I have backups—what do you mean I can’t use them?
Let’s pretend for the sake of argument that you have selected your backup policies carefully and that you have identified the critical servers for your organization. You believe that you did everything right. You are backing up your File, DB, AD, Mail and APP Servers. Nothing was left behind.
Until the VIRUS hits - the hackers played, and they are now demanding bitcoins to stop twisting your arm.
You have backups, you think you are fine, but imagine your backup server was also attacked, or your tape library simply took a hit; what then? On a side note, know that there are no easy fixes for any tape library of any brand, due to the many moving parts.
In the end, you rebuild your backup server, and try to inventory from your Virtual Tape Library (now fixed), NFS storage or other storage environment, but there is no way to restore it. Why is that?
Today, backup software supports all sorts of targets, from virtual tape libraries to NFS, CIFS or anything that you can find in the network. That’s the magic word: “NETWORK”.
Still thinking hypothetically, let’s assume that the attack is holding your network hostage. That means that the only backups you need, have to come from TAPE or the Cloud.
The key for a successful restoration is that the backup configuration files need to be part of your backup, so if you did not back those up, chances are you will not succeed in your restoration process.
I consider myself a TAPE Evangelist. This isn’t because of a price cost analysis, although TAPE will likely always win on a cost for space over cost for drives measure – My point simply, is that you want to have a backup available, that is not attached to the network in any way, and will include the backup server configuration files.
Times change, and thankfully technologies evolve, and Cloud Object Storage definitely has changed my thinking on Backup Security capabilities well beyond the good old tape rotation days. Again, Tape and Cloud Backups should be the +1.
I advocate that disk on VTL’s will permit SLA’s to have a faster deliverable, but you also need to remember that any DISK ARRAY does not move. They are part of the network so therefore they have network vulnerabilities.
Your backup software configuration metadata is required to perform any restoration, and if you just got hit by a Virus that happens to be in the news constantly, and you are not backing up your configuration files to a safe location, then you are in for a disappointment. This information is worth gold. Always backup the configuration data holding all your backup sets; and be sure they are not attached to your network.
Further to my point, ScaleMatrix has solutions to solve the Tape vs Disk, Cloud vs Local dilemma because we provide you with local backup repositories as a +1 in the cloud, and everything is encrypted in transit and at rest, therefore protecting you from any crypto locker.
Gabriel De La Peña
Sales Engineer, ScaleMatrix
