According to Oxford dictionary, Air gap in relation to computing ecosystems is defined as: an absence of a direct or indirect connection between a computer and the internet, effected for security reasons. In relation to storage, this means that the storage will be taken off-line from any direct or indirect connectivity for a period. If the storage is not accessible it is obvious that the storage should not be powered up, what is obvious about this? Why consume energy and resources on data that has inherently high times to respond, all of which has a high cost over time.
Recently, an industry peer published an opinion exclaiming that HDD should be considered as the best choice for Air gap protection of data, possibly better than tape. Have you ever taken a regular hard drive and set it on the shelf for a year or 2, did the drive work every time, if you are like me it did not. Sometimes it does, and it is well established that this is a fact of life, HDDs live best powered up and moving. Tape on the other hand, can sit for decades when properly stored on a shelf or even in a tape automation device.
But if tapes are just sitting in tape libraries, will hackers attack the library and the data?
Everyday hackers look for new opportunities to make an impact, such as breaking into several companies’ NAS systems. But the worst that can happen with an IBM tape library hacking is that the process of retrieving data could be interrupted. There is no data accessibility or control through the library interface. Hackers are looking for the highest return on investment, trying to hack data at the lowest level is not a payoff for them. Ransomware developers are trying to lock entire ecosystems to create the most disruption, making it worth a company paying the ransom.
If a higher-level ISV has been compromised it is usually the destruction of databases and/or the crypto lock of the system that is most effective in preventing the recovery of the data, creating the most disruption for attackers. Furthermore, if a hacker has the knowledge to control the ISV and extract data from the back-ups, the issue will not be with the storage it will be with detection at the application layer. But IBM offers another method to protect the data in a tape library, Safeguarded Tape is available with the TS4500.
Safeguarded Tape: What is it and how does it work?
Simply put Safeguarded Tape is an orchestrated process creating an airgap, without physical media handling. Utilizing the IBM TS4500 command line interface, storage administrators can create logical libraries that are disconnected from all application access. Robot Process Automation, CRON or other automation processes then use RBAC controls to login to the TS4500 and move selected media to the Airgap logical library. Media is not physically moved, and is now not visible to connected applications.
Logically protected storage mediums require manual intervention to make the data available to the application. The assignment of a unconnected tape drive allows tape storage administrators to enable read verify on the Safeguarded logical library. Read verify in TS4500 does not process client data, it simply reads the data packets and discards them as they are validated.
As data workloads require more active storage, embrace the economics of a cyber resilient airgap solution that is set it and forget it.
Tape offers full cyber resilient capability when combined with solutions like Safeguarded Tape in the TS4500.
Air-gap qualified media is logically assigned to Safeguarded logical library
- All criteria assessment and assignment via CLI
- Fully automated
- No physical media movement
- Robotic Process Automation to meet business requirements
- “Gap” protection
- Air-gap –Application cannot see the safeguarded media
- Time-gap – Internal actor must identify and move media in order to attack
- Separation of Duty
- ISV admin cannot see media in the logical library
- Storage admin cannot see data on tape