and aware arrays, the mechanisms controlling storage are trying to streamline functions that plague the storage admin.  These days, storage appliances are able to quiesce data on the volumes, make snapshots of those volumes, and often times replicate those volumes between like appliances, or via 3rd party APIs to other storage, like the cloud.

There are many advantages to this approach.  Since these appliances are now placing data using ILM strategies, the appliance usually knows what data resides where.  Data can be snapped quickly, often in just milliseconds.  Hardware based replication to other storage for DR or backup purposes is much faster than traditional backup.  This is often accomplished using just changed data, and then letting the hardware figure out how to make full snapshots of this in the background.  A very nice solutions for hot- or warm- backup sites.

Software Backup

Software solutions traditionally take longer for backups.  It takes time to traverse or “walk” the filesystems involved.  This is slower than SAN or NAS based snapshots.  Software allows for storage that is not associated with hardware appliances to be backed up.  This includes individual machines and drives that may not be hosted on a SAN or NAS.  Even critical desktops and laptops.

Software also is a great solution for its ability to collect information on the files it is backing up.  All the file attributes are collected and organized into a catalog that is user searchable, in the event that only one file or email needs restored.  Catalogs are very organized and searchable by storage and backup admins.  If you haven’t read my article entitled “Is Backup Software dead?“, it goes into a bit more detail on these advantages.

Appliances

Appliances are often hybrids of both types of backups.  They consist of a hardware appliance that stores file and catalog information locally, stores a copy of the latest backup locally, and often times offers the ability to store older backups off-site.  Appliances do not address the speed of SAN or NAS based backups.  But appliances speed up software based backups and offload the computing load that traditionally has been reserved for a server running backup software.

Summary

Backups are a part of life in the IT shop.  Between accidental deletion of files, ransomware, and just plain disasters, you would be crazy not to do them.  How you do them is changing on a consistent basis.  As new technologies come out, the face of backups and disaster recovery changes.  Make sure that you are taking advantage of all the new technology that is being offered.

Share this:

The Case for data protection – Tuesday’s ransomware attack

hacker, malware, ransomware
Image courtesy of photouta at FreeDigitalPhotos.net

The second reported attack of NSA-esque ransomeware this Tuesday should not surprise any systems administrators or IT staff. These attacks are happening on an increasing basis, and with the release of the “Vault 7” documents as a how-to-for-hackers, they will only increase. Google hacker culture, Vault 7 or script-kiddies. Suffice it to say, that dangers like this are a growing concern that needs to be addressed in your Data Protection plan.

Data Protection Plans

Getting back to the basics of Data Protection, todays’ article will discuss how backups as a part of your DP program, can help with ransomeware attacks. Backups may bring up visions of hurricanes or tornadoes, but it goes well beyond that. Data protection also means, well, protecting your data. From all the threats out there, including accidentally deleted files and not so accidentally deleted files, or even ransomed files.

So, you may be asking, how does data protection actually protect me from ransomeware? To put it simply, ransomeware doesn’t remove your data and your files, like a tornado, hard drive crash, or hurricane. It removes YOUR ACCESS to that data and files.  Time and mathematics instead of wind, rain, and lightening are denying access to your data. The files are still there, but you can’t use them to do what you need to do.

Backups

This is the case for backups. We previously discussed the several use cases for snapshots in an article, but in this instance, any backup will do as long as the backups were taken BEFORE the systems became infected with ransomeware.

To this point, you should have a backup SCHEDULE. That means that you don’t just keep the latest copy of your backup, your keep staggered copies of your backups. One of the most famous backup schemes is Grandfather-Father-Son backups. While the scope of your backup schedule is beyond this article, suffice it to say that you should have at least one month of good backups if you have to restore data. With many of the backup appliances on the market these days, this is taken care of for you. And with compression and deduplication technologies the amount of data that can be stored on-site or remotely is truly astounding.

This solution is not perfect, but better than paying someone to release the data that you generated in the first place. Or maybe not – maybe the hackers will sell you an enterprise license? Good Data Protection policies deal with many ways to keep your data YOUR data. This includes making sure you can access it.

In the grand scheme of things, this rash of WannaCry-type ransomeware attacks will continue. While security companies are rapidly working to cut down these attacks, if your data protection isn’t cutting the mustard these attacks will be terrible for your ability to support the other departments of your company. It is time to have a discussion with management about your data protection strategy and how these attacks affect it. Like they say “Life is tough, but it’s tougher if you are stupid.”

Share this: