In today’s digital age, organizations are experiencing an astronomical volume and velocity of data creation. As we see data becoming a digital currency and its intrinsic value rising higher each day, protecting it from security threats and other data loss incidents takes foremost importance for IT security and administration teams. Ensuring data permanence and data authenticity is key for organizations as they deal with industry and government compliance mandates and other SLAs.
It is a commonplace practice to create backups of data to restore back to a last-known clean status in case of data corruption or data loss. But what happens if that backup itself falls victim to a security breach? It is, therefore, cardinal to institute effective security mechanisms in place to protect stored data (primary data and backups) from undesired and unforeseen incidents of privacy violations.
The answer to this data security challenge is IMMUTABLE STORAGE.
The principle behind immutable storage is that data cannot be tampered with or deleted by anyone regardless of their intention. Once immutability is set for a specified amount of time, data remains in its original and pristine form until that time period elapses. In that duration, data remains unalterable and undeletable, thus meeting both data retention and data integrity requirements.
Key Applications and Benefits of Immutable Storage
- Protecting against ransomware and other cyber-attacks: Immutability ensures that primary data and backups cannot be encrypted or modified making them impervious to rogue actors
- Preventing malicious insider threats, such as when a disgruntled employee tries to delete or modify secure files
- Averting accidental file deletion and content modification by users
- Shielding against human errors and bugs causing data corruption
- Meeting regulatory compliance policies that mandate that accurate copies of data be preserved for a stipulated period of time (video and audio surveillance footage, backups, log files, historical analytics data, and so on)
- Maintaining data authenticity for litigation requirements such as legal holds, supplying a chain of custody, and securing digital evidence
- Safeguarding backups against retention policy changes and deletion of restore points
The concept of immutability can be applied to various storage media include, disk, SSDs, tape, and even the cloud. Let’s see how DataCore Swarm software-defined on-premises object storage platform assures data and backup protection with immutability.
How DataCore Swarm Assures Data Immutability
Swarm is a massively scalable object storage platform that allows organizations and service providers to build a resilient secondary storage / active archive / backup target for their growing data storage requirements. Swarm has had compliance and governance features like WORM, definable immutability, Legal Hold, content hashing and auditing logs for over a decade. The latest release of Swarm, version 14, extends Swarm’s data protection features adding S3 object locking.
Based on the technology of S3 Object Lock, Swarm’s S3 object locking functionality allows administrators to lock specific objects or buckets in Swarm. Within the perimeter of your data center you can now easily lock objects and make them immutable. Multi-tenancy settings allow you to program different object lock settings for different tenants (internal users or external subscribers).
- Swarm gives you the flexibility to define the duration of the lock during which time objects are WORM-protected and cannot be deleted, modified, or overwritten. This is the Retention mode.
- You can also apply the object lock indefinitely in the Legal Hold mode until you explicitly choose to remove it when you wish to delete the data.
As we saw above, in addition to S3 object locking, Swarm has many other purpose-built security functions including Legal Hold, Integrity Seals, encryption, hashing, activity logging, audit trails, and more. Robust replication and erasure coding techniques allows IT teams to create data and backup copies and store them in a different location/site for recovery.
The latest Veeam Ready qualification for Swarm “Veeam Ready Object Storage Repository with Immutability” is a testament to the new S3 object locking functionality and its reliability to protect backups from being tampered with or deleted. Easily protect against ransomware and other threat vectors and meet your compliance and data privacy objectives.
Swarm also has been assessed and certified by Cohasset to meet the immutability-enabled and WORM-compliant data storage requirements of SEC Rule 17a-4(f), FINRA Rule 4511(c), CFTC Rule 1.31(b)-(c), and MiFID II.