Air Gapping: Offline Backups Ensure Recovery

JANUARY 2ND, 2024

The concept of air gapping has been around for decades. And thanks to our ever-growing ransomware risks, it's not going anywhere soon. That's really no wonder, given that hackers seem to find ways to overcome just about every obstacle IT teams can put in their path. Let's take a look at why air-gapped backups are worth considering.

What Does Air Gapping Mean?

TechTarget defines air gapping as "a security measure that involves isolating a computer or network and preventing it from establishing an external connection. An air-gapped computer is physically segregated and incapable of connecting wirelessly or physically with other computers or network devices." 

Your backup device can't be remotely hacked or corrupted without an internet or other network connection or by using a virtual air gap for your backups. That leaves only a direct physical attack as a means to get to your data. 

Air-Gapping and the 3-2-1-1 Backup Strategy

Traditionally, air gapping has been referred to in the context of tape backups, but today's options for backing up to the cloud offer a virtual equivalent of air-gapped tape. But, while the cloud's object-based defenses, like S3 Object Lock, offer immutable storage, a physically air-gapped backup gives you a final line of defense.

This ties back to our post about the updated 3-2-1-1 backup strategy. There we discuss how you should store one copy of your backups in an immutable format and another in a secure, offsite location. While your immutable backups should always be available, you may choose to backup and archive large volumes of data on tape because it's such a cost-effective option. 

If that offsite copy is air-gapped, it's protected from malicious software, direct cyberattacks, and other threats. It also protects your backups even if ransomware compromises admin passwords or other data. If everything else fails, your air-gapped backups should be capable of restoring your entire network system.

Physical Air Gapping

Although air gapping is your ultimate defense against disaster, it can also be costly in terms of labor. When your backup device is completely disconnected from your network, the only way to access it is with direct physical contact. That limits your ability to automate backups, and even if you choose an automated solution, any device connected to a network could become compromised. That means going to the device and physically transferring data is a good choice if it can work within your infrastructure. That brings us to virtual air gapping, where software and processes replace physical separation.

Virtual Air Gapping

Arcserve Unified Data Protection (UDP) offers virtual air-gapping by replicating your primary recovery point server (RPS) to a secondary, remotely-managed RPS to create an air gap between the systems. This creates two autonomous systems with separate controls. The air gap results from using a secure connection to the secondary RPS using a regular, non-administrative user account and a data transfer via a block-based replication. If the primary RPS server is compromised, the block-based replication technology prevents any affected files from reaching the secondary RPS. You should take several other essential measures to protect the secondary RPS, which you can learn about by requesting an Arcserve UDP demo.  

Tape Air Gapping Made Easy

One of the simplest ways to protect your air-gapped storage is with Arcserve Tape Backup Software. Tape offers an affordable, proven option for long-term storage of backed-up data. The software offers unique technologies that improve the economies of data protection by enabling more extended retention periods, reducing storage, and integrating powerful deduplication into your existing backup environment.

With Arcserve Tape Backup Software, you can store critical data on nearly any tape device, from a single tape drive to huge tape libraries. You can also manage more data in more locations and reduce the time spent managing backups, no matter how simple or complex your infrastructure is. And it's perfect for air-gapped tape backups.

Conclusion

Ultimately, whether you choose to include air-gapped backups in your strategy depends on your unique situation. What matters most is that you have a solid backup and recovery plan in place and keep it up to date. By choosing an Arcserve Technology Partner, you gain access to the expertise and guidance you need to ensure your data is protected, backed up, and always recoverable. 

You May Also Like