Cloud
Security
November 11, 2022 By Dave Mitchell
Bryan Buckland
5 min read

This blog looks at the three distinct types of data protection that exist today and introduces IBM Cloud Cyber Recovery concepts.

We will see, using IBM Cloud Cyber Recovery, how organizations can now protect valuable data from modern threats through backup, disaster recovery and cyber recovery.

Data increasingly manages our business and personal lives, and today’s global organizations rely on the constant flow of data across the interconnected network world. At the same time, the business risk also goes up significantly by increasing the quantity and value of data. With data continuing to increase in value, organizations need to recover critical data quickly if it becomes compromised.

Additionally, business transformation, advanced cyber-attacks and insider errors are constant threats. As the information footprint expands, organizations continue to look to the cloud for easy, cost-effective modernization methods, adding yet another opportunity for compromising an organization’s critical data. Ongoing threats are continuing, and while standard backup and disaster recovery are crucial, they are not enough. 

The ongoing threats to data are not diminishing

The 2022 release of the IBM Cost of a Data Breach report reveals a startling increase in breaches, with 83% of organizations studied having had more than one data breach and 45% of the breaches being cloud-based. Transforming infrastructure to the cloud does not automatically equate to better data protection.

The report further shares that 60% of organizations’ breaches led to increased costs, which were passed on to customers.

Ongoing threats are continuing, and while standard backup and disaster recovery are crucial, they are not enough. What tools can be applied to mitigate this risk of going out of business, and what resources are critical? Can the cloud be a tool to help close this risk? According to Veeam, the answer is yes.

Cyber resiliency—valid data recovery from an attack—is the only way to plan.

Data resiliency, the cloud and the business of ransomware

Advanced threats are only part of organizations’ risks in moving to the cloud. The issue is being able to recover the data and ensure business continuity. Data resiliency through using standard backups has dramatically evolved over the years as technology has advanced. Now, the need to recover data, files and file structure, virtual machines and infrastructure has made disaster recovery (DR) data centers a necessity.

IBM has recognized the value of DR and backup by leveraging these use cases and providing increased client value through the IBM Cloud business model for disaster recovery. Using IBM Cloud as secure disaster recovery, infrastructure for cloud or on-premises disaster protection brings the following benefits:

  • Geographic redundancy: Enable higher resiliency and availability.
  • Affordability: Consume resources when (and as) needed.
  • Scalability: Dynamically grow or shrink your cloud resource requirements.
  • Immutable object storage: Protect and preserve records and maintain data integrity in a WORM (Write-Once-Read-Many), non-erasable and non-rewritable manner.
  • COS replication

By combining the value of the cloud with the VMware virtualization model, organizations can now lower costs and complexity while maintaining the level of compliance and data resiliency needed.

The ransomware business, however, continues to expand and evolve. This evolution drives the ransomware’s technology and quality and pushes the attacks into a new business model.

This means that organizations now face Ransomware-as-a-Service (RaaS). RaaS is now making it easier than ever for a threat actor to attack an organization. The attack motives can be any number of reasons—including financially motivated, political or destructive—with no restrictions on the operator having any technical knowledge. In addition, multiple ransomware operators now offer a wide array of tools and services to make ransomware attacks more effortless. RaaS is now a complete business model that includes marketing and technical support operations. This now puts backup and disaster recovery solutions to the test.

Business continuity: Protecting the data with Veeam and IBM Cloud

With business-driven applications moving to the cloud, standard backups coupled with DR have been working and evolving to help protect data. However, with the value of business data increasing and the agile nature of application development, advanced threats like ransomware are following along into the cloud model. Using backup and DR solutions cannot always keep up. Now, by adding cyber resiliency capabilities to IBM Cloud, a third level or layer of protection is emerging. Just as there are differences in capabilities between backup and DR, cyber recovery brings its own specific nature to protecting critical data.

Until today, business continuity meant combining the best of standard data backup with disaster recovery technology. By providing cost-effective DR in the IBM Cloud, IBM has reduced the high cost overhead of replicating to a DR data center. Now, by providing an isolated hardened infrastructure in the cloud, IBM has taken the next step clients need for cyber resiliency.

First, it is essential to understand how disaster recovery and cyber recovery work together. Disaster recovery focuses on protecting the business from geological or regional incidents. It’s usually comprehensive in its data volume, and in the case of an incident, the point of recovery and fallback is quick—sometimes instantaneous. Adding immutable storage to DR solutions does add protection, but it does not provide the data validation and environment to ensure the data is not still infected in some way. It also does not guarantee application integrity to run a production environment separate from the environment where the infection originated.

Cyber recovery differs slightly and protects the entire business from a targeted selective attack. The key to recovery is the reliability of the data. Since the data is critical, the impact on the company is global—a situation different from the regional, more contained incident when a DR infrastructure provides protection. Admin access to the isolated recovery environment is highly protected, and data is typically scanned to ensure reliable recovery.

IBM Cloud Cyber Recovery with Veeam

With IT transformation to the cloud, IBM continues to follow the momentum by engineering and providing an automated, isolated, cyber-resilient infrastructure. Working with key partners like Veeam, a completely engineered cyber recovery infrastructure provides the foundation for clients and partners to create a hardened and virtual “air-gapped” environment for protecting critical data copies and backups. Along with the automated cloud solution, a Solutions Guide is available to provide details and help understand the components.

Read the cyber recovery solution guide.

The cyber recovery solution guide describes the automated tasks that create two cyber-resilient solution architectures: an immutable storage environment and an isolated recovery environment. Clients use immutable, unalterable storage technology for configuration data and write-once-read-many. Isolated recovery storage works to prevent corruption and ensures that recovered data is intact. In addition, network isolation separates the production environment from the isolated environment, providing a virtual “Air-Gap” for added protection from production network malware or attack. The solution guide also discusses the use cases for creating backups and making these backups available only to security administrators.

For a detailed understanding of the two solution architectures, see the overview of cyber recovery with Veeam architecture in the guide.

IBM awarded the Veeam Cloud and Service Provider Growth Partner of the Year

Organizations are seeing the value of IBM Cloud Cyber Recovery, and there has been tremendous growth in implementing this advanced, cost-effective solution. The value and momentum of the combined solution are why IBM was recently awarded the Veeam Growth Partner of the Year at VeeamON 2023. Veeam recognizes partners who have demonstrated outstanding performance and expertise in delivering data protection and ransomware recovery solutions and services.

Summary

Modern malicious actors continue to evolve and adjust their tactics, and ransom demands continue rising. Veeam backup and data protection solutions work to prevent ransomware damage. IBM is meeting the challenges of protecting an organization’s valuable data to survive and provide confidence for continued innovation. IBM Cloud Cyber Recovery with Veeam brings an easy-to-deploy automated solution complete with a virtual network air gap, immutable storage and a protected recovery environment. Check out the Solutions Guide today as a first step.

Now, with the cost-effective IBM Cloud, organizations can prepare a solid data resiliency strategy to include backup, disaster recovery and cyber recovery protection—all working in concert to keep your organizations protected from ransomware.

Check out the solutions guide today.

Was this article helpful?
YesNo
Dave Mitchell
Senior Product Offering Manager
Bryan Buckland
STSM, IBM Cloud IaaS Solution Architecture

More from Cloud
July 16, 2024

How a US bank modernized its mainframe applications with IBM Consulting and Microsoft Azure

9 min read - As organizations strive to stay ahead of the curve in today's fast-paced digital landscape, mainframe application modernization has emerged as a critical component of any digital transformation strategy. In this blog, we'll discuss the example of a US bank which embarked on a journey to modernize its mainframe applications. This strategic project has helped it to transform into a more modern, flexible and agile business. In looking at the ways in which it approached the problem, you’ll gain insights into…

July 16, 2024

The power of the mainframe and cloud-native applications 

4 min read - Mainframe modernization refers to the process of transforming legacy mainframe systems, applications and infrastructure to align with modern technology and business standards. This process unlocks the power of mainframe systems, enabling organizations to use their existing investments in mainframe technology and capitalize on the benefits of modernization. By modernizing mainframe systems, organizations can improve agility, increase efficiency, reduce costs, and enhance customer experience.  Mainframe modernization empowers organizations to harness the latest technologies and tools, such as cloud computing, artificial intelligence,…

July 16, 2024

Modernize your mainframe applications with Azure

4 min read - Mainframes continue to play a vital role in many businesses' core operations. According to new research from IBM's Institute for Business Value, a significant 7 out of 10 IT executives believe that mainframe-based applications are crucial to their business and technology strategies. However, the rapid pace of digital transformation is forcing companies to modernize across their IT landscape, and as the pace of innovation continuously accelerates, organizations must react and adapt to these changes or risk being left behind. Mainframe…

IBM Newsletters

 Get our newsletters and topic updates that deliver the latest thought leadership and insights on emerging trends.
Subscribe now More newsletters