Article · Mar 10, 2021

Can Air-Gapped Backup Provide an Extra Measure of Security?

An air gap is a security strategy that isolates a computer or network from outside connections. With the risk of ransomware criminals and malicious state actors increasing, businesses and IT organizations are looking for more secure methods of isolating their critical data and making it harder for bad actors to circumvent traditional cybersecurity and gain access to data. While air gapping backups traditionally leveraged tape, the cloud has emerged as an alternative.

Air-gapped backup is gaining support among businesses and IT organizations due to the growing threats posed by ransomware criminals and malicious state actors. Air gapping is not a new concept. In fact, it’s something that’s often brought up in conversations with our partners and customers, especially now with the increase in the number of ransomware attacks in recent years. In our view, much can be done with regard to the backup strategy of organizations and ensuring that backups are protected as much as possible against all manner of threats.

What is an Air Gap?

An air gap is a technical configuration of the backup environment where backup data is stored offline and completely separate from the production environment. Because the data is stored in this way, it’s much harder for malicious parties to access the data remotely and sabotage or delete it. In the event of a serious ransomware attack, you would still have an uninfected back-up of your data.

How is Air-Gapped Backup Deployed?

There are two basic strategies for deploying air-gap backups: offline storage and air-gapped networks. Tape backup or removable media are examples of offline storage. This requires the removable media (typically tape) to be stored in a safe.

When it comes to tape, while it may be cheap, it presents a number of other questions around durability, safe storage and timely access of data on tape.

Traditional air gaps used tape media. Today, the cloud has emerged as an alternative.

However it is important that the architecture is designed in such a way that the data is stored in isolation. Air-gapped backups don’t address a situation where production environments become infected and then backed up. That is why backup retention should extend back in time sufficiently so that it’s possible to recover from a point in time when the environment was not yet infected.

Air-Gapped Backup with Carbonite

Carbonite™ Server provides a strategy to move data securely off-site. Data can be replicated off-site employing multiple levels of encryption (both in transit and at rest) and backup data is stored in an inert state in our cloud or an off-site location. Unlike tape-based solutions stored off-site, recovery time objectives can still be achieved when accessing the off-site backup copies.

Best Practice Recommendation

Every organization should consider air-gapped backup as part of their overall backup and recovery strategy. The air-gapped backup copy should be disconnected and inaccessible to the outside world and sit in a completely separate environment from the production environment.

Author

Aeiko van der Made

Aeiko van der Made has more than 10 years of experience specializing in cloud, infrastructures, security and business continuity. Working for MSPs most of his career Aeiko has successfully managed lots of challenging cloud and infrastructure projects. He brings a broad experience enabling him to resolve complex issues.