By Dr. Marc M. Batschkus

For small to medium-sized businesses, creating resilience against any cyberattacks, ransomware and network breaches is a challenge. Constant adjustments and costly protection methods are out of reach for most companies of this size. Network and security knowledge might also be limited. A cost-effective and straightforward method is needed to make the company’s data cyber-secure. In this article we outline a solution that fulfils all necessary criteria while being cost-effective and fully cyber-secure.

This article shows you how to:

  • Make your files cyber-secure
  • Build a Backup Strategy
  • Create a disaster recovery plan
  • Use LTO tape as Backup medium
  • Automate the Backup process
  • Document for business continuity

How to make files cyber-secure?

There is one storage medium that offers cybersecurity built-in. LTO tape is the lowest-cost defence against cyber threats, network attacks, ransomware and breaches.

The reason for this is that LTO tapes that are not in the drive are offline and secure from any online attack. This is also called air gap. Additionally, there is no known attack on tapes in an LTO drive.

LTO Tape is the most professional Backup and long-term Archive medium and offers a unique set of benefits and features:

  • LTO tapes can easily be moved and stored in a secure location remote from the office. This is important for disaster recovery (DR).
  • LTO tape offers a very high capacity of up to 30TB per cartridge (with LTO-10 native).
  • LTO tape has a very long shelf life of up to 30 years.
  • LTO tape offers high read/write speeds of up to 400MB/s.
  • LTO tape setups scale easily by just adding tapes.
  • With the LTFS format LTO tape offers a data exchange/transport standard for large file sets.
  • LTO tape is very economical and cost-effective starting at below 8USD/EUR per TB.
  • Only low power and no cooling needed during operation.
  • WORM tapes are available for writing once read many times.
  • No power needed for LTO tapes on the shelf (or in the vault).
Learn more about LTO as storage medium

Cyber resilience with Backup to LTO tape

Archiware P5 Backup supports LTO drives and libraries and scales from a single LTO desktop drive to large LTO libraries with multiple drives. An LTO Backup for a small or medium-sized business is easy to configure. With P5´s setup assistants a first Backup to LTO can be set up and running within minutes.

Before having a closer look at the details of Backup to LTO let´s take a step back and look at the difference between Backup and archive because it matters for the data selection.

How to build a professional Backup strategy

A solid professional Backup needs to fulfil several criteria.

What to include in the Backup?

The backup protects only the present and ongoing production. All completed projects and files from previous years should migrate and be kept in the archive.

Learn more about P5 Archive here

Everything that is important to run the business and production should be included in the Backup. Add up all relevant directories. This gives you the present size of the backup. Factor in a growth rate that you can estimate by watching the data growth over a month and multiply by 12 to get the estimated size of the full Backup in one year. There might be data that does not need to be backed up. In video and media production this can include temp files, render files, proxies and everything that is easily recreated or results from processing.

Having multiple copies of important files and on the right media provides maximum security.

To achieve this, there is the 3-2-1-1-0 Backup rule:

3 copies of each file
on 2 different media technologies (HD/SSD, HD/Cloud, HD/LTO)
with 1 stored offsite
1 stored offline and
0 errors at the restore test

Learn about more details in this article

Automatic security

For maximum reliability, it is necessary to automate as much as possible. Only an automatic Backup will provide a reliable data protection. P5 Backup offers a flexible scheduler to trigger Backup as often as required.

How often to run the backup?

There are complicated terms that specify relevant Backup values to look at. The maximum amount of files or work that a company can afford to lose in an incident with the Backup in place is called Recovery Point Objective or RPO. If the Backup runs once per day in the worst case the amount of work of one day can be lost if something goes wrong. The previous day is protected by the previous run of the Backup. How often you run the backup depends on the change rate of your data and the tolerance of your business in general. The Backup runs should avoid production time to avoid any impact on the actual production. The Backup should make use of times with less or no production taking place. After implementation, do a test run to see what real-world throughput and runtime you get and make adjustments to optimize the setup. 

Plan for recovery time

The time it takes to get everything back and running after an incident is called Recovery Time Objective or RTO. This includes all necessary steps like restoring necessary systems, restoring files and resuming business operation. The process is called disaster recovery (DR) and depends heavily on a good documentation and preparation of necessary steps.

Special case: For time-critical storage and setups a cloning or fail-over solution might be the best solution. The primary storage is cloned to a secondary storage that can take over the production load if something goes wrong. There is no tolerance for a restore and thus no LTO option.

P5 Synchronize offers exactly this.

Documentation and the disaster recovery plan

Things might go wrong at any time. The absence of the person who configured the Backup should be anticipated.

This is the reason documentation of the complete Backup and restore process is so important. A simple but complete documentation of all steps needed is essential. Make it available to all involved. Create a step-by-step documentation of how to restore files. For bigger incidents network and server settings, credentials of services etc. might be important. Deadline pressure and people working late increase the chance of mishaps. The documentation allows to perform a restore at any time so that everyone can get their files back whenever needed and independent of a specific person.

Once the Backup process is deployed and runs it is crucial to regularly test the restore. This ensures that all parts of the Backup workflow work together as intended and that files are accessible when needed.

To learn more details about Backup please refer to this article

Checklist

  • Automate the Backup
  • Avoid production hours for Backup
  • Document the restore process step-by-step
  • Run a full test of Backup and restore before deployment
  • Follow the 3-2-1-1-0 rule
  • Regularly test restore to ensure operability

The NAS a cost-effective Backup server

NAS systems can be extremely capable and offer lower cost than dedicated servers. A NAS system as a Backup server is an option. Archiware P5 is available in the QNAP and Synology App Centers and installs directly on the NAS. P5 Backup can back up data to LTO from the NAS. This serves the cost for a dedicated server, OS license and maintenance.

Summary

With its built-in air gap feature LTO tape is the perfect medium to store files in a cyber-secure way. P5 Backup automates the Backup process. The one-time investment for an LTO drive or library plus the software to run the Backup is small compared to the constant investment for adjusting security measures and/or paying services to do that and the risk of losing critical data and business operation. The Backup to LTO offers additionally the benefit of a robust disaster recovery process that can guarantee business continuity.

6 Easy Steps to Make Your Company’s Files Cyber-Secure
Tagged on:                         
en_US
de_DE en_US