Tape Media

Tape Drives

Ethernet LTO Tape Drives

Tandberg Data RDX QuikStor

Tandberg Data RDX QuikStation

HP RDX Removable Disk

Quantum SuperLoader 3

Quantum Scalar i3 LTO

Qualstar LTO Tape Libraries

Qualstar Q8 Tape Autoloader

Qualstar Q24 Tape Autoloader

Qualstar Q48 Tape Autoloader

Qualstar Q40 Tape Library

Qualstar Q80 Tape Library

Qualstar Tape Libraries

SymplyPro XTL Tape Libraries

Overland NEO Tape Libraries

Overland NEOs StorageLoader

Overland NEOs T24 Loader

Overland NEOs T48 Library

Overland NEOxl 40 Series

Overland NEOxl 80 Series

Tape Drive Autoloaders

HP StoreEver Tape Libraries

HP StoreEver MSL3040

Archiware P5 Software

XenData LTO Archive

Facilis Technology

SnapServer XSR NAS Series

Nexsan Storage

ATTO SAS / Thunderbolt

Cables & Terminators

Barcode Labels

Turtle Storage Cases

Quantum Scalar i3 Warranty

Removable Disk Storage

Imation RDX

Imation RDX Bundles

Tandberg RDXLock WORM

Quantum RDX

HP RDX+ Bundles

IBM RDX

Dell RD1000

Reconditioned Tape Drives


Custom Sequence Barcode Labels for all your Tape Media - DLT, SDLT AIT and LTO FREE LTO BARCODE LABELS

LTO-9 Tape Drives LTO-9 Tape Libraries Now Available

SymplyPro LTO Archiving Solutions LTO-8 and LTO-9

Browse by Manufacturer
Mailing Lists


Four Predictions For Storage And Backup Security in 2022

Cyberstorage gained more attention in the media in 2021 with the rise in storage hacks, ransomware attacks, and cases of immutable storage erased.

As these types of attacks increase, the “business value” of data continues to grow. That’s probably one of the main reasons why attacks on data are still the greatest cybersecurity threat to organizations. We still have a lot of work to be done educating organizations on the risks to their storage and backup systems.

1. Data-targeted cyber-crime will increase in number, cost and sophistication
2021 demonstrated that organizations are still failing to keep up with the ability of cybercriminal groups to innovate and adapt to new technology. That means that in 2022 we can expect to see more attacks – especially ransomware, as well as a sharp increase in the average cost per incident.

In addition to ransomware, supply-chain attacks can damage much more than a single organization. These types of attacks involve compromising an organization’s code to infiltrate its customers, employees, and partners. They can also execute record-level manipulation that could be used to exfiltrate funds or impact the medical treatment patients receive. That’s why supply chain attacks can quickly impact entire industries and economies.

Cybercriminal groups will also expand the scope of their attacks. Modern criminal groups will target not only endpoints and servers, but also central storage systems and their backup infrastructure.

By successfully infiltrating these new targets, they can:

  • Completely thwart recovery efforts by destroying or tampering with backups (including offsite cloud-based copies and immutable storage)
  • Siphon out petabytes of data easily stored on a single storage or backup system
  • Evade detection by existing Data Loss Prevention (DLP), Intrusion Detection Systems (IDS), and most modern threat intelligence solutions. Some hackers actually take advantage of cloud-based offsite backup solutions which, if not secured properly, can provide access to copies of huge datasets without introducing any visible load on production systems

2. Many organizations will still do a poor job securing storage and backup
Organizations have many misconceptions about the security of their storage systems and backups which leave them susceptible to compromise.

First, they believe that their storage systems are too obscure and too embedded in their datacenter to be penetrated from the outside. Unfortunately, storage systems are one of the weakest links and easy for hackers to access.

Second, they still believe that backups provide bulletproof recovery, but backup environments are more complex than most security executives realize. Most data recovery relies on multiple tiers that offer different layers of protection, each with its own recovery speed (which is another issue with backups) .

Finally, organizations also believe that existing risk detection and mitigation strategies are sufficient to detect sophisticated attacks on storage and backups that tamper with the backup process itself. This is a dangerous misconception because if these systems are not reinforced, isolated, and secured properly – even the most advanced backup systems can be bypassed.

For these reasons, we shouldn’t be surprised if in 2022:

  • Direct exploits of storage and backup will be used to extort tens of billions of dollars; Insecure NAS devices, SAN fabrics and central backup systems will expose petabytes of sensitive information
  • Even organizations using “holy grail” technologies (such as offsite cloud-backup and immutable storage solutions) will not always be able to recover from attacks.

3. Governments and policymakers will tighten supervision
Organizations report that they are now starting to pay much more attention to their storage and backup security than ever before. In a recent study we conducted among CISOs from 200 financial services around the globe, more than two-thirds confirmed that auditors were recently hired to review their storage and backup systems.

We’re expecting to see much stricter national and international guidance to organizations to tighten their data protection solutions and to avoid negotiating with criminals.

4. Organizations will gain awareness of their need to secure data as well as the data protection and recovery environments
Organizations will start to understand the need to secure their storage and backup environments more systematically. In other words, organizations will require better auditing, testing, and mapping of their storage and backup assets, as well as the ability to better assess data sensitivity, its importance and define the requirements for data protection.

Gartner and NIST have made the following recommendations which I believe will start to be implemented more in the coming year:

  • Infosec and IT infrastructure teams will need to work more closely than ever before
  • The security posture of storage and backup will need to be continually assessed, with gaps in security remediated automatically
  • The right technologies will need to be matched to the data protection requirements

 

Search
Shopping Cart
Your cart is empty.

Tandberg Data RDX Quikstor Removable Disk Cartridges

RDX 10 Pack Promotion - celebrating 10 Years of RDX Technology

SnapSever XSR120 and XSR40 Available

Quantum Scalar i3 LTO-9 Now Available and Shipping

Free Shipping UPS Ground - $500 min. order


Repair Services - 6 Month Warranty Fast Turnaround

Outlet Center - Refurbished Tape Drives - 6 Month Warranty