What's the Best Ransomware Backup Solution: Disk or Tape? (esecurityplanet.com) 165
Slashdot reader storagedude writes: With the release of LTO-9, just about every tape vendor has pushed its wares as a solution to the ransomware problem. After all, is there any backup technology that's more air-gapped?
Tape IS great for backup — just not so much for recovery. Writing for eSecurity Planet, [CTO of Seagate Government Solutions] Henry Newman notes that not only is disk about 80% cheaper than LTO tape, but even an entry-level RAID card can restore data 6 times faster than tape. "Backup is not about backing up the data, but the time it takes to restore that data to meet your business requirements," writes Newman. "Tape drives are not striped, but disks generally are put into stripe groups," he writes. "With RAID controllers and/or software RAID methods, you can easily get many 10s of GB/sec of bandwidth to restore data from a single set of SAS connections. Doing that with tape is very expensive and requires architectural planning. So the bottom line is you can surely backup to tape and it is cost effective – for backup, that is. If you actually need to restore that data quickly, you have my best wishes."
Tape may have a better bit error rate than disk, but disk can be architected in a way that removes that reliability advantage, he notes. "Tape vendors often state that the BER (bit error rate) of tape is far better than disk, which is 100% true, but you can make up for tape's advantage with RAID methods that check the reliability of your data and ensure that what you wrote is what you read. This has been the case with RAID since the early 1990s, with parity check on read to validate the data. With other ANSI standard techniques – which sadly are not used often enough – such as T10 PI/DIX you can achieve data integrity on a single device equal to or greater than tape. The net-net here is disk is far faster than tape, as there is native striping that has been in use at least since the 1980s with RAID methods, and disk can achieve equal data integrity to tape."
"The most often overlooked part of data backup is the recovery part – the longer it takes to restore your data, the more damage it can do to your business," Newman writes. He concludes: "Yes, tape can be air gapped but so can disk. Does tape provide better protection against ransomware? Likely, but is it so much slower than disk that you can turn off your system and turn on when you need to. Does having slower restoration make tape a better defense against a ransomware attack? As far as I can see, the marketing claims made by tape vendors do not hold up to a rigorous engineering analysis. If you want to use tape, that is your choice and there might be good reasons, but disk-based backups can be air gapped just like tape, for lower cost and with a much faster recovery time. Why tape vendors are making claims such as this, I will leave it to readers to speculate."
But Slashdot reader BAReFO0t takes the "tape" side of the argument. "Being slower does not equal it not working as a solution at all," they argue in a comment on the original submission — adding "Also, it's not even slower, since tape can just as easily be made into a RAID. You can flood ANY bus if you just use enough mirrors, no matter the medium."
And a follow-up comment also defended tapes. "If tape meets the service level agreement and provides a reasonable risk mitigation from ransomware, then it's still a perfectly viable solution regardless of certain performance limitations. LTO development would have likely died long ago otherwise."
But what do other Slashdot readers think? Share your own experiences and opinions in the comments. What offers a better ransomware backup solution: disk or tape?
Tape IS great for backup — just not so much for recovery. Writing for eSecurity Planet, [CTO of Seagate Government Solutions] Henry Newman notes that not only is disk about 80% cheaper than LTO tape, but even an entry-level RAID card can restore data 6 times faster than tape. "Backup is not about backing up the data, but the time it takes to restore that data to meet your business requirements," writes Newman. "Tape drives are not striped, but disks generally are put into stripe groups," he writes. "With RAID controllers and/or software RAID methods, you can easily get many 10s of GB/sec of bandwidth to restore data from a single set of SAS connections. Doing that with tape is very expensive and requires architectural planning. So the bottom line is you can surely backup to tape and it is cost effective – for backup, that is. If you actually need to restore that data quickly, you have my best wishes."
Tape may have a better bit error rate than disk, but disk can be architected in a way that removes that reliability advantage, he notes. "Tape vendors often state that the BER (bit error rate) of tape is far better than disk, which is 100% true, but you can make up for tape's advantage with RAID methods that check the reliability of your data and ensure that what you wrote is what you read. This has been the case with RAID since the early 1990s, with parity check on read to validate the data. With other ANSI standard techniques – which sadly are not used often enough – such as T10 PI/DIX you can achieve data integrity on a single device equal to or greater than tape. The net-net here is disk is far faster than tape, as there is native striping that has been in use at least since the 1980s with RAID methods, and disk can achieve equal data integrity to tape."
"The most often overlooked part of data backup is the recovery part – the longer it takes to restore your data, the more damage it can do to your business," Newman writes. He concludes: "Yes, tape can be air gapped but so can disk. Does tape provide better protection against ransomware? Likely, but is it so much slower than disk that you can turn off your system and turn on when you need to. Does having slower restoration make tape a better defense against a ransomware attack? As far as I can see, the marketing claims made by tape vendors do not hold up to a rigorous engineering analysis. If you want to use tape, that is your choice and there might be good reasons, but disk-based backups can be air gapped just like tape, for lower cost and with a much faster recovery time. Why tape vendors are making claims such as this, I will leave it to readers to speculate."
But Slashdot reader BAReFO0t takes the "tape" side of the argument. "Being slower does not equal it not working as a solution at all," they argue in a comment on the original submission — adding "Also, it's not even slower, since tape can just as easily be made into a RAID. You can flood ANY bus if you just use enough mirrors, no matter the medium."
And a follow-up comment also defended tapes. "If tape meets the service level agreement and provides a reasonable risk mitigation from ransomware, then it's still a perfectly viable solution regardless of certain performance limitations. LTO development would have likely died long ago otherwise."
But what do other Slashdot readers think? Share your own experiences and opinions in the comments. What offers a better ransomware backup solution: disk or tape?
floppy disk backup (Score:5, Funny)
Re:floppy disk backup (Score:5, Interesting)
https://atariprojects.org/2019... [atariprojects.org]
Re: floppy disk backup (Score:3)
Re: floppy disk backup (Score:5, Insightful)
Offline media takes too long to backup and restore.
Online media is vulnerable to anyone who gets root. No workarounds for that.
Keep both and you are good, but if you choose only online you are an accident waiting to happen.
Re: (Score:2)
That works so long as the attackers don't get access to the storage devices, so you have to be vigilant about their management.
In most companies the storage is managed from the same domain, and if not directly domain joined itself then a domain joined workstation will be used to administer it. That might be enough to confuse automated ransomware, but someone who knows what they're doing will still break such a system.
Re: (Score:2)
I have to side more on the offline media as a backup, but, B U T, the risk is largely dependent on how much you want to invest. Tape is ridiculously expensive compared to disk, and has a low reliability (tapes can be used a maximum of 200 times, drives cost as much as entire servers.) Where as hard drives can be rotated out, or file servers can be kept in multiple locations and delta-backed up. Like under certain math, it's just as efficient to backup to USB flash drives as it is to backup to tape once you
Re: (Score:2)
For $10k I can have a 100TB of raid-backed spinning disk in a modest server plus a set of 16TB external drives for rotating offline storage of critical backups on the off chance that ransomware manages to contaminate the backup server.
And when I go to restore from the disks two years later, I won't have to worry about finding a compatible tape drive and the right version of the software because the files will be saved on a standard filesystem that's been used for decades in .tar.gz format that's been used e
Re: (Score:2)
I wouldn't say that is the best, but it provides an excellent front-end defense. Snapshots are not backups, but I have used snapshots in order to recover from ransomware damage.
The best is defense in depth. You have snapshots first, then you have solid backups that go to a backup array separate from everything else, then to tape, and the tapes moved offsite, or to a cloud provider with object locking.
Re: (Score:3)
A snapshot by itself isn't a backup. A snapshot followed by a "zfs send" to a remote system is a backup. It's a single short command to take a snapshot, and a single short command to send the incremental snapshot to a remote system. You don't even need to send every snapshot. If you've got an automated job on the file server taking hourly snapshots, and you want to just send one nightly incremental backup. There's a commandline switch for sending all intervening snapshots, or a different commandline switch
Re: (Score:3)
You don't even need to mount the snapshots, they're accessible from the invisible.zfs directory (not hidden, invisible, you can cd into it but it won't show up in "ls" or "find"). There's a snapshot directory in there with all your snapshots. Read-only, of course.
Re: (Score:2)
If you're like me you don't want to fuck around. I got the best quad density floppies and a IEEE interface for my 64, then I bought not one, but two SFD-1001 1 megabyte drives by mail order.
All my GEOS documents are safely backed up and stored in a secret location.
Re: (Score:2)
Re: (Score:3)
Re: (Score:2)
Paper Tape or Punch Cards (Score:2)
Re: (Score:2)
Once again... (Score:5, Informative)
It depends on the circumstances, the amount of data, how fast you need your shit back in play, etc, etc. Honestly, the arguments around this kind of thing are kinda dumb. The only proper solution is to sit down and think about this for a bit:
Do you need air-gapped backups? (I don't know who doesn't, but...if all your data is ephemeral and easily re-created, perhaps your response to ransomware would be to just burn the whole network down and start over).
How much data does that have to be?
How often do the off-line backups have to update?
How many off-line copies do you need?
How much money do you have to spend on this?
Now, what technologies can do all that? Pick one and roll with it.
For me, we only have a few TB of data, so a set of 5 TB spinning drives where we swap one into an enclosure once a week and replicate our latest backups onto it is FINE, and CHEAP. And if we have to recover, it's not the fastest thing in the world, but it'll get everything back in play in a few hours. But we're small fry, so that's OK.
The important point is to THINK ABOUT WHAT YOU ARE DOING. Also, remember that the vendors LIE.
Re: (Score:3)
Arguably, you are best off structuring your backups to use both— high priority data kept with live backups, low priority data on tape. It requires you to manage your data though, which can be time consuming.
We look at it as mainly how quickly most employees can be productive again. Accounting has two days, production has 4 hours, management has 7 days. In reality, we are closer to 24 hours for production, but they could have limited functionality on specific projects faster.
What I am not quite sure ab
Re: (Score:2)
Re: Once again... (Score:3)
backup/restore for the need to replace files accidentally deleted, or damaged by am enduser. This can be done by any manner of design from traditional backups to change control revisions such as SVN or sharepoint.
Disaster recovery. This is a special restore that provides the need for a bare metal restore of a system to write the entire save back out to a machine from a given time it was taken
archival. Long term stora
Physical medium doesn't matter (Score:5, Insightful)
If you can't get past step A, restore speed is the least of your problems. You can spend the hardware savings on your bitcoin ransom.
Re: (Score:2)
You take a computer and you don't have it connected via tcp/ip.
You can use high speed eathernet without TCP/IP.
Heck setup a Cron job to disable TCP/ip after you got the backups and start them when you ready to get them again.
Comment removed (Score:5, Interesting)
Re: (Score:2)
Problem with tape is expensive hardware, even if the tapes are cheap (not usually).
Re: (Score:3)
LTO-9 tape is not widely sold yet, but it looks like it will probably start out between $150-200 for 18 TB, compared to $390+ for a spinning disk. (LTO-8 might be a better predictor of long-term price per TB: it's about $6/TB for 12 TB uncompressed capacity, which is half or less what you can get with any HDD.)
More broadly, tapes are generally superior for long-term storage. They're less vulnerable to shock and vibration, and take less physical space. You can get 400 MB/sec transfer rates with LTO-9, whi
Re: (Score:2)
When I had to upgrade tape hardware, it wasn't the latest LTO,we have set on. It turned, tape drive tech was very dynamic in development, with most recent capabilities too expensive and too good to satisfy our needs. Therefore, several years ago we have stopped at the LTO-5 sweet point.
If restoration time is critical, this has to be accounted, otherwise to realize you got to resort to backup and retrieve your thing within the same day is very reasonable for us. Tape produces very handy compact units of snap
Neither - Snapshots... (Score:2)
If you want to protect against ransomware, use something like ZFS where you can take snapshots on a regular interval. Take 1 every 15 minutes and hold onto them for a month. Should ransomware infect your system, you can recover the encrypted files as required. The files might have been encrypted over the course of a long period of time. Rolling back to a static snapshot is not ideal. With snapshots you can recover different parts of your file system as required so it is the ideal way of recovering fro
Comment removed (Score:5, Insightful)
Re: (Score:2)
> There is no reason why ransomware couldn't remove or encrypt any snapshots you have.
Really, because I would like to know how? If users are accessing data over the data protocol - CIFs/NFS/i/ISCSI and THEY don't have access to manipulate snapshots, how does this crypto virus access the management layer to delete snapshots? Because now you're out of the realm of crypto virus and talking about some coordinated attack. What next, there's a crypto virus that infects the thermostat of the tape storage fa
Re: (Score:2)
Re: (Score:3)
Not really. The OP was about ransomware. Their answer (ZFS) fits perfectly for all the common/known attack vectors of typical ransomware.
If such an attack were to manipulate your snapshots, you're in a completely different threat scenario where tape spaghetti would be just as realistic.
The original question was: "What's the Best Ransomware Backup Solution: Disk or Tape?" The answer is neither - on their own.
The discussion that follows is about RTO - which is another word for availability and performance. In
Re: (Score:2)
You don't even need cracker. If you keep your backup in the same plane, you keep original data, issues are more likely. Backup to different media, have different enough location for at least some of the backup instances, keep the air gap. Tapes are very convenient to juggle this.
If your restore time is the critical part - engineer your backup solution that way, too.
Re: (Score:2)
No he hasn't moved the goalposts. Snapshots are not a file on some filesystem that is readily accessible to user space. In any way a user interacts with their PC filesystem snapshots aren't directly exposed to the user.
Your ransomware would need to be highly specific and targeted in nature to mess with past snapshots. It's not beyond the realm of possibilities, the ransomware could specifically enumerate ZFS snapshots and purge them, but then nothing really is safe when it comes to targeted attacks, as an I
Re: (Score:2)
Perhaps you did not grasp where the goal post actually was/is in the first place.
Ransom ware can not access/delete snapshots
virus over rides the cpu heat fuse and burns the r (Score:2)
virus over rides the cpu heat fuse and burns the rack down setting the fire sprinkler system off.
Re: Neither - Snapshots... (Score:2)
Ransomware is based on security vulnerabilities. Assume it can get full administrative access. If you have disk drives connected to the system then assume they can be wiped. The same is true of tape robots. Disconnect some disks or remove some tapes, enough to do a full restore, or assume you could be caught by ransomware.
Re: (Score:2)
User vulnerabilities might be the first vector, then combined with other vulnerabilities to gain elevated access.
Most organisations try to protect their border, but do little or nothing to protect against an insider attack. Compromise a single user first via phishing and you've bypassed the border controls.
Re: (Score:2)
That's why you would use something like rsnapshot and have the archives on an external server, with only the ability to append new files without deleting or modifying the contents already there, bar a specific user with those rights that would need to log on at the console.
Such a thing is easy to configure with any of the MAC/RBAC addons for Linux,
Re: (Score:2)
> Take 1 every 15 minutes and hold onto them for a month.
You can get the same 15 minute RPO with tape. Sure it may about 4 hours to fully backup to tape, but that just means you have 4*4=16 concurrent backup jobs.
Now you may be thinking to yourself, that isn't possible. But you just need to think outside the box -- 16 tape drives and 672 tapes minimum!
Re: (Score:2)
I have a ZFS system that can contact other machines but needs physical access to admin. It rsyncs the NAS to its internal ZFS RAID 10 with snapshots. Half of the disks are internal and half are in removable caddies. When the disks are moved offsite, I zfs split, take half of the disks out for offsite. I put the replacements in and do zfs replace. The result is I have quick replacement of accidentally deleted files, zfs snapshots that gives me historical access, off site backups that I can restore from.
tapes (Score:2)
I say tape as long as you:
1. Rotate and keep a few versions back
2. Ensure the on-line backup in progress when the ransom-ware hits is not used.
3. keep close track of when your incremental backups were created
Re: (Score:2, Insightful)
4. Periodically restore files and systems to test backups to make sure they are working
Fast, Cheap, Reliable (Score:5, Insightful)
Pick two
Alternate Title: Disk Maker Shill Sniffing Glue (Score:5, Funny)
"Backup is not about backing up the data..." writes Newman.
WTF? Get this man detoxed and into a 12 step program.
Re: (Score:2)
My reading is that there's a "just" missing in the sentence.
Meaning, a proper backup system at an enterprise isn't just the matter of dumping the data somewhere, but actually ensuring you fulfill all the relevant business requirements. If you're backing up petabytes worth of data, and it takes you two weeks to restore your petabyte-sized backup, then you have a very serious problem on your hands, and the fact that LTO media is cheaper than disk isn't going to make anybody happy if it comes down to needing s
Re:Alternate Title: Disk Maker Shill Sniffing Glue (Score:5, Informative)
It's poorly worded, but I get the concept.
Put another way: nobody wants a backup. What they want is a working restore.
That's why regularly testing an actual restore process is vital. Far too many stories of people religiously doing backups for years, only to discover in a disaster that what they had couldn't be used for a working restore.
Re: (Score:2)
And now if you rethink for a while how your very restore ability could go off... Scary, but worth it.
Clear Choice (Score:2)
It's a clear choice, you can't beat the RTO of tape. /s
My thoughts.... (Score:3)
Tape has one advantage, it's typically air gaped and not even in the tape drive. They are also quite small and lightweight and easy to send offsite.
Disks are typically hot and networked continuously. Any vulnerability in the disk system and it could go down with the ransomware too. Yes there are systems that can air gap the disks. Disks can be sent offsite but if it's a raid system to compensate for the reliability it takes far more weight and space and the entire raid system has to be moved off site. Again there are solutions to this but again it comes at a cost.
Tapes not great but it's ability to air gap and go offsite to secure storage easily and cheaply shouldn't be underestimated. Tape also tends to come in nice turn key systems that are quite expensive but have tremendous reliability. A lot of people forget to think about the what happens if the building burns down and how you recover from it.
Re: (Score:3)
Re: (Score:3)
Do you have control over your cloud? Is it illusion?
Re: (Score:2)
The cloud is the easiest and cheapest way of sending your data to evil-doers. That is what Gmail and Windows are made for.
I think it was about 20 years ago I heard of RAIT - redundant array of inexpensive tapes. If you are a small organisation, you can have a dual tape drive (per rack if necessary) one live, one standby, and send your snapshots to them. Every night at closing time, you rewoffl the inactive tape, and remove it and take it out of the building+, replacing
Re: (Score:2)
Any vulnerability in the disk system and it could go down with the ransomware too.
Most ransomware is not very sophisticated. It will spread over Windows shares that it has write access to, but not for example SSH tunnels used by rsync. Therefore even if you have an on-line disk array, if it is only accessible through a single interface that only supports a limited set of functions, it's pretty safe.
Alternatively you can just have two identically configured storage arrays and simply swap the ethernet cable between them when needed.
It depends (Score:2)
Really the only decision point is how much "data" you need to restore.
I've spent days restoring entire systems, minutes restoring individual files.
On a multi-gig network setup you can reap a ton of data in little to no time.
Redundancy, regardless of medium. (Score:5, Informative)
We offer two solutions to our client's: 1) hardware based backup with a local NAS and cloud storage and 2) software based backup running on a server or workstation and saving to a local disk and the cloud. The hardware backup is much more spendy but has the ability to spin up a VM of your servers locally to reduce downtime while the originals are restored (from a catastrophic RAID failure for example). The software backup is better for smaller operations or ones that are more, ah, cost adverse. We only use tape for clients that have really huge archives of old crap they almost never need access to.
Re: (Score:3)
But wouldn't the clouds be gone after all that heavy rain?
(Sorry, I'll see myself out.)
Disk or Tape . . . or . . . ? (Score:3)
Ransomware aficionados will fanatically preach to you that backups sound best on Vinyl.
. . . with tube powered computers, of course. The backup distortion sounds more like a live ransomware performance.
Disks are generally better for most (Score:2)
Tape hardware is generally very expensive from the tape to even the drive itself. I find hard drives as the cheaper and faster backup medium for the most part. Tape is more durable if you plan on keeping your backup for years and you're not as careful with it as you should be. (ie. You tend to drop things.) I know a lot of organizations stubbornly keep to their existing backup methods because a lot of places don't like change but really one should always be willing to try new things especially if they wo
Re: (Score:2)
If you need near-instant restore, disk arrangement may be your answer. Also use tapes, as this will make the whole backup concept work out better.
Pelican case limit (Score:2)
The day you need tape, it's because you have enough data every single day to warrant tape usage. Hardware compression, efficiency, easy to bring to a vault.
HDDs are awesome, but if you need more than you can put in a Pelican case every single day, go for tape. If you need more than a few tapes, consider an auto-loader.
FWIW, performance (to a certain extent) should not be considered in the equation. This is really a last resort. You should have resilient data on your live drives, you should have a 2nd off-si
Disk vs Tape cost (Score:2)
The "disks are 80% cheaper than tape" is a very suspect figure. For enterprise solutions (lots of data and a requirement for multiple versions), tape comes out way cheaper than disk. The actual cost effectiveness depends very much on the business requirements.
The given scenario in the analysis does not take into account a number of factors involved in total cost of ownership including data center power, rack space, cooling costs, and disk reliability issues. Basically it is an analysis designed to giv
Stripe your tapes. (Score:2)
There is no reason you cannot stripe tape drives to be faster. It'll never be as fast as striped HDD or SSD but you either pay $$$ or you don't get the speed. It's that simple.
"Yes" (Score:2)
Each has its uses. RAID is vulnerable to a particular tendency: that of people mounting the disks with write access for each file recovery, and getting their backups ruined by the ransomware.
I mean... (Score:3)
Neither is going to really do you a lot of good if the ransomware was on the system for a while, just silently counting down before making demands. Most of your backups are likely going to be infected as well and you'll lose a lot of data trying to find a backup that isn't infected. And if you're not careful, you could infect your clean backup.
Re: (Score:2)
I agree ... the question is wrong in this respect.
Ransomware is not about making a backup. It is about how to avoid it, how to detect it and how to store what is healthy. Because a backup from a "dirty" source is as useless as not having a backup.
The real answer is storage technology agnostic. The right practices, the right physical network partitioning, the right access controls, together with carefully verified backups in ... whatever.
If, as an user, you are capable to introduce malware producin
Unless you’ve done an actual test restore (Score:4, Insightful)
I couldn’t care less about your opinion on this, no matter how well you think you know the theoretical pluses and minuses of each option.
Both are likely shades of wrong (Score:2)
I suspect the reality is that cryptolockers for tapes are coming slower because tape drivers and access are a bit exotic. If you had a driver or a backup program infiltrated for your tape library, you could potentially be writing crypolocked tape backups for months without realising. Often basic resto
Get a managed database (Score:2)
Re: (Score:3)
It's not easy to know which of those people who have a job to protect your data are actually competent.
Re: (Score:2)
best approach is multi pronged (Score:2)
First, security training, drills, testing etc. bad users can defeat even the best security.
proper security practises, Zero trust, segmentation, least privilege etc to minimise damage of a successul attack
Versioning file systems or document management systems to limit impact and speed recovery.
offline backups (e.g. tapes) as a last resort DR. You hope never to need to get to this stage if everything else is done right, but it sh
Been a while (Score:2)
Re: (Score:2)
do a restore for me
Speaking for myself, I haven't lost my mind. It's backed up on tape somewhere.
Online/Offline Disk/Tape (Score:2)
Disk and tape are just the mediums being used to store the backups. They each have attributes that make them better suited for specific use cases: write speed, read speed, transportability, unpowered shelf life, data density, etc.
However, if the measure of this discussion is about 'ransomware survivability', then what you're really looking for are two things:
- "offline-ness", to prevent the ransomware from being able to actively penetrate the backup medium (you can't encrypt hard disks or tap
Speed is not the biggest challenge in ransomware (Score:2)
Veeam (Score:2)
Veeam Immutable Backups using a linux hardened server. Use is & test restores.
One-way, offsite snapshotted backup (Score:2)
The important bit is that the remote machine has access to the main machine via SSH keys, but not the other way around, so the main machine can't damage the backups if it gets compromised.
But any remote backup service that supports snapshots should be fine. I also like Crashplan for this. But a remote dedic
Why not disk AND tape? (Score:2)
I have several NASs in my house and back up to the NAS. Once done, it fires off an API call to the LTO4 tape juke box to start the backup.
HDDs are (Score:2)
Tape (Score:3)
Tape allows you to set up off-site rotation, enact retention policies, and has indefinitely expandable capacity. Removable hard drives might also be made to work like this, but do any backup vendors actually enable this? Also, a 16TB hard drive is going to cost much more than a 16TB tape. Finally, a hard drive is a mechanical device with motorized internal parts that can fail. Tapes are passive devices with no internal electronics or motorized parts, and will last much longer on a shelf than a hard drive.
If all you are worried about is restoring some files or folders that a user accidentally deleted, then online or hard drive backups might be faster or more convenient than tape. But if you are worried about disaster recovery (fire, flood, ransomware), tape is hard to beat. And if you need to retain electronic records for five or more years for legal reasons, online backups would be very risky. Will your vendor be around in five years?
I ran IT for ten years in a small to medium enterprise. In all that time, I was never unable to restore requested data from tape. Sometimes it took a day to get the (expedited) tape back from the offsite storage vendor, but I never failed to read a tape. This was back in the good old LTO3-to-LTO5 days. I'm sure LTO8 and LTO9 would prove just as reliable.
I've moved back to software development and my current employer uses a popular online backup vendor. We can't afford to buy a large enough on-site device to back up all our servers, our storage needs would swamp any Internet-based backup, retention is just until the next backup runs, and backups are never rotated offsite. Such a deal! It's a disaster waiting to happen. I don't have access to a tape drive, so I keep all my stuff backed up to two alternating USB hard drives. It's not perfect, but at least they are unlikely to both get ransomware encrypted at the same time.
Every media has good and bad... (Score:2)
Disk, tape, cloud, optical, paper, stone tablets, and such are different types of media. All have advantages, all have shortcomings.
HDDs seem like a good way to back up data, because they are fast, do not require a drive or node, are relatively inexpensive, and hold a lot of data. Problem is that HDDs are not archival grade, and very delicate. A temperature or pressure change, or a drop can immediately kill all data on a HDD. With the latest helium HDDs, this only gets worse, because the tiny atoms in h
Both (Score:2)
Clearly the answer is both. Disk is your first line of defence. Tape is your "if all else fails" solution.
For companies, tape. For sure. (Score:2)
But for us plebs, tape is too expensive. So, 3 HDDs, 1 offsite, two on site, alternating, every week you bring the off-site onsite and take one of the onsites off-site.
Make sure that your backup solution puts the disk offline after the backup, and have some sort of protection so that ransomware can not encrypt the disk while is being used for backup
Re: (Score:2)
In that case, you might want to employ someone who did maths in school.
A tape drive costs less than a week's pay for an executive who will surely be fired if the ransomeware hits the fan. "It Could Be You!"
It all depends... (Score:2)
Tape is still cheaper per unit of storage than disk, and the latest generation LTO tapes are very fast for streaming data.
Tape however has a far higher barrier to entry - you need to buy a tape drive, or a tape library, and backup software. With hard drives, on the other hand, you can just plug one in and start copying.
For amounts of data from single-digit TBs up to around 50 TB or so, disk will be cheaper and more convenient.
Once you're storing 100s of TBs however the lower cost per TB of tape will offset
Re: (Score:2)
You need to have old clean copies and updates (Score:2)
Rotating weekly backups are nice, unless you have a hidden flaw corrupting your data, whether intentional or not. If it exists undetected long enough to get through your rotation, you have nothing but corrupted/infected data. You should have clean copies of your system, and incrementals. If all goes to heck, you can at least start somewhere you know is truly clean.
I used to work for a place that did tape and disk backups, but also used a paper form of backup. Sure it is wasteful, but never gets over-wri
Either will work, however (Score:2)
RAID is not a backup! (Score:2)
It's 2021, and we still have to remind people that RAID is not a backup?!
Every time someone tells me tape is obsolete, and I should just use disks or The Cloud! to do backups, I ask how they intend to make offline backups of up to 3PB of data (it's about 1/3 that used currently, but increasing year on year, and I expect we'll top out in a few) that is currently air-gapped, with an off-site requirement. In terms of rack space, power, and cooling, we can't expand anymore. Tape (mix of LTO-5/6/7/8, currently)
Re: (Score:2)
It's 2021, and we still have to remind people that RAID is not a backup?!
Apparently. People still do not get it.
Re: (Score:2)
Job security for me, I guess. And a continued customer for $alcoholvendorofchoice...
Wrong question (Score:3)
It needs to be either offline or reliably WORM (Write Once Read Many). The first can be done with disk and tape, depending on cost, volume, etc., the second one can _also_ be done with disk or tape. WORM tapes actually exist.
For WORM, the cheapest way is to script it yourself: Linux or FreeBSD box, sftp/NFS/samba for writing, demon on the machine that sets files to a different user and read-only for the writing access when the file gets closed. (Can probably set before as open file should remain writable, but I have not tested this yet.) Can probably be done with a day of work or so by somebody that really knows what they are doing. The machine needs to be hardened and have its own secure ssh login with passwords, as cert-based login is at risk of being exploited. Login only via the console of the machine itself or a dedicated other system that is nailed shut as well. You can also buy something like this as (virtual) appliance from several backup software companies. Next tier is WORM storage in a cloud somewhere. There exists offerings below "revision proof" that are cheaper. Then you can try WORM tape. Then revision proof storage.
I did check just recently for WORM filesystem options on Linux, but it seems you have to script this yourself. I did not find any filesystem that offers this by itself. If somebody knows something that can do this directly, a link would be appreciated.
Another issue (Score:3)
You have no idea how many companies I've talked to that kept rotating the same 6 or less tapes, or even a single tape, and now that something went bits up and they need to restore from backup, they find out the data on the tape is trashed. (Far too many over the years of doing tech support.)
Re: (Score:2)
Keep any data you care about... (Score:2)
In more than one place.
If you absolutely must work with data on your local machine, back it up to the server regularly. Preferably, script rsync by cron or robocopy by task scheduler. But if not, the answer to "how often should i back up" is "how much work am i willing to redo". Onedrive might have snapshots you can roll back, but i've never administered only used it, so i don't know. Religious battles aside MS are pretty good if enterprisey so i would guess you can roll back; just check it out before
I have an answer that beats you all (Score:2)
Misleading Question (Score:2)
You simply can't isolate "ransomware response" capabilities from all the other business goals that your data backup and restore performance needs to meet. You're going to need to think about this holistically, mainly because you don't want your "anti-ransomware" strategy to break your business processes. There are a bunch of mitigating strategies that you can and should take, however...
- Rather t
WORM (Score:2)
Point all your workstations to a server via Windows Backup or Apple Time Machine, then run incremental backups to BluRay.
Servers, you probably need to use something a little more professional such as Veeam or similar. But avoid tape or disk because otherwise you have to be responsible about removing the tapes from the jukebox or someone could eventually find a w
You should allways have at *least* two. (Score:2)
The media (tape or disk) is irrelevant.
You should have at least two back-up solutions.
If you have only two, one should be off-site.
If you have more than two, you could ge for on-line (snapshots), archived backup on a removable media, and rotate the off-line backup off-site.
Re: (Score:3)
Think this is described as tape for archive, disk for backup. The two are not the same. Backup should be seen as a DR site, whilst archive should be seen as something you go to for historical records. Backup should be closer to "current".
Both should be pulled and not pushed to avoid traversing an estate via the backup/archive system.