Why do we need offsite, air-gapped backups?
About ten years ago the age of the tape ended.
USB 3 was the nail in the coffin for tapes. Finally we had something that was just as fast, but supported random access. At about the same time, we moved from data backups, to whole disk backups. The age of the “sector level backup” arrived and along with that came the ability to run regular incremental backups.
Now backups were more frequent than “nightly”
Instead of one big long backup every night, we now had small backups running every hour or so (it was not uncommon for a tape backup to run from 8PM till 6AM).
But that also meant we needed to maintain chains of data. That is the “base” backup and all the subsequent smaller changes that form the chain. Now we could copy all these chains quickly to a USB 3 drive, and it could be physically carried offsite. (that’s the air-gap – the fact the drive is no longer connected)
That was ten years ago. Today that solution is problematic.
Nothing stays the same for long. This was a big step forward but it wasn’t enough by itself. There are problems with these backups :
- We can not tell if the disk is not swapped. This means an organisation is very exposed to crypto attack. If the backup is still connected, it can easily get caught up and damaged in any ransomware attack, the very thing it should be helping us overcome
- The air gap happens only once a day (and not on weekends). Even though we back up every hour or two, they are still exposed in a crypto attack until they are removed and that could easily be up to three days.
- Backups need to happen when files are dormant – not changing. Finding a quiet time can be really hard, especially as people are now likely to be working more flexible hours. It is a lot of work to get a quiet time when we can get a copy done without the source data changing. The result is high backup failure rates
- The impact of #3 means is that data sizes have grown, and getting that ‘clean’ copy has become harder. This can make the whole backup system unreliable.
Today, we recommend, automated offsite backups.
It is much easier than ever now that the average internet connection is 10 to 100 times faster than it was back in the days of USB.
If you want your backups to keep up, rather than to ‘keep you up’, then best practice today is :
- use a backup appliance that holds a copy of your data locally,
- with multiple incremental backups during the day,
- scanning for malware and abnormalities as it backs up,
- copying to the cloud as you go,
- with cloud recovery options.
Backups have come a long way since tape!
Kinetics has a range of easy backup options available