With the key role that data plays within companies, we cannot emphasize enough the importance of backups to ensure business continuity after a failure, a disaster or a malicious act. More than ever, organizations must take the necessary steps to secure their backup systems.
Tape storage might seem archaic and outdated, but it’s a solution that offers numerous benefits. A large amount of data can be stored on tape for a lower cost, and it also provides great portability and very efficient data protection.
Today, companies with a state-of-the-art storage infrastructure continue to invest in tape backup. Here's why.
Tape storage can protect against cases of internal malice
The problem: The limitations of access controls
Over the past year, we have written extensively on the importance of securely managing access to critical business data. The general rule is to reduce access to the bare minimum for each resource, according to their requirements.
In practice, restricting access to all employees is extremely difficult, for logistical and functional reasons. For example, a company may have to provide one or more network administrators with nearly unlimited access.
Knowing that the majority of malicious acts against critical data originate from inside and not outside, how can one ensure, beyond a doubt, that a network administrator will not turn against his company?
The solution: Make crucial data inaccessible
It is in this context that one of our client consulted us. The company already had a well-structured disk backup, follwing the 3-2-1 rule. However, they wanted to make sure that none of the network administrators could delete critical data written on the hard drives, whether at the production level, on the backup or its replication. Therefore, they opted for an additional encrypted backup on tapes as a second safety net.
The recorded magnetic tapes are taken care of by an independent resource and routed to a secure backup center. Unlike data stored on disk, tape data is out of the physical and logical scope of the network administrators.
Meeting the 3-2-1 rule with tape storage
This specific case shows a strong example of the 3-2-1 rule, which should be followed by all companies to optimize their disaster recovery plan (DRP). It consists in having:
- • Three sets of data
- • Two of which are backups on different medias;
- • One of which is offsite.
In fact, the solution we proposed features a 4-3-2 strategy consisting of:
- • Four sets of data
- • Three of which are backups on different medias
- • Two of which are offsite.
Furthermore, one of the offsite sets of data is physically and logically separated (air gap) from the client’s environment.
By backing up their data on disks and tapes, organisations benefit from the distinct advantages of both methods. They can rely on the flexibility and rapidity of restoration provided by disks, and the additional safety offered by tapes.
Securing business data is as crucial as it is complex. The potential threats are many and come from multiple sources, ranging from natural disasters such as a fire to an intentional act committed by an employee. Although risks can be controlled, they cannot be completely avoided. Therefore, the best option remains to prepare for worst-case scenarios, even if they seem unlikely.
By adding tape backups to your disaster recovery plan, you benefit from the security of a second if not a third support, while gaining protection from the possible ill intentions of an administrator who might take advantage of unlimited or poorly controlled access rights.