As we head into 2022, I recall a quote from an IT industry executive who said in his 2021 predictions: “Ransomware is just in its infancy”. Indeed, ransomware reigns as today’s chief malware threat with no signs of subsiding anytime soon. Businesses may lose revenue, employee talent, customers, and even shut down from a ransomware attack. Coupled with the ransomware problem, exponential data growth challenges organizations with gathering, storing, and protecting their data cost-effectively with limited budgets. Strong data governance through active archive solutions helps organizations mitigate ransomware attacks and provides a framework for strategically managing their data growth.
A New White Paper by DCIG
In a recently published white paper by the Data Center Intelligence Group (DCIG), commissioned by the Active Archive Alliance, it is stated that active archiving solutions offer permanent and long-term protection for archived data against malicious intrusion as well as accidental data loss or corruption.
The report highlights numerous ways that active archive solutions can provide ransomware mitigation including:
Protecting archive data from modification. WORM (write once, read many) and retention management features keep archived data safe from malicious encryption or overwrite.
Replicating archived data and securing offline storage. Active archive solutions may secure archived data through offline storage, providing an air gap defense that removes the data from the network where it cannot be attacked. Archived data may be replicated for additional protection.
Replicating data to a secure cloud. Data remains online in a secure cloud, protecting it with security features like Secure Socket Layers (SSL) encryption and multi-factor user authentication.
Supporting 3-2-1 data archiving. The 3-2-1 model maintains three replicated copies stored on two different storage types, such as a disk-based backup system, a secure cloud platform, and online or offline tape.
Enabling rapid recovery. The more data sets that reside in primary storage, the greater the opportunity for hackers. Active archiving minimizes attack opportunities in primary storage by identifying and moving inactive files to secure cloud and offline archives. This approach leaves fewer data sets to test and recover on primary storage and primary backup, speeding up recovery with minimal business impact.
Let’s hope 2022 does not represent the “terrible 2s” as ransomware matures from its infancy. But if it does, it’s good to have strategic solutions like an active archive that help manage both the data and the threat!
The newly released whitepaper from IT analyst firm ESG (Enterprise Strategy Group), sponsored by IBM and Fujifilm, entitled, “How Tape Technology Delivers Value in Modern Data-driven Businesses,” focuses on exciting, new advances in tape technology that are now positioning tape for a critical role in effective data protection and retention in the age of zettabyte (ZB) storage. That’s right “zettabyte storage!”
The whitepaper cites the need to store 17 ZB of persistent data by 2025. This includes “cold data” stored long-term and rarely accessed that is estimated to account for 80% of all data stored today. Just one ZB is a tremendous amount of data equal to one million petabytes that would need 55 million 18 TB hard drives or 55 million 18 TB LTO-9 tapes to store. Just like the crew in the movie Jaws needed a bigger boat, the IT industry is going to need higher capacity SSDs, HDDs, and higher density tape cartridges! On the tape front, help is on the way as demonstrated by IBM and Fujifilm in the form of a potential 580 TB capacity tape cartridge. Additional highlights from ESG’s whitepaper are below.
New Tape Technology IBM and Fujifilm set a new areal density record of 317 Gb/sq. inch on linear magnetic tape translating to a potential cartridge capacity of 580 TB native featuring a new magnetic particle called Strontium Ferrite (SrFe) with the ability to deliver capacities that extend well beyond disk, LTO, and enterprise tape roadmaps. SrFe magnetic particles are 60% smaller than the current defacto standard Barium Ferrite magnetic particles yet exhibit even better magnetic signal strength and archival life. On the hardware front, the IBM team has developed tape head enhancements and servo technologies to leverage even narrower data tracks to contribute to the increase in capacity.
The Case for Tape at Hyperscalers and Others Hyperscale data centers are major new consumers of tape technologies due to their need to manage massive data volumes while controlling costs. Tape is allowing hyperscalers including cloud service providers to achieve business objectives by providing data protection for critical assets, archival capabilities, easy capacity scaling, the lowest TCO, high reliability, fast throughput, low power consumption, and air gap protection. But tape also makes sense for small to large enterprise data centers facing the same data growth challenges including the need to scale their environments while keeping their costs down.
Data Protection, Archive, Resiliency, Intelligent Data Management According to an ESG survey revealed in the whitepaper, tape users identified reliability, cybersecurity, long archival life, low cost, efficiency, flexibility, and capacity as top attributes in tape usage today and favor tape for its long-term value. Data is growing relentlessly with longer retention periods as the value of data is increasing thanks to the ability to apply advanced analytics to derive a competitive advantage. Data is often kept for longer periods to meet compliance, regulatory, and for corporate governance reasons. Tape is also playing a role in cybercrime prevention with WORM, encryption, and air gap capabilities. Intelligent data management software, typical in today’s active archive environments, automatically moves data from expensive, energy-intensive tiers of storage to more economical and energy-efficient tiers based on user-defined policies.
ESG concludes that tape is the strategic answer to the many challenges facing data storage managers including the growing amount of data as well as TCO, cybersecurity, scalability, reliability, energy efficiency, and more. IBM and Fujifilm’s technology demonstration ensures the continuing role of tape as data requirements grow in the future and higher capacity media is required for cost control with the benefit of CO2 reductions among others. Tape is a powerful solution for organizations that adopt it now!
As recently announced by Fujifilm, LTO-9 has arrived and is available for immediate delivery. It certainly comes at a time when the IT industry is so challenged to manage rampant data growth, control costs, reduce carbon footprint and fight off cyber-attacks. LTO-9 is coming to market just in time to meet all of these challenges with the right features like capacity, low cost, energy efficiency, and cyber security.
What a Great Run for LTO First of all, it is remarkable to look at how far LTO Ultrium technology has come since its introduction. LTO made its market debut in 2000 with the first generation LTO-1 at 100/200 GB native/compressed capacity with 384 data tracks. Transfer rate was just 20 MB native and 40 MB compressed per second. Fast forward 21 years to the availability of LTO-9 now with 18/45 TB native/ compressed capacity on 8,960 data tracks, with transfer rate increasing to 400 MB per second, 1,000 MB per second compressed! In terms of compressed capacity, that’s a 225X increase compared to LTO-1. Since 2000, Fujifilm alone has manufactured and sold over 170 million LTO tape cartridges, a pretty good run indeed.
Capacity to Absorb Bloated Data Sets We are firmly in the zettabyte age now and it’s no secret that data is growing faster than most organizations can handle. With compound annual data growth rates of 30 to 60% for most organizations, keeping data protected for the long term is increasingly challenging. Just delete it you say? That’s not an option as the value of data is increasing rapidly thanks to the many analytics tools we now have to derive value from it. If we can derive value from that data, even older data sets, then we want to keep it indefinitely. But this data can’t economically reside on Tier 1 or Tier 2 storage. Ideally, it will move to Tier 3 tape as an archive or active archive where online access can be maintained. LTO-9 is perfect for this application thanks to its large capacity (18 TB native, 45 TB compressed) and high data transfer rate (400 MB sec native, 1,000 MB sec compressed).
Lowest TCO to Help Control Costs Understanding your true total cost of ownership is of vital importance today as exponential data growth continues unabated. The days of just throwing more disk at storage capacity issues without any concern for cost are long gone. In fact, studies show that IT budgets on average are growing at less than 2.0% annually yet data growth is in the range of 30% to 60%. That’s a major disconnect! When compared to disk or cloud options, automated tape systems have the lowest TCO profile even for relatively low volumes of data less than one petabyte. And for larger workloads, the TCO is even more compelling. Thanks to LTO-9’s higher capacity and fast transfer rate, the efficiency of automated tape systems will improve keeping the TCO advantage firmly on tape’s side.
Lowest Energy Profile to Reduce Carbon Footprint Perhaps of even greater concern these days are the environmental impacts of energy-intensive IT operations and their negative effect on global warming and climate change. You may have thought 2020 was a pretty bad year, being tied for the hottest year on record with 2016. Remember the raging forest fires out West or the frequency of hurricanes and tropical storms? Well, it turns out 2021 is just as bad if not worse with the Caldor Fire and Hurricane IDA fresh in our memory.
Tape technology has a major advantage in terms of energy consumption as tape systems require no energy unless tapes are being read or written to in a tape drive. Otherwise, tapes that are idle in a library slot or vaulted offsite consume no energy. As a result, the CO2 footprint is significantly lower than always on disk systems, constantly spinning and generating heat that needs to be cooled. Studies show that tape systems consume 87% less energy and therefore produce 87% less CO2 than equivalent amounts of disk storage in the actual usage phase. More recent studies show that when you look at the total life cycle from raw materials and manufacturing to distribution, usage, and disposal, tape actually produces 95% less CO2 than disk. When you consider that 60% to 80% of data quickly gets cold with the frequency of access dropping off after just 30, 60, or 90 days, it only makes sense to move that data from expensive, energy-intensive tiers of storage to inexpensive energy-efficient tiers like tape. The energy profile of tape only improves with higher capacity generations such as LTO-9.
A Last Line of Defense Against Cybercrime Once again, 2021 is just as bad if not worse than 2020 when it comes to cybercrime and ransomware attacks. Every webinar you attend on this subject will say something to the effect of: “it’s not a question of if; it’s a question of when you will become the next ransomware victim.” The advice from the FBI is pretty clear: “Backup your data, system images, and configurations, test your backups, and keep backups offline.”
This is where the tape air gap plays an increasingly important role. Tape cartridges have always been designed to be easily removable and portable in support of any disaster recovery scenario. Thanks to the low total cost of ownership of today’s high-capacity automated tape systems, keeping a copy of mission-critical data offline, and preferably offsite, is economically feasible – especially considering the prevalence of ransomware attacks and the associated costs of recovery, ransom payments, lost revenue, profit, and fines.
In the event of a breach, organizations can retrieve a backup copy from tape systems, verify that it is free from ransomware and effectively recover. The high capacity of LTO-9 makes this process even more efficient, with fewer pieces of media moving to and from secure offsite locations.
The Strategic Choice for a Transforming World LTO-9 is the “strategic” choice for organizations because using tape to address long-term data growth and volume is strategic, adding disk is simply a short-term tactical measure. It’s easy to just throw more disks at the problem of data growth, but if you are being strategic about it, you invest in a long-term tape solution.
The world is “transforming” amidst the COVID pandemic as everyone has to do more with less and budgets are tight, digital transformation has accelerated, and we are now firmly in the zettabyte age which means we have more data to manage efficiently, cost-effectively, and in an environmentally friendly way. The world is also transforming as new threats like cybercrime become a fact of life, not just a rare occurrence that happens to someone else. In this respect, LTO-9 indeed comes to market at the right time with the right features to meet all of these challenges.
Ransomware attacks used to be relatively simple, if unpleasant, affairs. A device would be compromised, the user locked out, and a ransom notice would appear: Pay up if you want to access those files again. On an organizational level, hackers would sometimes gain enough presence in the network to be able to lock IT and users out of their systems. Many of these attacks would go largely unnoticed, even unreported with minimal impact to anyone except the victim organization.
But the Colonial Pipeline hack added a more sinister element – shutting down the pipeline backbone that provides 45% of the gasoline consumed by most of the U.S. eastern seaboard. Gas prices spiked as supplies began to run out. Lines appeared as panic set in at the pumps. The pipeline operator acted quickly and made a ransom payment of $4.4 million dollars in bitcoin to the cybercriminals behind the breach. In return, they provided Colonial with a decryption tool to regain access to their systems. Not surprisingly, the decryption tool turned out to be less than effective, forcing Colonial to restore from existing backups anyway.
But the success of the attack and money paid over is likely to embolden hackers to go after even more lucrative infrastructure targets. That’s why the FBI strongly advises organizations not to pay a ransom. It’s not unlike the policy of refusing to negotiate with terrorists. Paying the ransom not only emboldens the criminals, it does not guarantee complete recovery or prevent repeated ransomware attacks. The more you give in to their demands, the more likely they are to try again.
But Colonial Pipeline paid after careful consideration of what was best for all those that depend on its infrastructure. Some are now wondering if the FBI will carry out its threat to fine Colonial and those who do decide to pay out a ransom. This remains to be seen. Yet, in the high-stakes game of oil and gas, any fine is likely to be no more than a minor inconvenience compared to the potential revenue and profits at risk – perhaps one of the motivations behind the company paying fairly soon after the attack.
Brazen Attacks on the Rise
Expect, then, even more brazen and perhaps costly attacks on U.S. infrastructure, government, industry, and essential services. Remember the SolarWinds saga from earlier in the year? The vulnerabilities of the U.S. Government and its software contractors exposed in this case prompted the White House executive order on “Improving the Nation’s Cybersecurity” issued on May 12th. The fall-out from the Colonial Pipeline attack will likely lead to stiffer regulations imposed on pipeline operators and other critical infrastructure players. The broader market needs to pay attention, too, as the frequency of ransomware continues to rise:
Department of Homeland Security figures show a 300% increase in ransomware in 2020 compared to the previous year.
Small business targets paid out $350 million in ransoms last year.
Attacks on schools, local government systems, and healthcare providers have risen sharply.
And the volume of ransomware victims is expected to rise sharply this year.
Most organizations are understandably far more focused on their primary mission than on instituting cybersecurity measures. This often makes them easy targets. All it takes is one slip by IT or one gullible user and the bad guys can move in and do their damage. Increasingly, that damage involves ransomware.
The changing landscape of the data protection industry has evolved from primarily backing up data in order to recover from hardware, software, network failures and human errors, to fighting a mounting wave of cybercrime. Over the years, hardware and software have significantly improved their reliability and resiliency levels but security is a people problem, and people are committing the cybercrimes.
Cybercrime has now become the biggest threat to data protection and the stakes are getting higher as anonymous individuals seek to profit from other’s valuable digital data. With a cease-fire in the cybercrime war highly unlikely, we are witnessing a rapid convergence of data protection and cybersecurity to counter rapidly growing and costly cybercrime threats, including ransomware. The growing cybercrime wave has positioned air-gapped storage solutions as a key component of digital data protection – they simply can’t be hacked.
Traditional backup and archival data can be stored locally or in cloud environments. In contrast, a cyber-resilient copy of data must meet additional more stringent requirements. This is where “air gapping” and tape technology are gaining momentum. The rise of cybercrime officially makes the offline copy of data stored on tape more valuable and takes advantage of what is referred to as the tape air gap. The tape air gap is an electronically disconnected or isolated copy of data in a robotic library or tape rack that prevents cybercriminals from attacking a backup, archive or any other data.
Tape cartridges in a robotic tape library or manually accessed tape cartridges in tape racks, are currently the only data center class air-gapped storage solution available.
Modern tape storage has long been recognized for its low cost. Several analyst white papers have been published that demonstrate the low cost of storing data on tape. For example, “Quantifying the Economic Benefits of LTO-8 Technology” is a white paper that can be found on the LTO.org website. However, occasionally a storage solution provider publishes a white paper that claims to show that their solution is less expensive than tape storage for a particular use case. A good example is a recent white paper published by a disk-based backup-as-a-service provider who will remain unidentified out of respect for what they do. For the purpose of this blog, let’s call them “BaaS.” So let’s dig into their analysis which makes several assumptions that result in higher costs for tape storage than most users would experience.
Total Cost of Ownership (TCO) Process
The first step in developing a Total Cost of Ownership (TCO) estimate is the determination of the amount of data to be stored. The BaaS whitepaper separates the amount of primary data, which we wish to protect, from backup data, which is the data physically stored on the backup media. They estimate the amount of backup data residing in the tape library to be two to four times the primary data. This is due to their use of the old daily/ weekly/monthly/ full backup methodology for estimating the amount of backup data. The result is that two to four times the amount of primary data ends up being stored on tape, raising the tape hardware and media costs by two to four times.
Ransomware statistics can be frightening! Research studies suggest that over two million ransomware incidents occurred in 2019 with 60% of organizations surveyed experiencing a ransomware attack in the past year. To make matters worse, the cybercriminals have moved up the food chain. Two thirds of those attacked said the incident cost them $100,000 to $500,000. Another 20% said the price tag exceeded half a million. Overall, the losses are measured in billions of dollars per year. And it’s getting worse. Enterprise Strategy Group (ESG) reports that about half of all organizations have seen a rise in cyber attacks since the recent upsurge in people working from home.
Understandably, this is a big concern to the FBI. It has issued alerts about the dangers of ransomware. One of its primary recommendations to CEOs is the importance of backup with the following key questions:
“Do you backup all critical information? Are backups stored offline? Have you tested your ability to revert to backups during an incident?”
The key word in that line of questioning is “offline.” Hackers have gotten good at staging their attacks slowly over time. They infiltrate a system, quietly ensuring that backups are infected as well as operational systems. When ready, they encrypt the files and announce to the company that they are locked out of their files until the ransom is paid. Any attempt to recover data from disk or the cloud fails as the backup files are infected, too.
The answer is to make tape part of the 3-2-1 system: Three separate copies of data, stored on at least two different storage media with one copy off-site. This might mean, for example, one copy retained on onsite disk, another in the cloud, and one on tape; or one on onsite disk, one on onsite tape as well as tape copies stored offsite.
How much do you really know about your data? Is your data on the right storage type? How active is your data, and how is it being used?
From life sciences and media and entertainment to HPC/Research, higher education, government and consumer products, virtually ALL enterprises struggle to manage data with fewer resources and at less cost. Heterogeneous storage environments have added complexities, costs, and made it difficult for IT managers to manage data.
Don’t let multi-vendor storage silos get in the way of effective data management.
This webinar series goes beyond just organizing your data. Throughout three short webinars, you’ll learn about how to take control, protect, and manage your data – all while enhancing workflow and reducing costs.
Join Floyd Christofferson, CEO of StrongBox Data Solutions, in a webinar series that will teach you how you can make the most of your data:
Take Back Control of Your Data + LTFS
Don’t let multi-vendor storage silos get in the way of effective data management.
July 28, 2020 12:00 PM – 12:45 PM Eastern Time
Reduce Costs & Increase Data Protection!
How to Better Manage Data Growth in a Multi-Vendor Storage Environment.
August 4, 2020 12:00 PM – 12:45 PM Eastern Time
Techniques to better use your data and not waste time trying to wrangle it.
The most efficient data protection utilizes proper archiving, and with the data growth rate almost doubling, tape storage is growing from an archiving standpoint. In this Fujifilm Summit video, Dr. James Cates, SVP of Archive Development at Oracle, discusses the advantages of tape for archiving. Watch it here:
Usage of Cookies