
10.08.2022
IIT DISTRIBUTION IS THE OFFICIAL DISTRIBUTOR OF WALLIX IN UKRAINE
01.08.2022
Tales from the Dark Web: How Tracking eCrime’s Underground Economy Improves Defenses
20.07.2022
The Rise of Botnet and DDoS Attacks
11.07.2022
Detecting and Mitigating NTLM Relay Attacks Targeting Microsoft Domain Controllers
17.06.2022
What is Data Democratization?
03.06.2022
Immutable Backups Explained: All You Need to Know to Secure Your Data
19.05.2022
Compromised Docker Honeypots Used for Pro-Ukrainian DoS Attack
06.05.2022
WHAT'S NEW IN LABYRINTH DECEPTION PLATFORM: RELEASE 2.0.32
22.04.2022
Palo Alto Networks проінформувала про вразливості, які можуть дозволити зловмиснику відключити платформу Cortex XDR
20.04.2022
Advanced anti-DDoS solutions from A10 Networks are available for installation!
15.04.2022
Inspur Information Rated Gartner Hype Cycle Sample Vendor of Cloud-Optimized Hardware for Second Year
07.04.2022
FAST DELIVERY OF INFINIDAT AND INSPUR SOLUTIONS AVAILABLE NOW!
04.04.2022
Decryptable PartyTicket Ransomware Reportedly Targeting Ukrainian Entities
26.03.2022
HOW NOT TO BECOME AN "UNWITTING ACCOMPLICE" OF RUSSIAN CYBER ATTACKS ON UKRAINIAN SYSTEMS (PART 3)
22.03.2022
CrowdStrike Falcon protects against new Wiper malware used in cyberattacks against Ukraine
20.03.2022
HOW TO NOT BECOME AN "UNCONSCIOUS ACCOMPLICE" TO RUSSIAN CYBER ATTACKS ON UKRAINIAN SYSTEMS (PART 2)
16.03.2022
A10 NETWORKS SECURITY RESEARCH: HOW NOT TO BECOME AN "UNCONSCIOUS ACCOMPLICE" TO RUSSIAN CYBERATTACKS ON UKRAINIAN SYSTEMS
23.02.2022
Демонстрація: CrowdStrike Falcon детектує набір вірусів WhisperGate
23.02.2022
Inspur — компанія №1 за часткою світового ринку AI-серверів!
18.02.2022
Відтепер компанія iIT Distribution – офіційний дистриб’ютор рішень Picus Security!
17.02.2022
Звіт про глобальні загрози 2022 року від CrowdStrike!
14.02.2022
iIT Distribution підписала партнерську угоду з компанією Inspur!
10.02.2022
Пост-реліз: Вебінар, присвячений оновленим можливостям Nakivo Backup & Replication v10.5
10.02.2022
Новітня розробка Falcon XDR від компанії CrowdStrike тепер доступна для користувачів!
02.02.2022
Знайомство з процесами Security Operations Center (SOC) та найкращі рекомендації для його ефективної роботи від Lepide
27.01.2022
Кібератака на українські державні сайти: що нам відомо сьогодні
21.01.2022
Технічний аналіз шкідливого завантажувача WhisperGate, націленого на українські організації
14.01.2022
CrowdStrike Services випускає Incident Response Tracker для спеціалістів DFIR (Digital Forensics and Incident Response)
12.01.2022
Експлойт noPac: Нова вразливість Microsoft AD може призвести до повної компрометації домену за лічені секунди
06.01.2022
7 IT-тенденцій 2022 року, які слід взяти на озброєння
30.12.2021
Витік секретних IP-адрес Pfizer не є рідкістю. Захистіть свої хмарні дані за допомогою проактивного шифрування
30.12.2021
6 афер, які слід уникати в ці новорічні свята: добірка рекомендацій від Panda Security
17.12.2021
Як CrowdStrike захищає клієнтів від загроз, пов'язаних з Log4Shell
16.12.2021
Що таке SCAR і якими технологіями керуються мисливці на загрози з команди Falcon OverWatch?
09.12.2021
Acra Community Edition 0.90.0: шифрування в SQL та NoSQL базах даних без додаткового програмування
08.12.2021
11 кроків до відновлення після фішингової атаки: рекомендації від Lepide
30.11.2021
Компанія Aruba (HPE) шістнадцятий рік поспіль визнається лідером у звіті Gartner Magic Quadrant for Enterprise Wired and WLAN Infrastructure 2021!
23.11.2021
Серія вебінарів від iIT Distribution & NAKIVO: твій надійний бекап!
21.11.2021
Рішення CrowdStrike Falcon отримало найвищу оцінку AAA за результатами тестування організації SE Labs
15.11.2021
Бізнес-вечеря CrowdStrike: як це було?
08.11.2021
iIT Distribution – офіційний дистриб'ютор компанії Nakivo!
05.11.2021
Компанію CrowdStrike визнали світовим лідером у галузі сучасного захисту кінцевих точок в останньому звіті IDC MarketScape!
03.11.2021
What is it the information security of the enterprise? What are the basic principles of data protection?
02.11.2021
CrowdStrike and AWS Expand Integrations to Provide Customers Multi-layered Protection Against Ransomware Attacks and Sophisticated Threats
29.10.2021
Global Threat Report 2021 від CrowdStrike вже доступний українською мовою!
25.10.2021
SDP чи VPN? (Чи обидва варіанти?)
19.10.2021
CrowdStrike представляє перший у своєму роді XDR Module, що забезпечує виявлення інцидентів у реальному часі й автоматичне реагування по всьому стеку безпеки
19.10.2021
Infinidat – лідер серед первинних систем зберігання даних згідно зі звітом Gartner Magic Quadrant 2021
18.10.2021
Компанія iIT Distribution отримала статус офіційного дистриб'ютора A10 Networks
11.10.2021
Впровадження інновації no-code в мережеві процеси
11.10.2021
iIT Distribution розширив арсенал своїх здобутків: фаховий сертифікат NetBrain Certified Platform Associate
05.10.2021
SuperMem: Безкоштовний інструмент CrowdStrike Incident Response для автоматизації обробки образів пам'яті
30.09.2021
Захід, що розширює кордони знань і можливостей: Перший Щорічний Форум з Кібербезпеки CS² DAY 2021 справив справжній фурор на гостей!
23.09.2021
На завершення знайомства з партнерами заходу CS² DAY представляємо компанію-системного інтегратора – CS Consulting!
21.09.2021
Провідний фахівець Security-підрозділу компанії IBM Віталій Воропай завітає на CS² DAY в якості спікера!
20.09.2021
Список спікерів Першого Щорічного Форуму з Кібербезпеки лише поповнюється: знайомтеся з Дмитром Петращуком від компанії IT-Specialist
20.09.2021
На CS² DAY виступлять представники державного сектору: Віктор Жора та Олександр Галущенко!
17.09.2021
Зустрічайте наступного запрошеного спікера довгоочікуваного CS² DAY – Олексія Зайончковського від компанії Netwave!
16.09.2021
Представляємо другого спікера CS² DAY: Михайло Кропива – InfoSec Director топової української IT-компанії SoftServe!
16.09.2021
Познайомтеся ближче з компанією-головним партнером CS² DAY та першим спікером заходу – Майклом Чальватцісом!
08.09.2021
iIT Distribution та CrowdStrike запрошують на CS² DAY – Перший Щорічний Форум з Кібербезпеки!
03.09.2021
Компанія iITD зібрала своїх партнерів на бізнес-вечері A10 Vendor`s Day
30.08.2021
Модель Zero Trust і система DLP: що нового розповіли наші представники та партнери на міжнародній конференції «Digital Change & Customers — Цифрові зміни та клієнтський сервіс»
05.08.2021
We invite you to the international conference "Digital Change & Customers”
28.07.2021
IT'S TIME TO STOP THE FEAR OF NEW TECHNOLOGIES: HOW CAN YOU CHANGE YOUR USUAL SOLUTION PROVIDERS AND IMPLEMENT MORE ADVANCED TECHNOLOGIES INTO YOUR INFRASTRUCTURE?
20.07.2021
Achieve petabyte-scale data protection with lightning-fast recovery!
12.07.2021
Infinidat — is the best choice for Gartner Peer Insights 2021 customers!
06.07.2021
CrowdStrike took first place in the market share of Modern Endpoint Security 2020!
05.07.2021
A10 Thunder ADC application delivery controller in our warehouse!
22.06.2021
The announcement of a new solution for storing InfiniBox SSA corporate class data from infinidat!
10.06.2021
The invitation to the third virtual forum CrowdStrike!
07.06.2021
The first deliveries of Aruba network equipment
01.06.2021
GTB Technologies comprehensive DLP solution received a certificate from the State Service for Special Communications and Information Protection of Ukraine
31.05.2021
How subtle attacks maximize hackers' profits and what defensive actions need to be taken immediately
19.05.2021
iIT Distribution is the official distributor of Automox
18.05.2021
A series of training workshops from CrowdStrike
11.05.2021
CrowdStrike has become the leader in the Gartner Magic Quadrant 2021 for the second time among endpoint protection platforms!
11.05.2021
Review of the new version of NetBrain Integrated Edition 10.0. Continuation
28.04.2021
Review of the new version of NetBrain Integrated Edition 10.0
26.04.2021
Infinidat is launching a partner accreditation program
16.04.2021
iIT Distribution is the official distributor of Lookout
12.04.2021
iIT Distribution expands its portfolio with networking solutions from Aruba Networks
12.04.2021
IIT Distribution received the status of a Business Partner in the Hewlett Packard Enterprise affiliate program
08.04.2021
Why should hosting providers pay attention to Infinidat data storage solution? Practical experience of use
05.04.2021
The ZTNA model helps reduce the stress loading of employees from remote work
30.03.2021
Сrowdstrike named leader in security Threat Detection, Response and Investigation of cyberincidents (MDMR)!
24.03.2021
Falcon X від CrowdStrike визнаний лідер у звіті Forrester Wave: External Threat Intelligence Services за перший квартал 2021 року!
15.03.2021
New Forrester study shows all the economic benefits of using the Falcon Complete!
02.03.2021
iITD is the official partner of the International Grand Forum "BIT & BIS-2021"!
24.02.2021
CrowdStrike has announced the acquisition of Humio's leading high-performance log management platform!
18.02.2021
Intelligent IT Distribution at the international conference "Go Digital - 2021: acceleration and migration. Money goes online".
08.02.2021
International Conference "Go Digital - 2021: acceleration and migration. Money goes online".
25.01.2021
Crowdstrike's response to recent supply chain attacks
08.10.2020
Intelligent IT Distribution takes part in the third annual international forum "Cybersecurity - protect business, protect the state"
29.09.2020
IITD - partner of the forum "Cybersecurity - protect business, protect the country" 2020
24.09.2020
iIT Distribution got the status of a distributor of Netbrain technologies solutions in the territory of Ukraine
28.08.2020
Fal.Con 2020 by CrowdStrike
25.08.2020
Compliance with cyberrisk insurance
25.08.2020
Automatically block compartment accounts with Lepide Active Directory Self Service 20.1
25.08.2020
Cossack Labs invites you to visit NONAMECON
22.07.2020
Signing a distribution agreement with SAFE-T
21.07.2020
International Conference "Online Banking - Time of Innovation!"
18.06.2020
Global Cyber Threat Report 2020
11.06.2020
Thursday, the 25-th of June, 2020. Do not miss!
20.05.2020
PandaLabs Report: Understanding Threats 2020
05.05.2020
Announcement: New version of ACRA Enterprise, which provides increased flexibility for high-loaded systems
13.04.2020
Lepide Remote Worker Monitoring Pack is a simple in deployment and lightweight security platform, which offers immediate protection of business data during an unforeseen period of remote work.
12.04.2020
Ensuring cybersecurity for remote users
08.04.2020
Labyrinth Technologies offers to take advantage of a special offer - a license for 12 months at a price of 6 months
07.04.2020
Crowdstrike: Remote work and IT security during the crisis - a reduced licensed program for 3-6 months
23.03.2020
IIT Distribution received the status of distributor solutions RedSeal Networks in Ukraine
23.03.2020
IIT DISTRIBUTION has received the status of a Lepide solutions distributor in Ukraine
Most businesses worldwide use backups as their most important weapon in the fight against ransomware and malicious activities. Backups can help companies stay operational and continue servicing customers during and shortly after a ransomware incident. They can also help them avoid paying ransoms to regain access to their data.
However, backups, like any other data, remain vulnerable to malware. In addition, backups are sensitive to other, more common threats, such as accidental changes, overwriting, and damage. Permanent backups - invulnerable to these types of threats - have become one of the main methods of avoiding the complete loss of valuable data.
This blog post covers what immutable backups are, the benefits of immutability, the different types of immutable repositories, and the different approaches you should implement to maximize your backup and recovery strategy.
What Is an Immutable Backup?
Simply put, immutable backups are backup files that cannot be changed or deleted for any reason whatsoever. In other words, this type of backup is safe from new ransomware infections that hit your systems after the backup has been created. They are also safe from non-malicious data loss threats like accidental file deletions and backup file overwriting.
These immutable backups are stored using the write-once-read-many (WORM) model. WORM is a technology that has been in use for around 50 years on different storage devices to ensure long-term storage and authenticity of data. The main idea behind this mechanism is that data can be written to an immutable storage device only once, meaning that it cannot be deleted or overwritten.
Benefits of Immutable Backups
The main benefit of keeping immutable backups is that you can have versions of critical data that cannot be targeted by malicious actors and ransomware, that is resistant to tampering and that cannot be unintentionally changed.
That said, here are the main advantages to immutability:
- Ransomware protection: While several practices provide ransomware protection, immutable backups are at the top of that list since they cannot be affected by malicious encryption.
- Threat prevention: Whether a disgruntled former employee or an outsider is looking to harm your company, immutability safeguards your data from internal and external threats.
- Regulatory Compliance: Maintaining an unaltered version of data allows businesses to adhere to strict compliance requirements. Specific industries such as governmental institutions or healthcare organizations have to comply with long-term retention requirements and ensure that data and backups are unaltered and authentic.
Different Types of Immutable Storage
When it comes to backup planning, the main rule to apply is the 3-2-1 strategy. It is a widely used backup strategy that leaves you with three (3) copies of data (1 production + 2 backups) stored on two (2) different storage mediums, with one (1) copy stored offsite. This process of diversifying storage destinations eliminates a single point of failure and, at the same time, adds a new layer of security to your backups.
In recent years, this strategy has been expanded for a more prudent approach that includes immutable andair-gapped backupsand restyled into the 3-2-1-1rule. The one at the end now stands for one (1) immutable backup copy or air-gapped copy.
Modern backup solutions for virtual and physical infrastructures now offer several types of immutable backup storage destinations. You can choose to store your mission-critical data on some of the following immutable storages: public clouds, Linux OS-based machines, and tape. Let’s look at each of these.
Public clouds
Backups can be stored on a public cloud since it provides you with the ability to make your backups immutable. For example, Amazon S3 and Azure Blob storage can be rendered immutable, preventing anyone, even users with admin access rights, from modifying, deleting, or encrypting the data.
Dedicated backup solutions are now offering integrations with these types of cloud platforms so you could create immutable backups in the cloud. You can enable immutability for your backups right in these solutions for as long as you need and adhere to your industry’s compliance standards.
Immutability in Linux
For Linux systems, the chattr command allows you to store immutable data. The command is used to make files immutable in various scenarios, including protecting files on a machine accessed by several users or making sure that critical files require an extra step before deletion.
Using chattr, you can change the attributes of files and how they are accessed by the filesystem. To make a file immutable, you add the iattribute, thus preventing any changes to the file, additional writing to it, or changes to its metadata.
Backup solution vendors are using this feature of Linux systems to allow users to create immutable backups. Modern backup solutions allow you to set the immutable flag on recovery points stored in Linux-based backup repositories. These integrated backup immutability features have simplified backup retention and integrity.
Tape
Another backup storage option that supports immutability is tape. Tape is an excellent storage medium for compliance retention and archival. LTO Tape has the WORM functionality allowing you to keep immutable backups by writing to tape only once. There are data protection solutions on the market that support built-in backup to tape.
Immutability vs Air-Gapped Backups
There are other methods to protect backup data against the pervasive threat of ransomware. Air-gapped storage has been a common practice even before the cloud era. Essentially, air-gapping is completely disconnecting any medium from the network. Being offline, these storage devices are immune to the spread of ransomware if your systems suffer an attack.
Air-gapping allows for immutable backups if the devices are stored in a safe location as the data written to them cannot be tampered with. For example, you can store backups on tape, NAS, optical disks, or SSD. If your production site is down or was hit by a ransomware attack, air-gapped backups are not affected.
Additional Data Protection Features
Combining immutability with other features in backup solutions can minimize the impact of threats to critical data and improve security. The below functionalities perfectly complement immutable backups so make sure to look out for them when choosing the right data protection solution for your organization:
Backup Encryption
Using backup encryption, you can transform source information into a non-readable ciphertext, making data unintelligible to unauthorized readers. Encryption can also protect data from being leaked even if it falls in the wrong hands. AES 256 encryption is the worldwide standard for data encryption used by financial institutions and government agencies around the world.
Backup Verification
The worst time to learn that you cannot recover your data is after a ransomware incident because the backup is corrupted, for example. Whether you have immutable backups or backups stored on other mediums, make sure you test your backups and verify their recoverability. Most modern backup solutions offer automatic backup verification.
Role-Based Access Control
Restricting unauthorized access to immutable backups and assigning specific permissions to each user can help you avoid accidental or malicious backup data deletions and modifications. Administrators can use role-based access control to customize unique roles and make users responsible for specific operations such as backup, recovery, job configurations, etc.
Wrapping Up
Ransomware and cyberattacks are getting more sophisticated by the day, and it is becoming increasingly necessary for businesses to find advanced and resourceful measures to safeguard their data.
Storing backups offsite and in an immutable state maximizes the chances of a successful recovery in case of a data loss incident. You can choose between sending backup copies to immutable cloud storage or tape or keeping them in immutable form onsite. Both options prevent users from modifying or deleting these backups.
iIT Distribution is the official distributor of NAKIVO in Ukraine, Georgia, Kazakhstan and Uzbekistan. NAKIVO Backup & Replication offers the tools and features you need to protect your workloads, and iIT Distribution provides full support in selecting and implementing the optimal solution to protect your data.
Back