Ultimate data recoverability – Part 1
Ransomware attacks are increasing at staggering rates. Ransomware impacted over 90% of organizations in the past 12 months, up from 72.5% last year. Despite continuous investments in cybersecurity and data protection, ransomware continues to put your data at risk.
You can read more about these shocking statistics at VentureBeat.
Those numbers are quite worrisome, so what can you do to ensure you don’t become a statistic? First, it isn’t an “if” question, but a “when” conversation – one that merits a discussion at all levels, from admins to CxOs. Ransomware is ever evolving and stays ahead of the most advanced cybersecurity solutions. Coupled with the potential for insider attacks and other malicious threats, the ability to ensure your data is protected and always recoverable is paramount in today’s world. But how?
For starters, having a solid data protection strategy is critical. Most readers should be aware of the industry standard 3-2-1 strategy:
- 3 copies of your data (your production data counts as one, such as VMs on a storage array, files on your production network-attached storage (NAS), etc…)
- 2 different types of storage media (generally speaking, disk vs. tape)
- 1 offsite (not in the next room or on the same campus, but a different geographic location all together).
If you follow this strategy, you increase your chance of surviving a ransomware attack or other malicious assault on your data. That being said, there are vulnerabilities in even the most well-known strategies, so we must do better.
Introducing the 3-2-1-1-0 strategy.
We already know what the 3, 2, and 1 mean, but why the extra 1 and 0?
• The extra 1 means not only should you have 1 copy offsite, but 1 should also be air-gapped. Air-gapped means not physically connected to any network that could reach the outside world, or even the inside local area network. One example — a technology that has been around for decades — are tapes inside a vault. Even though tapes are labor intensive and the restore process takes a lot of time, there is no way for ransomware or software-based threats to infect data sitting in a vault. Other examples include offline removable storage media and disconnected file systems.
What about the extra 0?
Stay tuned for part two to learn how the extra 0 is the most important part of a modern data protection strategy.