by Wally MacDermid, vice president of strategic alliances and partnerships, Scality
Every 11 seconds. That’s how frequently a ransomware attack occurs, and it’s estimated that rate will reach every 2 seconds by 2031. A recent survey found that 85% of organizations had at least one ransomware attack last year (up from 76% in 2021).
An even more alarming trend? Cybercriminals are increasingly targeting backup data.
94% of attackers attempt to destroy backup repositories, and such attacks are at least partially successful in 72% of cases.
Backups are meant to be an organization’s saving grace when a ransomware attack occurs, but they only work if they’re not compromised. By attacking your recovery lifeline, bad actors can disable your ability to restore operations with uncompromised data — and increase the odds of your surrender to their ransom demands. But even then, it’s important to note that 96% of victims who make a ransom payment do not recover all of their data.
So, how do you bulletproof your data protection strategy for fast, reliable, secure backups? Organizations must go beyond the industry standard 3-2-1 backup strategy to adopt an upgraded gold standard: The 3-2-1-1 rule. In other words, you need immutable, ransomware-defying data storage.
History of the 3-2-1 backup rule, and what’s the extra ‘1’ in 3-2-1-1?
Photographer Peter Krogh first introduced the “3-2-1 rule” when he published The DAM Book: Digital Asset Management for Photographers in 2009. At the time, his available storage options included hard drives with a 30-gigabyte capacity and compact disc backups. Times (and technology) have changed. Nevertheless, this backup strategy was an important innovation for the photography world and obviously had a major impact on other technology disciplines as the rule is still embraced today.
What is the 3-2-1 backup rule, and why is it insufficient?
- Have 3 copies of data (one primary and two backups)
- Store 2 copies on different types of media
- Keep 1 copy offsite
Note that many data backup experts will openly state that this rule provides minimum levels of guidance for how many copies to maintain and where to store them. Moreover, as witnessed by Veeam, many enterprises will store four and even five copies of backups for their most critical data!
While the core principles of a 3-2-1 backup strategy still hold up, here’s the issue: The rule was not designed for today’s ransomware threatscape. The most glaring and frightening problem is that your backups could also be compromised — and you might not be able to recover your data at all.
With increasing ransomware attacks on backup data, the 3-2-1 backup strategy should be considered a baseline. There is a better way forward that includes a crucial layer of additional protection: Enter the 3-2-1-1 rule.
What’s the extra 1 in the 3-2-1-1 rule?
The new standard for backup best practice requires that at least one of the copies be offline, air-gapped or immutable to ensure data recovery in a ransomware event.
Immutability is vital to successful ransomware protection because it converts data to a write-once, read-many (WORM) format that cannot be modified or deleted. To master the 3-2-1-1 rule, the security-conscious IT leader needs a modern WORM system that’s air-gapped from other systems and safe from remote hacking attempts — i.e. AWS-compatible S3 storage that supports immutability (Amazon S3 Object Lock in compliance mode).
What’s 3-2-1-1-0 about?
This extension of the 3-2-1-1 rule is a modification championed by Veeam where the additional ‘0’ means ‘no errors after backup recovery verification.’ The idea being if you don’t verify your backups, you can’t ensure that they’re healthy. You should perform tests where you restore your data from backups and verify that everything is as expected.
How modern, immutable object storage helps you master the 3-2-1-1 backup rule
Both of Scality’s storage solutions ARTESCA and RING offer enhanced ransomware protection with support for Amazon S3 Object Lock API. This capability also enabled Scality to earn the prestigious Cohasset Associates SEC 17a-4 compliance validation for retention of sensitive financial data in banks, brokerage firms and insurance companies.
Scality’s products provide immutable storage combined with multiple additional levels of ransomware protection that can be applied for each tier of the 3-2-1-1 rule:
- Amazon S3 API level: Immutable object locking and data retention policies, compliance mode, and versioning prevent data from being deleted or overwritten by users/admins/applications during the configured time period. Not even the system SuperAdmin can change the policies or remove the locks, let alone a malicious user.
- Data encryption: Data is encrypted using AES 256-bit encryption methods without the encryption keys. They’re stored off the system on standard Key Management Servers for additional protection, and there’s no way read the data without those keys.
- Distributed erasure coding: Data is stored in an unreadable format to humans with user files split/chunked and erasure-coded into small slices and dispersed across dozens of disk drives. It would be nearly impossible for a bad actors to pull these binary slices and make sense of what part of a file (object) they’re looking at.
- Core immutable object storage architecture: Data is never overwritten — if a delete occurs, it’s logically removed from view and purged later.
Scality object storage also aids IT in mastering the 3-2-1-1 rule by streamlining the architecture for data protection. IT teams have the freedom to optimize for any required storage tier thanks to Scality, a single-vendor solution for performance, capacity, and offsite copies. By leveraging our solutions’ scale-out capabilities for each tier, silos are a thing of the past.
Validated as Veeam Ready Object with Immutability, Scality provides for air-gapped, tamper-proof backup data that stays immune to ransomware, offering a robust, swift, and reliable recovery path in case of an attack.
Changing the game with Scality and Veeam Data Platform v12: Why we’re unique
Backup strategy is a foundational aspect of what we do — and we know what we’re doing. That’s not us tooting our own horn. Gartner ranked Scality #1 for backup among 18 vendors in its 2022 Critical Capabilities for Distributed File Systems and Object Storage. And, as my colleague Paul Speciale explains in his recent blog, we have a long, successful history of providing customers with complete solutions for managing long-term backups.
We also have a longstanding partnership with Veeam, which has just announced the much-anticipated release of Veeam® Data Platform v12.
Scality extends Veeam’s latest enterprise-grade capabilities to ensure confidence in the face of any disaster or cyber attack. Veeam v12 is a major leap in the power of leading data protection software and object storage to provide combined immutability across all tiers plus all of the intrinsic advantages of object storage in terms of scale and the ability to simplify management by eliminating too many silos.
We support the complete set of Veeam v12 features, including:
- Direct-to-object storage allows you to take full advantage of the trusted immutability and unlimited scalability of object storage without sacrificing backup performance.
- Smart Object Storage API streamlines the most demanding data environments with increased ease of use, visibility and manageability of data. Simplified storage tiering is optimized for both performance and capacity without compromise.
Additionally, Scality object storage is validated with Veeam v12 for each backup tier in 3-2-1-1:
- Immutable performance tier with direct-to-object backups
- Immutable capacity tier with scale-out object
- Immutable offsite long-term retention tier (monthly/yearly backups)
While enabling bulletproof data protection, Veeam + Scality reduces the complexity and cost of backup. Tight integration between application and storage enables ease of use and intelligent data workflows.
Backup to the best and rest easy
Our collaboration with Veeam improves ransomware protection, data immutability and operational efficiencies — without sacrificing flexibility or performance.
The Veeam Data Platform and Scality give users enhanced security, reduced expenses and simplified operations. With a solid plan to not only survive but thrive when facing any challenge, organizations can reliably manage unforeseeable ransomware dangers, economic conditions, unrestricted data growth and natural disasters, keeping data secure and unbreakable — no matter what happens.
Interested in learning more about why Scality is the best object storage for Veeam Data Platform v12 backups? Read here.