The IT industry is often described as “dynamic”. That is to say, constantly changing, and evolving. There is always a “flashy new thing” to grab our attention and distract us. That may be the case when it comes to data storage. With relatively new and flashy things like SSDs, who’s had the time to pay attention to good old tape technology and the its role in ransomware protection?
Actually, lots of big data managers have been paying very close attention to tape technology these days. The largest active archives and archival cloud services on the planet are based on modern generations of tape storage. For everyone else, there is a killer app that is rapidly raising awareness for good old tape and that is ransomware protection.
Leveraging the low data storage cost, removability and portability of today’s highly advanced tape technology turns out to be a great way to get copies of mission-critical data offline and offsite for the inevitable day when cyber criminals take control of an organization’s network and demand a hefty ransom payment.
As National Cybersecurity Awareness Month is upon us, it is worth reviewing the cybersecurity advice and best practices recommended by the government, regulatory agencies and insurance companies. So here are five reasons why data tape backups should be part of every organization’s cyber security and ransomware protection plans:
At least for now, climate change is getting worse. We actually had the hottest days on Earth this July with a record global average of 62.92 degrees Fahrenheit. That does not sound that hot but it’s an average including summer in the northern hemisphere and winter in the southern hemisphere. These were the hottest days since 1979 at least, and broke records previously set in 2016 of 62.46 degrees F.
Severe weather could be seen across the U.S. from record-setting triple-digit heat waves out West and down South plus record rainfall and flooding in the Northeast with some locations getting 10 to 12 inches of rain in a single day. Extreme weather can be found in Asia, Europe, really all over the world. Global warming plus an El Nino event where the Pacific Ocean is releasing excessive heat are to be blamed. Scientists are sounding the alarm again that we must curb carbon emissions or we can expect more of the same, only worse, in the years and decades ahead.
There are a plethora of studies and reports on cyber security and ransomware out in the marketplace, but I always enjoy reading and respect the findings of Jason Buffington, VP of Market Strategy at Veeam and his team. Their recently released 2023 Global Report on Ransomware Trends details lessons learned from 1,200 ransomware victims in 2022. You will want to download the full report here, but in the meantime, below are 5 key takeaways that I found compelling and aligns with other market research we have engaged in.
The National Association of Broadcasters (NAB) held their annual conference this week in Las Vegas. Some 68,000 attendees from broadcasters to screenwriters, advertisers and streamers, to producers and filmmakers were eager to learn about the latest in media and entertainment technology. Some 1,200 exhibitors set up shop in the Las Vegas convention center, including FUJIFILM with our FUJINON lenses, and Recording Media in the form of LTO tape technology.
Ransomware continues to be a big concern for IT professionals and corporate stakeholders as this lucrative criminal activity promises to be with us for the long term. Research from Kroll found that the financial toll suffered courtesy of a significant cyberattack amounts to at least $5 million per attack. In about one-third of cases, it cost organizations between $10 million and $25 million. 16% said it amounted to more than $25 million. This total includes loss of market valuation. When a company is attacked, there is widespread PR fallout to contend with. Customers, partners, and investors hear about it and become wary. Stock prices fall, attrition rates increase, and new business is difficult to obtain. It takes time to ride the wave of negative publicity.
By Guest Blogger, Dr. Shawn O. Brume Sc. D., IBM Tape Evangelist and Strategist
According to a study by McKinsey, the average lifespan of companies listed in Standard & Poor’s is less than 18 years! That means that tape technology is already in business almost 4 times longer than the average S&P will survive. Tape technology celebrated 70 years young on May 21st. Tape has been and continues to be the most transforming data storage technology in history.
In the 50’s it was the only viable technology for storing data generated by the few computers in existence. In the 60’s tape took the world to the moon and preserved the data for usage nearly 40 years later when it was retrieved to assist in modern space explorations. By the 70’s Tape was dominating storage, transforming the financial industry by providing the ability to access data on accounts with minimal human intervention. The 80’s and 90’s continued the transformation of data availability by performing transactional data storage for ATMs, but also was key in the investigation of the space shuttle Challenger disaster; an investigation enhanced as a result of the durability of tape even when submerged in saltwater.
Today tape lives in the data center, preserving Zettabytes of data. Data being preserved and utilized across nearly every industry, examples:
Healthcare – Data preserved on tape is being utilized to develop new predictive health services. Digital medical records can be retained for the life of patients and shared across organizations.
Financial – Online transaction retention ensures customers valuable financial data is protected in the eventuality of a cyber-attack. Mortgage loans are preserved without fear of tampering.
Cloud – Data stored in public clouds are growing at a 30% faster rate than traditional storage. Cloud providers rely on tape to provide data durability and low-cost storage subscriptions.
Tape’s popularity has often been driven by the low cost of storage, modern data storage requires so much more including cyber-resiliency, data durability and low carbon footprints that enable sustainable IT.
Cyber Resiliency – Tape is the only true airgap data storage solution available.
Data Durability – Tape has a native single copy durability of 11- Nines. This means the likelihood of a single bit failure is 1 in 100 Petabytes.
Sustainability – At scale tape technology is 96% lower carbon footprint than highly dense HDD storage (when comparing OCP Bryce canyon and IBM tape technology with 27PB of data).
If preserving data, in a cyber-resilient solution, at low cost, with relatively low carbon impact meets your business outcomes, then why wait? Clearly tape is here to stay and surging in usage across nearly every business use case.
Happy 70-years to an amazing technology!
For more information about technology since tape’s introduction, check out this post from my colleague Mike Doran.
For more information on current tape products see the IBM product page.
The Tape Storage Council, (TSC), released a new report “Tape to Play Critical Roles as the Zettabyte Era Takes Off,” which highlights the current trends, usages and technology innovations occurring within the tape storage industry. The zettabyte era is in full swing generating unprecedented capacity demand as many businesses move closer to Exascale storage requirements.
According to the LTO Program, 148 Exabytes (EB) of total tape capacity (compressed) shipped in 2021, marking an impressive record year. With a growth rate of 40%, this strong performance in shipments continues following the previous record-breaking 110 EB capacity shipped in 2019 and 105 EB of capacity shipped in the pandemic affected year of 2020.
The ever-increasing thirst for IT services has pushed energy usage, carbon emissions, and reducing the storage industry’s growing impact on global climate change to center stage. Plus, ransomware and cybercrime protection requirements are driving increased focus on air gap protection measures.
As a result of these trends, among others, the TSC expects tape to play an even broader role in the IT ecosystem going forward as the number of exabyte-sized environments grow. Key trends include:
Data-intensive applications and workflows fuel new tape growth.
Data accessibility. Tape performance improves access times and throughput.
Tape should be included in every green data center strategy.
Storage optimization receives a big boost from an active archive which provides dynamic optimization and fast data access for archival storage systems.
Organizations continue to invest in LTO tape technology thanks to its high capacity, reliability, low cost, low power consumption and strong data protection features, especially as threats to cybersecurity soar.
As I started to write this blog on recent ransomware observations, an email message popped up on my PC from our IT department advising of additional and more stringent security enhancements taking place almost immediately to toughen my company’s cybersecurity and increase our protection against current and emerging threats. A sign of these cybercrime times, indeed!
Ransomware Trending According to a February 2022 Alert from CISA (Cybersecurity & Infrastructure Security Agency), 2021 trends showed an increasing threat of ransomware to organizations globally with tactics and techniques continuing to evolve in technological sophistication. So-called “big game” organizations like Colonial Pipeline, Kronos, JBS, Kaseya, and SolarWinds made the ransomware headlines over the past year or so. But according to the CISA Alert, by mid-2021, many ransomware threat actors, under pressure from U.S. authorities, turned their attention toward mid-sized victims to reduce the scrutiny and disruption caused by said authorities.
In a recent Enterprise Strategy Group (ESG) study, 64% of respondents said their organization had paid a ransom to regain access to data, applications, or systems. These findings are supported by the latest Threat Landscape report from the European Union Agency for Cybersecurity. It highlighted a 150% rise in ransomware in 2021 compared to 2020. The agency expects that trend to continue, and even accelerate in 2022.
But these numbers hide the stark reality of the ransomware scourge. Gangs like DarkSide, REvil, and BlackMatter are terrorizing organizations with ransomware – and they are getting smarter and more organized. They have moved beyond the basic ploy of infecting files, locking users out of their data, and demanding a fee. They still want money. But they also endanger reputations by exposing attacks, blackmailing companies by threatening to reveal corporate or personal dirty laundry, and selling intellectual property (IP) to competitors.
As a result, cybersecurity spending has become a priority in most organizations. According to ESG, 69% of organizations plan to spend more on cybersecurity in 2022 than in the previous year, while 68% of senior IT decision-makers identify ransomware as one of their organization’s top 5 business priorities. Such is the fear factor that organizations are now treating cybersecurity ahead of other organizational imperatives such as the cloud, artificial intelligence (AI), digital transformation, and application development.
New Federal Mandate and the SEC Takes Action On March 15th, in an effort to thwart cyberattacks from foreign spies and criminal hacking groups, President Biden signed into law a requirement for many critical-infrastructure companies to report to the government when they have been hacked. This way, authorities can better understand the scope of the problem and take appropriate action.
It’s also no wonder that the Security and Exchange Commission (SEC) is taking action. On March 9th, the SEC voted 3 to 1 to propose reporting and disclosures related to cybercrime incidents and preparedness. In a nutshell, the SEC will be asking publicly traded companies:
To disclose material cybersecurity incidents
To disclose its policies and procedures to identify and manage cybersecurity risks
To disclose management’s role and expertise in managing cybersecurity risks
To disclose the board of director’s oversight role
Specifically, the SEC will want to know:
Whether a company undertakes activities to prevent, detect and minimize the effects of cybersecurity incidents
Whether it has business continuity, contingency, and recovery plans in the event of a cybersecurity incident
Whether the entire board, certain board members, or a board committee is responsible for the oversight of cybersecurity risks
Whether and how the board or board committee considers cybersecurity risks as part of its business strategy, risk management, and financial oversight
Holding publicly traded companies and their boards accountable for best practices in combating ransomware is a big step in the right direction and will no doubt free up the required budgets and resources.
Lowering the Fear Factor Cybersecurity is already a top spending priority for 2022 and with SEC regulations looming, will likely continue to be a priority for quite some time. Companies are busy beefing up the tools and resources needed to thwart ransomware. They are buying intrusion response tools and services, extended or managed detection and response suites, security information and event management platforms, antivirus, anti-malware, next-generation firewalls, and more, including cybercrime insurance policies.
What may be missing in the spending frenzy, however, are some fundamental basics that can certainly lower the fear factor. Backup tools are an essential ingredient in being able to swiftly recover from ransomware or other attacks. Similarly, thorough and timely patch management greatly lowers the risk of hackers finding a way into the enterprise via an unpatched vulnerability.
Another smart purchase is software that scans data and backups to ensure that no ransomware or malware is hidden inside. It is not uncommon for a ransomware victim to conduct a restore and find that its backup files have also been corrupted by malware. Cleansing data that is ready to be backed up has become critical. These are some of the fundamental basics that need to be in place in the fight against ransomware. Organizations that neglect them suffer far more from breaches than those that take care of them efficiently.
Adding an Air Gap Another fundamental basic is the elegantly simple air gap. When data is stored in the cloud, on disk, or in a backup appliance, it remains connected to the network. This leaves it vulnerable to unauthorized access and infection from bad actors. An air gap is essentially a physical gap between data and the network. It disconnects backed up or archived data from the Internet.
Such a gap commonly exists by partitioning in, or removing tapes from, an automated tape library and either storing them on a shelf or sending them to a secure external service provider. If that data is properly scanned prior to being backed up or archived to ensure it is free of infection, it offers certainty that a corruption-free copy of data exists. If a ransomware attack occurs, the organization can confidently fall back on a reliable copy of its data – and avoid any ransom demands.
Effectively Combatting Ransomware There is no silver security bullet that will 100% guarantee freedom from ransomware. It is truly a multi-faceted strategy. Implementation of best-of-breed security tools is certainly necessary. But they must be supported by the steadfast application of backup and patching best practices and the addition of a tape-based air gap.
CISA, the FBI, and cybersecurity insurance companies all recommend offline, offsite, air-gapped copies of data. This can be achieved cost-effectively with today’s removable, and highly portable modern tape technology. The boards of publicly traded companies will likely want to do whatever it takes to demonstrate compliance with best practices to meet the SEC requirements. This should include air-gapped tape as part of a prudent and comprehensive strategy. A best practice in these cybercrime times, indeed!
The Arrival of the Zettabyte Era The data storage market has clearly entered the “zettabyte era” where new capacity shipments have exceeded a massive one zettabyte for a couple of years now. The data storage requirements are being driven by the phenomenon of “digital transformation” and the rising value of data that needs to be stored for longer periods of time, and in some cases, indefinitely. Further accelerating the zettabyte era is the other era we are all in, that being the “pandemic era”. With this era comes the unanticipated need for an unexpected remote workforce and the ever-expanding internet with its proliferation of online apps.
Pandemic Related Supply Shortages The pandemic has brought with it related disruptions to the global supply chain including shortages of semiconductor chips. It’s been tough to get modern goods from toys to notebooks to refrigerators to automobiles. The combination of zettabyte and pandemic era has even put a strain on supply chains and the availability of SSDs and HDDs needed to support the digital transformation. This has been the cause of fluctuating prices based on quarterly supply and demand swings.
Supply Chain Challenges Persist While pandemic-related labor shortages have delayed the production and distribution of goods, other factors are making matters worse. How about global warming, climate change, and the ensuing natural disasters that have had negative impacts on the supply chain? How about international rivalries and tensions impacting the availability of key components? Or cybercriminals shutting down vital infrastructure? Bottom line: industry pundits say we can expect supply chain hassles to continue throughout 2022.
Supply Chain Contingency Planning in Data Storage Faced with supply chain risks in any industry, it’s always good to have contingency plans to mitigate risk and ensure ongoing operations. The IT industry is no exception where the availability of commodities that we may take for granted can be interrupted by any of the factors listed above from unforeseen demand to pandemic-related shortages to global warming, trade wars, and cybercrime.
A great way to avoid supply chain disruptions in the availability of primary storage devices like SSDs and HDDs is to employ intelligent data management software, typical of active archive solutions, that will automate the migration of data from these potentially supply chain affected devices to a modern, automated tape library. Since 60 to 80 percent of data quickly goes cold after a short period of time, why keep it stored on higher performing, expensive, and energy-intensive devices? Given the global supply chain uncertainty, 3 good reasons to migrate data from primary storage devices to tape storage are:
Free up capacity on expensive Tier 1 and Tier 2 storage devices like SSDs and HDDs in favor of TCO friendly tape systems
Reduce energy consumption and related CO2 emissions by leveraging the low power profile of automated tape systems
Take advantage of tape’s natural air gap security in the never-ending war against ransomware
The above actually makes sense even in the absence of supply chain concerns. Since data to be stored is growing at a CAGR of around 30% versus IT budget growth somewhere in the low single digits, the IT industry needs to find a more cost-effective storage solution. With the increasing value of data and indefinite retention periods, the long-term archival profile of tape coupled with best-in-class reliability actually makes sense.
Fighting Climate Change and Cybercrime Finally, we all have to engage in the battle against global warming and climate change if we are to preserve the planet that we inhabit. Studies show that tape systems consume 87% less energy than equivalent amounts of disk storage and produce 95% less CO2 emissions than disk over the product lifecycle. Other studies show that collectively, the global IT industry could avoid as much as 664 million metric tons of CO2 emissions by strategically moving more data to tape systems. As data cools off or goes cold, it should migrate to less expensive, less energy-intensive, and more secure tiers of storage.
Once the pandemic era finally subsides, it will be environmental calamities brought on by climate change and the relentless threat of cybercriminals that will have long-term impacts on supply chains.
It seems like 2020 and 2021 have blended to combine into one long, tough time for all of us. Let’s hope 2022 emerges on the brighter side! In the meantime, here are 5 big predictions we see coming up in this New Year and beyond:
1. Increasing Focus on IT Energy Consumption
Severe weather was once again a hallmark of 2021, from the Texas deep freeze right up to the bitter end of 2021. As unusual tornadoes and wildfires reminded us of the negative impact of global warming and climate change.
According to a report from the United Nations released in August of 2021, irreversible damage has already been done to the environment as a result of greenhouse gas emissions. The world showed renewed interest in the COP 26 conference in Glasgow where countries from around the globe gathered to pledge their commitments to combat climate change.
Wall Street got in on the act too and will increasingly demand that companies disclose their sustainability initiatives and results. Accordingly, more and more companies will be appointing Chief Sustainability Officers who will put pressure on their organization’s energy usage including energy-intensive IT operations. The use of renewables, but also energy conservation measures will be mandated.
Curbing CO2 emissions is quickly becoming a C-suite imperative and storage will not escape the scrutiny. Research shows that 81% of CIOs would consider alternative data storage options that are more cost-effective and sustainable. This will set the stage for new tape system deployments that not only can reduce TCO by more than 70%, but can reduce CO2 emissions by 95% compared to traditional HDD storage.
2. Return to Hybrid Cloud Strategies
Prior to COVID 19, the term “cloud repatriation” appeared often in the press as it turned out that cloud was not a panacea for everything. But COVID 19 understandably created short-term storage strategies often resulting in a flight to the cloud.
However, long-term thinking will favor hybrid cloud strategies where the best of public cloud plus on-prem private cloud provides maximum flexibility and value. This will especially apply to data accessibility, regulatory requirements, data governance, and cybercrime risks including ransomware.
Today’s modern automated tape solutions will provide the advantages of cost, scalability, reliability, and data protection to support the hybrid cloud model.
3. Storage Optimization Will Be Key to Data Growth Management
With the continuing digital transformation comes the zettabyte age of storage where data to be stored globally will approach 6.0 zettabytes (ZB) in 2022, according to a leading IT industry analyst. Just one ZB would require 55 million 18.0 TB HDDs or 55 million 18.0 TB LTO-9 cartridges!
Storage optimization, that is to say, getting the right data, in the right place, at the right time, and at the right cost will be critical to maintaining competitive advantage.
Intelligent data management will be required, leveraging multiple tiers of storage, active archives, and innovative S3-compatible archive solutions for object storage. Nowhere will this be more apparent than in digital preservation and high-performance computing environments with a simple need to offload expensive object storage to cost-effective tape systems using an S3-compatible API.
4. Continuing Rise of Ransomware
It has been said that ransomware is only in “its infancy” and it’s been said many more times, an attack is not a matter of “if” but “when.” The FBI and CISA have weighed in with this advice:
“Backup your data, system images, and configurations, test your backups, and keep backups offline.”
As ransomware hackers mature in sophistication (and profits), online backups are increasingly being targeted to hamper recovery efforts, including cloud-based backups connected to a network. As a result, the value of affordable, removable, and highly-portable tape will only increase, providing true air gap protection (meaning offline, offsite backups in a secure location).
5. Video Surveillance Content Management
As we predicted last year, data tape has increasingly become a strategic option in managing the ballooning volume of video content associated with video surveillance applications.
Due to security reasons, regulatory compliance, or for future analytics, retention volumes and periods will only increase making legacy HDD solutions cost-prohibitive and unsustainable in terms of energy consumption. Look for increasing adoption of cost-effective tier 2 tape in video retention workflows in 2022.
Successfully emerging from the combined years of 2020 and 2021 will require getting back to strategic, long-term planning. Given the relentless growth of data, environmental concerns, and limited resources and budgets, today’s highly advanced tape storage will play an increasingly vital role in 2022 and beyond.
Usage of Cookies
Cookies are important to the proper functioning of a site. To improve your experience, we use cookies to remember log-in details and provide secure log-in, collect statistics to optimize site functionality and deliver content tailored to your interest. By continuing to use this site you are giving us your consent to do this. For more information you can read our Privacy Policy.