Funny name, serious data threat. Our Maitland data protection team has your back with tips…
What is an Air-Gapped backup?
Many security experts are recommending that you have an air-gapped backup of your data. What does that mean? Air gap means offline and not connected to your network or the Internet. An air-gapped backup is a copy of your data that is kept offline so that it cannot be accessed by a hacker. This protects it from almost any type of cybersecurity threat. They are also called an offline strategy. This is designed to protect you from almost any type of ransomware.
Cloud storage backups are becoming virtual air-gapped backups, but they can still be hacked since they are accessible from the Internet. The important part of the cloud backup is to use a different set of credentials, so it is not easy to hack into the offsite backup. Do not leave shortcuts to the cloud on your server. They are not completely offline, so they are not considered a true air-gapped backup.
Many cloud providers have options for making the data unchangeable for a predetermined number of days. This locks the data to being read-only. It is called WORM storage, write-once and read-many. There are several good options for replicating your backups to a cloud provider. If you have one of our Datto Siris devices, they automatically replicate a copy of your backups nightly to two offsite cloud datacenters. The second copy is not available to us without going through Datto technical support with a validated request as it is protected.
An alternate way to maintain air-gapped backups is to replicate your backup data to an external USB hard drive and then disconnect it and keep it in a safe place. It is a manual process, but it is the least expensive option. We can help you set this up. It is important to refresh your offsite copy on a regular basis. We recommend at least weekly. You should also use two drives so that when you are making a new copy, you still have another copy that is a week old.
The reason that air-gap backups are important is that there are bad actors out there that will hack into your network and proceed to stop, delete, or encrypt your backup data. Then they will encrypt your live data and hold it for ransom. When you go to check your backups, you find that there is no current backup of your data available. Your only recourse is to pay the ransom if you want your data back.
You should consider adding an offline strategy to your backup and disaster recovery plans. Contact Dytech Group for more information on business continuity, backup and disaster recovery as well as adding an offline strategy.
Steve LaPha, VP