Image based backups, after the initial backup is complete, only backup change blocks within the item they are protecting. The technology enables organizations to frequently backup critical servers and applications. It also enables the protection of file servers with millions of files. The problem is that image-based backups face a challenge from two recent developments, ransomware and data privacy regulations like GDPR and CCPA.
How Ransomware Breaks Image Based Backups
An image-based backup is made up of an initial copy of the data and then a series of files representing the incremental changes to the source over time. When a recovery is required it unifies them on the fly during the restore. These incremental files that store the changes are totally dependent on the initial source file. If that file is corrupted, then the incremental files are useless. Ransomware, either on purpose or more often by random circumstances, can encrypt these files making it impossible for the organization to recover from the attack, even though they did the “right thing” and backed up their data.
To protect against this, backup files need to be made immutable, meaning the backup data can’t be changed. For backups this is more difficult than just setting a file to be read-only since these files are constantly updated.
Search is also a challenge for image-based backups. While most can provide some level of search, ransomware recovery requires a more granular search capability. After a ransomware attack, files may need to be recovered from separate backup jobs. The backup software needs to compare which files were recently changed by the attack and identify which backup jobs contain the most viable version of each file.
How Data Privacy Breaks Backup
Data Privacy regulations like the European Union’s General Data Protection Regulation (GDPR) and California’s Consumer Protection Act (CCPA) potentially pose a greater threat to image based backups than ransomware. In theory, backup vendors can take steps to better isolate their data from a ransomware attack. However, complying with GDPR means a complete restructuring of the way image backups store data.
There are two requirements common in data privacy regulations that are the most problematic to backup data; the right to be forgotten and the right of access. Both of these rights require an organization, at the user’s request, to delete any of their personal data. Typically the organization has thirty days to comply with the request. Removing a user’s data from primary storage while not easy is possible, but removing a user’s data from the middle of a backup job, is very problematic. Image based backups store data as a blob and while they do provide granular search of the image, they can’t delete a segment of data from within it. Backup vendors suggest that as long as they provide a method to make sure that data is not restored from the backup the organization is in compliance. Unfortunately, there is no specific provision to this extent within the regulations.
ioFABRIC – Fixing Image Based Backups for Ransomware and Data Privacy
An answer to the ransomware and data privacy challenge facing image based backups is to get the data within those backups out of the image format as soon as possible. Organizations should not consider replacing image-based backups; after all they provide rapid backups and enable features like instant recovery. ioFABRIC doesn’t attempt to replace existing backup software, instead it complements it. After the image-based backup is completed, data is sent to the ioFABRIC engine which stores the protected data in a native format and in an immutable form. Data can’t be changed or deleted, even with administrative passwords, until retention policies are met.
Once the data is under ioFABRIC management, data is granularly searchable and can be granularly deleted. Any interaction with the data is tracked, making it easy to document the erasure process. ioFABRIC doesn’t double capacity requirements; instead the retention times on the primary backup store is set much lower. Most organizations retain backups for years, yet most recoveries come from the most recent backup. IT planners can safely set retention times to thirty days with no impact on rapid recovery situations. Not only does a thirty day retention policy dramatically reduce backup storage costs it will also enable the software to run faster since it has significantly less metadata to manage.
Restores beyond the thirty-day window, which should be negligible except in the case of a data privacy request or a ransomware attack, are serviced from within the ioFABRIC interface. In fact, for the most typical restore request, accidental file deletion, administrators may find that servicing the request from within ioFABRIC to be easier and faster than from the backup application.
Ransomware’s day of reckoning has already come but organizations are still scrambling to respond to the threat. Data protection applications are still vulnerable and often not up to the unique restore situation that the attack creates. Data Privacy Regulation’s day of reckoning is still to come. Most organizations and data protection vendors are ignoring the very plain language contained in these regulations. Erase means erase and, at this point, there is no provision for exceptions.
ioFABRIC’s unique approach of complementing existing data protection solutions instead of replacing them is ideal. Most organizations do not want to give up the data protection solution they’ve come to count on and certainly the ability to rapidly backup and recover data is more pressing than the potential of a future ransomware attack or data privacy request. Ransomware and data privacy concerns are legitimate though. Using ioFABRIC enables the organization to easily meet a variety of modern data protection requirements without compromising on rapid recovery demands.