Hopefully your business never falls victim to a ransomware attack, but with incidents rising at an alarming rate (a study by Bitdefender found that reports of ransomware attacks increased more than 400% in 2020), you’re safer to assume an attack is imminent and plan accordingly than to hope for the best.
Recovering from a ransomware attack is much easier when you’re prepared well in advance with safe, reliable backups—especially if you implement a 3-2-1 backup strategy—but attackers are getting savvier. They know how to target a company’s backups in addition to production data to make sure the infection is complete. When victims’ backups are compromised, hackers have more leverage to force ransom payments.
There are plenty of stories where attackers target backups, leaving victims with no way out other than paying up—which is legally questionable—or refusing to pay but spending millions to resume normal operations. That doesn’t have to be your story. With advances in backup protection like Object Lock, you can add one more layer of defense between cybercriminals and your valuable, irreplaceable data.
In this article we’ll explain:
- What Object Lock is.
- What Object Lock does.
- Why you should use it.
- When you should use it.
This post is a part of our ongoing series on ransomware. Take a look at our other posts for more information on how businesses can defend themselves against a ransomware attack, and more.
What Is Object Lock?
Object Lock is a powerful backup protection tool that prevents a file from being altered or deleted until a given date. Only a few storage platforms currently offer the feature, but if your provider is one of them, you can enable Object Lock and specify the length of time an object should be locked in the storage provider’s user interface, via your backup software, or by using API calls.
What is an object?
An object is a unit of data that contains all of the bytes that constitute what you would typically think of as a “file.” That file could be an image, video, document, audio recording, etc. An object also includes metadata so that it can be easily analyzed.
What Does Object Lock Do?
Object Lock allows you to store objects using a Write Once, Read Many (WORM) model, meaning after it’s written, data cannot be modified or deleted for a defined period of time. Any attempts to manipulate, copy, encrypt, change, or delete the file will fail during that time. The files may be accessed, but no one can change them, including the file owner or whoever set the Object Lock.
What Is an Air Gap, and How Does Object Lock Provide One?
Object Lock creates a virtual “air gap” for your data. When we talk about an air gap, most people think of LTO tape. The backup data is written to tapes, which are then physically removed from the network and the premises, hence creating an “air gap” between your backups and your working systems. Because there is literally no way a computer virus could transmit through the air to a physical object that’s not connected to a network, they will be virus-free. In the event of a ransomware attack, you can just pull the tapes from the previous day to restore systems.
Object Lock does the same thing, but it all happens in the cloud. Instead of physically isolating data, Object Lock virtually isolates the data.
What Is Immutable Data? Is it the Same as Object Lock?
In object storage, immutability is a characteristic of an object that cannot be modified or changed. It is different from Object Lock in that Object Lock is a function offered by object storage providers that allows you to create immutable or unchangeable objects. Immutability is the characteristic you want to achieve, and Object Lock is the way you achieve it.
How Does Object Lock Work With Veeam Ransomware Protection?
Veeam, a backup software provider, offers “immutability” or “immutable backups” as a feature to protect your data. The immutability feature in Veeam works hand-in-hand with the Object Lock functionality offered by cloud providers like Backblaze and AWS. If you’re using a cloud storage provider to store backups and they support Object Lock (which we think all should, not that we’re biased), you can configure your backup software to save your immutable backups to a storage bucket with Object Lock enabled.
Why Should You Use Object Lock?
Using Object Lock to protect your data means no one—not hackers, not ransomware viruses, not even you—can edit or delete your files. If you are attacked by ransomware, you can trust that your backup data stored with Object Lock can’t be deleted or altered. There’s typically no added cost to enable Object Lock on a storage bucket beyond what you would pay to store the data anyway. Finally, data security experts strongly recommend using Object Lock to protect your critical backups.
The question really isn’t, “Why should you use Object Lock?” but rather “Why aren’t you?”
When Should You Use Object Lock?
Object Lock creates immutable backups that can’t be changed. As such, it provides very effective protection against ransomware, but its capabilities go beyond ransomware protection.
What Are the Different Use Cases for Object Lock?
Object Lock can be employed to its greatest advantage in a few different use cases:
- To replace an LTO tape system while maintaining immutable, virtually air-gapped backups: Until recently, fully air-gapped backups were typically achieved by using tape. With Object Lock you can create a backup that’s just as secure as air-gapped tape without the need for expensive physical infrastructure.
- To protect and retain sensitive data: If you work in an industry subject to HIPAA regulations or if you need to retain and protect data for legal reasons, Object Lock allows you to easily set appropriate retention periods for regulatory compliance.
- As part of a disaster recovery and business continuity plan: In the event of a ransomware attack, you don’t want to worry about whether or not your backups are safe. Knowing you can easily restore your data from immutable backups created prior to an attack helps ensure you can avoid downtime, minimize productivity disruptions, and easily and quickly resume normal operations.
Protecting Your Data With Object Lock
To summarize, here are a few key points to remember about Object Lock:
- Object Lock creates a virtual air gap using a WORM model.
- Data that is protected using Object Lock is immutable or unchangeable.
- With Object Lock enabled, no one can encrypt, tamper with, or delete your locked data.
- Object Lock can be used to replace tapes, protect sensitive data, and defend against ransomware.
Ransomware attacks can be devastating, but your story doesn’t have to end with you shelling out headline-grabbing sums or facing extended downtime. As cybercriminals become bolder and more advanced, creating immutable, air-gapped backups using Object Lock functionality puts a manageable recovery in closer reach.
Have questions about Object Lock functionality and ransomware? Let us know in the comments.