Let’s say that today was the day a cyberattack successfully infiltrated your business network. Not good, but if you have a proper data backup, you should be safe… unless the party responsible prioritizes deleting your backup files.
While we would never recommend a business skip the data backup process, it is important to recognize that traditional backups have this critical vulnerability. To remedy this, we do recommend implementing immutable backups.
Well, let’s consider what immutable means: unable to be changed, or unchanging over time. Therefore, an immutable backup is one that cannot be edited, altered, or deleted once it has been saved… at least, for a set amount of time. Until that time has passed, however, not even a system admin (or a hacker with the sysadmin’s credentials) can erase it.
Similar to how hardware-based “write once, read many” (WORM) technology operated by physically altering the storage medium itself, software-based WORM relies on protocols and tools to enforce kernel-level rules that prevent any changes—intentional or accidental—until a set period has elapsed.
Returning to our hypothetical cyberattack, if the attacker were using ransomware, their first and second steps would be to lock down your operational data before identifying and encrypting your backups. However, as an immutable backup cannot be altered, your data would be safe and accessible to you. The command to encrypt your backup data would be ignored, allowing you to restore it once you were ready.
Backups are an essential part of any business’ continuity preparations, which makes it critical that they are appropriately protected and maintained. First Column IT is here to help the businesses of Northern Virginia accomplish as much. Learn more about what we can do by giving us a call at (571) 470-5594.
