Data Resilience is the new term used across backup, replication, storage, and DR products’ nomenclature in response to the rise of ransomware attacks. Although the definition of “Data Resilience” varies depending on the vendor, the term primarily refers to the capacity of platforms to provide air-gapped data immutability in a resilient vault with point-in-time recoverability.
Was data on tape in an Iron Mountain vault not resilient?
When businesses used to run applications in the data centers, protection of applications data used a simple backup system to copy and move the data to an isolated secure location in the same data center or offsite like Iron Mountain service offered a sufficient level of resilience. Businesses also protected copies of data against natural and other disasters with replicated storage systems to well-defined far-away data centers hosted by a services provider for a failover. With the advent of hybrid cloud architectures for backup and replication systems, data copies could be moved away from the local data centers to hyperscale object storage systems offering faster recoverability than Iron Mountain type of service. Data immutability and air-gapping were not overemphasized, mainly because there were less sophisticated cyberattacks. However, with the rise of sophisticated ransomware attacks, air-gapped data immutability is as important as data protection in resilient locations with a capability to recover much faster than what was possible before.
Cloud Data Resilience
Cloud data resilience is the ability to protect distributed and dynamic cloud application systems’ data, spread across various cloud services with immutable data copies, at air-gapped locations, far away from the production environments. Importantly, a good cloud data resilience platform has the capacity to get back all your cloud services data rapidly at a particular point-in-time in a cloud region of your choice in an isolated environment so you can resume your business operations from clean data copies even after a ransomware attack.
Immutable Cloud Data Copies
Production cloud storage and data services need to be open and mutable to serve applications. However, when the data copies are made for backup, or replicated to other regions or to other cloud accounts for additional protection, they should be completely immutable, i.e, they should not be allowed to be modified directly either by humans or systems. This is the only way to ensure Ransomware or other cyber attacks do not corrupt point-in-time copies of data so organizations can recover clean versions going back in time prior to an attack. A good cloud data resilience system should never, ever allow modifications of protected data at the block level.
Air-gapping Cloud Data Copies to another Isolated Cloud Account
Air-gapping cloud data copies in an offline location separate from the production environment enables enterprises to recover from ransomware attacks using clean point-in-time data copies. Utilizing hyperscale globally dispersed cloud infrastructure, in an entirely different cloud account from the production account, increases data resiliency and offline security without sacrificing faster recoverability. Cloud-enabled distributed dynamic workloads with a variety of backend cloud data services do not need to rely on the traditional two-step copying mechanism. First copying the data from the data service to another data management platform and then copying from the data management platform to another location in the same cloud for offline access which not only slows backup but also impacts the recoverability drastically. Users of cloud platforms should take advantage of the fast and ever improving global networks and copying capabilities for speedier recoveries while leveraging air-gapped data protection at a significantly reduced cost.
Cloud Data Resilience Simplifies Application Resilience
Having data resilience is absolutely essential but just getting back data alone is not going to bring back your applications, particularly, distributed, dynamic applications along with all the services and infrastructure so your business can get back online quickly.
Just take an example of one of our customers that suffered an encryption attack that took down their entire technology business two weeks ago, frantically giving us a call in the early morning hours, to recover their business with all the applications, dependencies and clean data in an isolated environment. Of course, data resilience was an important component of getting back their business but more importantly recovering their distributed applications spread across 18 different Azure accounts was equally important to get back their business online without paying any ransom.
As applications become more distributed and dynamic taking advantage of the programmable cloud infrastructure, delivering application resilience is really hard for SREs and cloud operations teams. In a rapidly changing cloud environment with various cloud data services spread across platforms, simplifying data resilience using cloud-native data infrastructure is key to get back your business after a ransomware attack. It is grossly insufficient to just restore data from a third party data management platform, you have to really think about rebuilding your applications, services, dependencies and infrastructure along with clean data copies hyperfast.