Well-known and reliable: tape libraries are still one of the safest solutions for protecting and restoring data. Ransomware in particular cannot access this data because it cannot be physically accessed: an unhackable data vault.
“Tape libraries have been experiencing a renaissance for some time now. Once relegated to obsolescence, tape now offers very high and, above all, cost-effective capacity for cold or archival data. What is less known is that tape is also one of the most secure storage solutions for backing up and restoring data. Basically, tape has the advantage over other storage media, such as HDDs or SDDs, in that it is relatively easy to physically take them offline.” says Ines Wolf from Quantum.
Tape libraries are experiencing a renaissance
This is a real advantage in times of advanced ransomware, which is increasingly targeting backup data. Modern tape libraries take advantage of this advantage and also offer numerous other advanced security functions to prevent ransomware and be able to restore data in any case. These include offline partitions within a library, multi-factor authentication, data immutability, military-grade encryption or proactive monitoring and diagnostics of the tape library hardware and the data stored on the tapes.
With these advanced features, companies can use their tape library as insurance instead of negotiating with hackers. To make this possible, companies should ensure that the tape library they choose has these five advanced security features.
Offline partitions against ransomware
Ines Wolf, Quantum, Manager Presales Central Europe (Image: Quantum).
The inherent feature of tape storage is that it can be taken offline quite easily. Such an “air gap” can create a completely offline data vault within a tape library using special software with logical tape blocking. Such an offline partition provides a demarcated zone where tapes cannot be attacked by ransomware. This vault function is automated via the library's management software and therefore requires no manual handling of the tapes or their physical transport. This also reduces the risk of loss or damage.
Another patent-pending function, called “Ransom Block”, goes one step further and also secures the software used. Because every software can have vulnerabilities. Ransom Block completely eliminates this possibility by creating a physical air gap as an additional layer of security, where the robot can still scan the barcodes on the tapes for an inventory, but it cannot grab the tapes and thus not into the drives transport. This air gap is active until a person physically pushes the magazine back into the library. The majority of tape libraries on the market do not have this feature.
Data immutability for data integrity
Extended Data Life Management (EDLM) can ensure that data is unchanged and remains readable through automatic integrity checks. This function must be part of a modern data backup strategy - and also helps enormously with reporting and auditing. Advanced Reporting's detailed reports can help you balance system resources, improve security, and optimize budget and planning. When automated, this saves a lot of time and effort.
Multifactor authentication provides an additional layer of security
Multi-factor authentication allows you to protect a tape library's administrator account with an additional layer of security through a time-based one-time password. Only with this additional password can you gain remote access to the management interface and operate in the web GUI.
Encryption Manager increases and simplifies encryption
Using an external “key manager” can automate and simplify the management of encryption keys, thereby reducing the risk of data manipulation and loss. Such a FIPS-validated solution offers the highest level of security. Many systems today use military-grade AES 256-bit encryption.
Proactive library monitoring and diagnostics
Proactive monitoring and diagnostics ensure that the entire system functions smoothly and possible failures can be detected early. Thanks to cloud-based analysis functions, you can not only gain insight into the system in real time, but you also get a predictive problem-solving tool.
Modern tape libraries are not only safe, but also sustainable
Modern tape libraries prevent emergencies, such as a successful ransomware attack, and guarantee data recovery. In addition, modern tape storage can solve numerous infrastructure challenges, including making IT solutions more sustainable. Tape as a storage layer can also reduce energy consumption, carbon emissions and IT infrastructure disposal costs when it replaces power-hungry, constantly rotating HDDs used for less active data.
In order to get both sides of this coin, companies should pay close attention to whether it offers the most modern data security functions before purchasing a tape library. This means modern software features for easy automated management, robust air-gapping, multi-factor authentication, proactive monitoring and diagnostics, and an encryption manager. With such a tape library, you save on storage of cold and backup data, simplify management and achieve the best possible level of data security.
More at Quantum.com
About Quantum
Quantum technology, software and services provide the solutions businesses need today to make video and other unstructured data smarter - so data works for users, not the other way around. With more than 40 years of innovation, Quantum's end-to-end platform is uniquely equipped to orchestrate, protect and enrich data across its entire lifecycle, driving greater intelligence and actionable insights.