Pure Storage explains aspects of protection, backup and recovery
Ransomware attackers are unscrupulous opportunists, but that doesn’t mean they should be made to work easier. During the recent DarkSide attack on Colonial Pipelines ‘ back offices, critical gas and fuel infrastructure in the U.S. was offline for more than four days. An investigation found that large gaps in security made it “fairly easy” to penetrate the network.
But companies should make life difficult for attackers – and not easy. As Pure Storage reports, there is a whole arsenal of technologies and architectural paradigms to achieve just that. One of these approaches is called “air gaps”, but are they a panacea for protection, backup and recovery? Pure Storage explains known and new approaches around data protection, backups and fast recovery.
What is an Air Gap?
Traditionally, an air gap was physical, with tape-based backups or offsite systems, disconnected without a physical connection. Administrators create a connection between the production system and the air-gapped system, like a drawbridge. The bridge shuts down when data is transferred and restarts for the rest of the time.
Today, the definition and concept of “air gaps” is evolving beyond traditional “physical network isolation” and becoming a valuable component of an effective, efficient data security strategy. Modern air gaps focus more on logical separation, especially with network controls. Essentially, they are network design topologies that separate production and backup networks.
Some providers have adapted the concept, so there are two variants:
- The “virtual” Air Gap: This was first introduced by vendors who wanted to focus on logical network separation and sell a duplicate infrastructure with WORM (Write Once, Read Many) capabilities. The network between the sites would periodically open and close. This was provided through extensive consulting and professional services.
- “Operational” Air Gap. When the ” virtual air gap “was only moderately received by customers (i.e. low sales),” operational air gaps ” were created to reduce infrastructure costs and achieve additional automation around setup and maintenance.
In essence, both approaches are mostly based on WORM functions that have been developed for legal and compliance requirements.
The goal of an air gap is to isolate critical data from local networks and production areas that are more vulnerable to attack. By letting in data from the production network at regular intervals, the backups are updated regularly, but the two sides are not always connected. These intervals can take place once a day or at an arbitrarily defined frequency.
The Air Gap Promise
The idea is that without an open connection between the two sites, threats cannot theoretically bridge the gap. Without compute nodes, air-gapped systems are even less accessible. Some data storage providers praise these air-encapsulated recovery vaults as a modern innovation in data protection. An Air gap could even be something simple and programmatic, like a firewall.
In general, air gaps can provide improved protection by::
- Provide greater security than traditional backup architectures.
- Limit the possibility of spreading malware.
- For increased effort for hackers to get air-gapped data.
- Improve the chances of recovering from an attack
After an attack, air gaps can also be beneficial in recovering non-compromised data, but there’s more to consider.
The Air Gap Reality
With air gaps, there are a few points to consider. The first is accessibility. After an attack where every second counts, an air-gapped Vault not only makes data access difficult for hackers, but also for legitimate users. The second point is the cost of maintaining the air gaps. The more extensive an air gap with complex scripting becomes, the more care and maintenance is needed to keep it operational and effective.
Other problems with air gaps include:
- They are not 100 percent immune to attack.
- They can be expensive to implement and operate, and difficult to manage and maintain.
- They are not highly scalable and can be slower when recovering large amounts of data.
- They do not provide a solution for internal threats or compromised credentials of storage or backup administrators.
- Recovering large volumes of files takes too long when companies have to comply with strict RpoS. Classifying this data for graded recovery takes time and effort.
In addition, security strategies with air gaps cannot completely solve the problems of reliability and speed – as the two most important factors for successful recovery. So what does an all-round solution look like for an air-gapped architecture that offers simplicity, reliability and speed?
A simple, improved version of the Air Gap
The modern version of the virtual Air Gap is a next-level implementation that offers all the advantages of an air gap-protected data bunker, but with one crucial difference: it is simpler and faster.
Pure Storage advises using the SafeMode function. SafeMode creates a secure enclave from which snapshots cannot be deleted – whether manually by a human or through a programmatic approach. In addition, an additional human element is added. To manually delete snapshots, such a solution requires real-time interactive support, which is an additional layer of protection. Add to this the simplicity. Built-in automation and preset timers ensure safety without the extra effort required to maintain programmatic or physical air holes.
If data cannot be recovered quickly enough to avoid major organizational, reputational, and financial impacts, all the work companies have done to protect it is worthless. Regardless of the platform or underlying technology (such as pointer-based snapshots or industry-leading throughput), modern approaches can deliver high recovery speeds.
In summary, Pure Storage emphasizes that the classic air-gap architectures are useful and offer functions that can be both fulfilled and surpassed by alternative air-gap approaches.