With the following background info:
"DATA PRIVACY ALERT
Resiliency in the Face of the 21st Century Disaster - Cyber Threat Mitigation
Cyber threats are increasingly targeting availability and with ransomware and other attacks frequently going undetected for up to 99 days, the threat of not having a "clean" backup available is a real possibility. Join this webcast to hear how you can contain the impact of incidents, adapt your disaster recovery plan for cyber threats, minimize downtime and ensure successful recovery from a clean copy of data."
With the following doc from SP 8.1.4 doc:
Ransomware Directives from SP documentation:
"Review the policies that are set up for the storage environment to ensure that a "sufficient" number of backup copies are retained and the copies are retained for a "sufficient" number of days."
For a non-TSM admin, they would just increase the number of copies to their 'sufficient' number; however, to a trained TSM admin, we know that some files that never change from the time they are backed up will only have 1 copy since TSM (SP) uses progressive incremental. So, if using the scenario of multiple disk solution for an active-active model, and with an online network connection between your Hub server and the spoke server, and that we know that ransomware spreads file by file via the OS. If your only protection for that one file is disk, then I think there is very good probability if attacked by ransomware that file will not be able to be restored; However, if that file is also written to tape, then that copy written by the physical tape will not be vulnerable to encryption. Thus, you would have a copy to restore from since, at least right now, ransomware cannot write at the physical layer of a LTO7 drive.
Thus, what I am wondering: why tape is being discarded by so many companies including mine! In fact, I am still standing for the golden rule of 3-2-1 where, the "2" represents two different media!!! Any others???
Does the above reasoning make sense? Please help, if I am wrong, that with the cloud, the 3-2-1 rule no longer applies to the new reality! If it does still apply, then why is there no outcry of jeopardizing our data with ignoring this 3-2-1 rule.
**
This question was asked to be posted anonymously by a community member who is unable to publicize their company name and sector. I will email the member directly to notify them of responses.