Air-gapping is becoming increasingly popular in the data protection, backup, and disaster recovery (DR) industries. There will be a lot of content about it, and cyber-security experts will recommend it – almost aggressively. Is it true that it sounds like hype? That is the question we will attempt to answer in this article.
Before we get into the specifics of air-gapping, let’s talk about the data security of your cloud-based assets.
Is your data stored in the cloud secure?
“If it’s in the cloud, it’s safe,” is a common misconception. That isn’t entirely correct. Cloud Service Providers (CSPs) ensure that your data is always available by enforcing SLAs that guarantee eleven nines of durability. That is not the same as ensuring it is free of ransomware, malware, and human error.
It’s a shared responsibility model, according to Microsoft Azure. They ensure that the infrastructure that hosts your data is secure and always accessible. Simultaneously, you ensure that the appropriate data protection measures are in place for your critical workloads.
If you use replication services to write data into a cloud repository, for example, anything that happens to your data will be replicated over. If a file becomes corrupt on-premises, the corrupted version is uploaded to the cloud. The CSP will ensure that everything you write to their hardware is accessible. You must ensure that it has not been corrupted or, worse, maliciously encrypted by ransomware.
Check out Diana Kelley’s blog for more information on the shared responsibility model: Driving data security is a team effort; here’s how you can protect yourself. To explain it, the author uses a car analogy – it’s an exciting read.
Let’s talk about air-gapping now that we’ve established that storing data in the cloud isn’t secure.
What are air-gapped backups, and do you need them?
The practice of isolating and detaching a target storage repository from the primary network is known as air-gapping. A physical, virtual, or cloud-based server can serve as the repository (s). Depending on the storage media, there are numerous ways to integrate it into your existing IT system. Later in this article, we’ll go over integration.
When isolated, an air-gapped repository is inaccessible to applications, server(s), and other clients. This is a critical feature of an air-gapped system. It is turned off by default and only activates when you intend to use it.
By storing critical backup data, snapshots, and replicas in air-gapped volumes, you protect them from threats that can access and attack them via the connected network, such as ransomware and viruses. Unfortunately, another similar threat is human error, which accounts for the majority of data loss incidents experienced by businesses around the world.
Do you need air-gapping?
Air-gapping is required for any organization that relies on digital assets for day-to-day operations as a reliable data protection measure against ransomware.
Cyber threats make no distinctions. They are aimed at all industries, regardless of size. However, according to Verizon, the gap between ransomware attacks on large corporations and SMBs is narrowing this year. This means that if you own a small-to-medium-sized business (fewer than 1000 employees), you could be a target for ransomware – and you should be prepared for it.
If you don’t prepare for ransomware, you could be among the 40% who experienced an average of 8 hours of downtime.
According to Nordlocker, the following industries, in descending order, experienced the most ransomware attacks:
- Technology and IT
- Logistics and transportation
- Municipal services
If you sell products or provide services in any of the above industries, you must be prepared for ransomware attacks and have a plan in place to recover quickly without losing data.
How to add air-gapping to your IT infrastructure
You can incorporate air-gapping into your current IT system(s) in a variety of ways.
- Air-gapped nodes are purpose-built physical appliances that provide automated network and power isolation and management. They can be linked to your backup server(s) and production environment (s).
- Air-gapped volumes – Virtual isolated volumes that can be provisioned on popular hypervisors like VMware ESX/ESXi and Microsoft Hyper-V.
- Cloud Air-Gapped – To provision air-gapped volumes in the cloud, use Infrastructure as a Service (IaaS) and Storage as a Service (STaaS).
- Tape storage – Tape storage arrays can be used as air-gapped repositories depending on how frequently they are connected to your primary production environment. Tape, on the other hand, is not recommended for data protection because it requires manual processing, which is error-prone and less reliable than automated air-gapping.
The software you use determines your ability to provision and manage air-gapped volumes. Because the concept of air-gapping is currently trending in the backup and disaster recovery industry, most software vendors already have or are working to add it to their feature set.
If you’re looking for purpose-built air-gapped nodes, StoneFly is the only vendor on the market right now.
With data breaches becoming more common, it is more important than ever to protect your organization’s critical information from malicious actors like ransomware and hackers.
By isolating the system from the primary environment, air-gapping can be used to secure this data. There are numerous approaches, each with its own set of advantages and disadvantages.
Before deciding on which deployment is best for your company, keep in mind that when it comes to data security, one size does not fit all. Before making a final decision, examine your data lifecycle and consult with a cyber-security expert.