Using the cloud for backup has become fundamental to business continuity and disaster recovery (BCDR) best practices. However, Managed Service Providers (MSPs) realize that not all solutions that use the cloud are the same. There are significant differences in cloud design that can have a major impact on the reliable backup and recovery of business-critical data.
These distinctions are made more precise with backup security threats are on the rise, including hacking, human error, and malware. Research shows that ransomware, a subset of malware, is rapidly increasing the amount of downtime businesses experience. The security and reliability of the cloud backup infrastructure can make or break an MSP’s ability to guide its customers’ recovery from ransomware attack, accidental data deletion, and other threats.
Immutable cloud storage is ideal for MSPs who seek the highest level of protection for their customer data. But what does it mean to be “immutable”? In computing, an immutable object is an object whose state cannot be changed or modified after its creation. The opposite would be a mutable object, which can be edited once created. To go further, the term “immutable storage” is applied to stored data that cannot be modified or deleted.
It turns out that many solutions that use both public and private clouds for backup and restore are modifiable. They can still be corrupted by hackers, who increasingly target backup systems to prevent organizations from recovering from a ransomware attack.
Several levels of security
Datto SIRIS backs up data to the immutable Datto Cloud. A backup and recovery cloud specifically designed for MSPs, the immutable design of Datto Cloud provides maximum security and reliability for MSP customers.
Multiple layers of security are needed to build an enduring cloud. In the case of Datto SIRIS, for example, it starts with a mandatory two-factor authentication (2FA) to access the cloud-based administration portal. All data is encrypted at rest in the cloud and possibly in the local hardened SIRIS appliance, which helps secure customer data before it is replicated in the cloud.
Once a granular or “snapshot” backup has been performed, additional safeguards help keep the backup secure. In the case of SIRIS, a post-backup ransomware scan is performed to ensure that the data has not been infected with ransomware.
Advanced backup verification with patented screenshot verification adds an extra layer of trust, virtualization, and virtualized server startup testing to detect any backup issues, ensuring that backups will start with all data intact and free of ransomware. Once the ransomware scan and advanced backup verification have been performed, the backups are replicated to the secure Datto Cloud via AES 256 encryption.
Intelligent file systems
The choice of file system is essential for immutable storage. Datto selected ZFS (the Zettabyte file system) for backup storage in the Datto Cloud. ZFS is also specified for Datto devices, including SIRIS and ALTO.
ZFS is an advanced file system combined with a logical volume manager and cannot be corrupted. It provides copy-on-write snapshots, copy-less writable clones, data compression and deduplication. In addition, ZFS supports massive storage capacities, as well as continuous integrity checking and automatic data repair.
Data integrity is a key characteristic of ZFS, which includes end-to-end checksums and multi-level data authentication in its file structure. It excels at protecting data integrity by detecting and addressing silent data corruption scenarios including ghost writes, data corruption to disk, misdirected reads, and accidental overwrites. The net / net is that ZFS cannot be corrupted by ransomware.
Defending against cloud deletion also contributes to the immutability of the Datto Cloud. With its ability to “undelete” accidental or malicious deletion, Cloud Deletion Defense provides an additional layer of protection for MSPs and their customers.
Hackers are on the prowl, malware lurks, and erroneous deletions are always a danger, making fully protected backups essential to preserving critical data. Immutable cloud storage is the key to reliable recovery when business systems are compromised.
To help your customers prepare for cybersecurity threats to backups, read our full eBook,Save Under Attack: Protect Your Last Line of Defense.
Datto Holding Corp. published this content on June 11, 2021 and is solely responsible for the information it contains. Distributed by Public, unedited and unmodified, on 11 Jun 2021 14:15:06 UTC.