Why Small Businesses Need Immutable Storage
Not long ago, many organizations would back up their data on tape that was “write once, read many,” meaning you could put data onto the tape and read data from the tape, but you couldn’t change or erase the data once it was there. Some organizations still use tape as one method of data storage.
Today, organizations can take advantage of a modern version of those write-once, read-many backup tapes. Immutable storage allows organizations to store their data in a way that cannot be hijacked, deleted, altered or corrupted by anyone — even by authorized administrators — for a period of time set by an organization.
Immutable storage uses the S3-compatible objects protocol, in which data is broken down into “objects” kept in separate storehouses, bundled with associated metadata and a unique identifier to form a storage pool. That’s distinct from more traditional file storage, in which data is kept as a single piece of information in a folder.
A most common way for organizations to access immutable storage is via major cloud platforms such as Amazon Web Services, Microsoft Azure and Google Cloud Platform. Businesses also deploy solutions such as Veeam, Acronis, Commvault and Veritas.
There are costs associated with using immutable backups, but those costs pale in comparison with the costs that come with a successful ransomware attack, whether it comes in the form of a ransom payment, lost data or both.
The amount that an organization will pay for immutable storage depends on the amount of data and the length of time it is stored. Some organizations require it for just a few weeks, while others may need it for a year or longer. After that, organizations can shift down to less expensive data archive options.
Every Business Needs a Backup Strategy
Unfortunately, many small businesses continue to believe that they are small enough to escape cybercriminals’ notice. In reality, threat actors are simply looking for an easy payday, and usually access networks through mass-delivered phishing emails aimed at employees who might carelessly click on a link.
“Even with the global awareness of ransomware and malware, plus the ever-increasing vigilance of IT teams, the most common entry point for ransomware continues to be users accidentally clicking malicious links, visiting insecure websites or engaging with phishing emails,” the Veeam report notes.
Employees at companies of every size are vulnerable to making such mistakes. That’s why it’s important that every business has a comprehensive backup strategy, meaning that data should be stored immutably for some period of time, and that the business should maintain the same security protocols with its backups as it does with the rest of its data.