Building A Data Protection Solution For Cyber Resiliency

2y ago
36 Views
2 Downloads
3.77 MB
95 Pages
Last View : 1m ago
Last Download : 2m ago
Upload by : Shaun Edmunds
Transcription

Accelerate with IBM Storage: Building a Data ProtectionSolution for Cyber ResiliencyDan ThompsonSpectrum Storage Specialistdanthomp@us.ibm.com Copyright IBM Corporation 20201

Washington Systems Center - StorageAccelerate with IBM Storage WebinarsThe Free IBM Storage Technical Webinar Series Continues in 2020.Washington Systems Center – Storage experts cover a variety of technical topics.Audience: Clients who have or are considering acquiring IBM Storage solutions. Business Partners and IBMers are alsowelcome.To automatically receive announcements of upcoming Accelerate with IBM Storage webinars, Clients, Business Partnersand IBMers are welcome to send an email request to accelerate-join@hursley.ibm.com.Located on the Accelerate with IBM Storage Site: , check out the WSC YouTube Channel here:https://www.youtube.com/channel/UCNuks0go01 ZrVVF1jgOD6Q2020 Upcoming Webinars:May 19 – Spectrum Scale – Stretched Cluster DesignRegister Here: https://ibm.webex.com/ibm/onstage/g.php?MTID e21d6394be1f4e99e2f28866e7d2b5c88May 21 - Storage Insights, Storage Insights Pro or Spectrum Control, which one is right for me?Register Here: https://ibm.webex.com/ibm/onstage/g.php?MTID eeb831096e67ff598348a5bb301d3038dJune 2 – Spectrum Scale ESS 3000Register Here: https://ibm.webex.com/ibm/onstage/g.php?MTID e6920e411fed595003800af92ecffe68eJune 4 - TS7700 Systems and zOS - Two Partners Better Together!Register Here: https://ibm.webex.com/ibm/onstage/g.php?MTID efdf15a2fcf8a4582d87a6e73d3ac9544 Copyright IBM Corporation 2020Accelerate with IBM StorageWSC Accelerate SurveyPlease take a moment to share your feedbackwith our team.You can access it viaMenti.com 22 37 47

World Economic Forum2018 Global RisksPerception Survey:Cyberattacks ranked #3“Attacks against businesseshave almost doubled in fiveyears, and incidents that wouldonce have been consideredextraordinary are becomingmore and more commonplace.” Source: World Economic Forum, 2018

Current infrastructuresfocus on BC / DR Backups Snapshots ReplicationAdd a focus onCyber Resiliency Isolation Immutability Granularity

Cyber ResiliencyCyber resiliency is the ability of an organization tocontinue to function with the least amount ofdisruption in the face of cyber attacks.Cyber SecurityBusiness ContinuityCyber security is designed toprotect systems, networksand data from cyber crimes.Effective cyber securityreduces the risk of a cyberattack and protectsorganizations from thedeliberate exploitation of itsassets.Business continuity provides thecapability to resume operations whenan event causes a service disruption.Plans for Business continuity addressnatural catastrophe, accidents anddeliberate physical attacks; but now,they must also support resumption ofoperations following cyber attackdisruptions.Planning Protecting Testing Learning

Attacks are becoming more costly and more likely 3.92 million 8 billionAverage total cost ofa data breach in 2019Estimated global costof WannaCry attack 200k/hrDowntime* IDC 310 millionCost impact for one companyimpacted by NotPetya206daysAverage amount of time hackersspend inside IT environmentsbefore discovery1 in 4Odds of experiencing a data breachover next two years#3Likely#6Impact* World Economic Forum 2018 Global RisksSource: Ponemon, 2019 Cost of Data Breach Study - al-community/cost-of-a-data-breachCBS News WannaCry ransomware attack losses could reach 4 billion - ttacks-wannacry-virus-losses/6

Verizon 2019Data BreachesReport Analysis of 41,686 security incidents, of which 2,013 were confirmed data breachesSummary Who are the victims?16% were breaches of Public sector entities15% were breaches involving Healthcare organizations10% were breaches of the Financial industry̶̶̶What tactics are utilized?52% of breaches featured Hacking33% included Social attacks28% involved Malware̶̶̶Who's behind the breaches?69% perpetrated by outsiders34% involved Internal actors̶̶What are other commonalities?̶̶̶71% of breaches were financially motivated25% of breaches were motivated by the gain of strategic advantage (espionage)29% of breaches involved use of stolen df7

Cyberattacks happen weeklyPetya, NotPetya,Nyetya, Goldeneye,QakBot TrojanMacronCampaignHackWikiLeaksCIA Vault 7TicketflyMeltdownSpectreUberDeloitteSaks, Lord UpSingapore’sMinistry riton targetsindustrial controlsystems (ICS)Equifax826 million data recordsFacebookCity of AtlantaExactisGeorgiaTechToyotaFirst half of 2019PaneraEquifaxUnderArmour TheSacramentoBee2.3 billion data recordsReported lost or stolenWalmartFacebookSalesforceCitrixNorskHydro6.7 billion data records

Pain points evolve as cyber attacks increase and change Need a more precise, immediate responseto a cyber event Eliminate extended business interruptionsfrom more frequent attacks Retain clean IT and critical businessprocess components to quickly resumecompany operations Demonstrable evidence of capability foraudit and compliance9

Defining a Cyber Resiliency Recovery Service Strategy Do not just focus on Ransomware. Other Malware, internalthreats and regulations need to be taken into account You may have air-gap, encryption at-rest orimmutability/WORM requirements. This may apply to all orjust a sub-set of data and location of storage and recoverymay be different You may have much more aggressive requirements forrecovering large amounts of corrupted data, from anincorruptible source You may have multiple requirements that appear similar,but looking past the superficial similarities shows importantdetails We have to look beyond the traditional Recovery TimeObjective (RTO) and Recovery Point Objective (RPO) Separate security domains for primary, Disaster Recoveryand Cyber Recovery locations10

NIST Cyber Resiliency FrameworkFramework of computer security guidance for how organizationscan assess and improve their ability to prevent, detect, andrespond to cyber attacks:Identify:IdentifyDefining a organizational understanding to build or improvecyber resiliency plan – critical assets & strategyProtect:RecoverProtectImplementing Safeguards to ensure delivery of criticalservices – protecting against vulnerabilities before they areexploitedDetect:Detecting occurrence of cyber security events – timely,continuous monitoring, detection processesRespondDetectRespond:Taking action regarding a detected event – analysis, contain,mitigation, & communicationRecover:Restore capabilities and services - recovery, improvements,communications11

Storage Services and RansomwareCopy Separation:Cold Data Vault with Air GapRPOWORM Data Archives (Tape) Create a structure of data separationacross multiple layers and servicesincluding; Copy Services Backup ServicesNENR Data Archives (Object / Disk Storage)Data Backups (Local & Isolated)Backup enabled Snapshots(Local and Isolated)Storage based SnapshotsLocal & IsolatedPolicy Governed Application Aware Snapshots – local & IsolatedData Accessibility TemperatureAccess Isolation: Create a structure of data isolationmultiple layers and services including; Air Gap Non-erasable / Non-rewritableStorage Cold Storage / Object Storage Data Vaults Isolated Infrastructure12

NIST Cyber Resiliency FrameworkFramework of computer security guidance for howorganizations can assess and improve their ability to prevent,detect, and respond to cyber attacks:Identify:IdentifyDefining a organizational understanding to build or improvecyber resiliency plan – critical assets & strategyProtect:RecoverProtectImplementing Safeguards to ensure delivery of criticalservices – protecting against vulnerabilities before they areexploitedDetect:Detecting occurrence of cyber security events – timely,continuous monitoring, detection processesRespond:RespondDetectTaking action regarding a detected event – analysis,contain, mitigation, & communicationRecover:Restore capabilities and services - recovery,improvements, communications

IBM cyber resilience lifecycleIdentifyIdentifyDefining a roadmap and action plan to build orimprove Organization’s cyber resilience plan

Identify IBM Storage Insights Pro IBM Spectrum Control IBM Spectrum ProtectIdentify Offerings help identify where primarydata is located̶ Organize and understand what’s critical Offerings understand “normal”performance requirements Offerings help understand dailychanges

Revenue Producing Data Intuitive Storage UI̶ Dynamically changing StorageInfrastructure̶ Historical State and Performanceinformation̶ Insight into Block/File/Object/Network̶ Alignment into Business Applications andUnits Storage Insights Pro̶ Up and running with the cloud in minutes̶ Only maintain simple Collector Agent Spectrum Control̶ When cloud is not an option

NIST – Identify Develop Organizational Understanding to managecybersecurity risk̶̶̶̶̶Asset ManagementBusiness EnvironmentGovernanceRisk AssessmentRisk Management Strategy Key IBM Offerings help:̶ Identify where data is located – Insights / Control̶ Understand “normal” performance requirements – Insights / Control̶ Understand daily data changes – Protect̶ Find changes quickly - Discover

IBM cyber resilience lifecycleProtectProtectImplementing Safeguards to ensure delivery ofcritical services – protecting againstvulnerabilities before they are exploited

NIST Cyber Resiliency FrameworkFramework of computer security guidance for howorganizations can assess and improve their ability to prevent,detect, and respond to cyber attacks:Identify:Defining a organizational understanding to build or improvecyber resiliency plan – critical assets & strategyProtectProtect:Implementing Safeguards to ensure delivery of criticalservices – protecting against vulnerabilities before they areexploitedDetect:Detecting occurrence of cyber security events – timely,continuous monitoring, detection processesRespond:Taking action regarding a detected event – analysis,contain, mitigation, & communicationRecover:Restore capabilities and services - recovery,improvements, communications

Take copies of Revenue ProducingData Structured and Unstructured Data Flexible Licensing Options Flexible Storage Options Flexible Policy ConfigurationIBM Tape̶ Placement̶ Application Classification Highly Scalable̶ Single offering to protect enterprise data True Air Gap Recovery̶ RPO 24h (* typical)̶ RTO variable

For Primary Data File Data Flexible Licensing OptionsIBM Tape Automatic replication̶ True Air Gap Flexible Policy Configuration̶ Placement̶ Application Classification Highly Scalable̶ Single offering to hold enterprise data Recovery̶ RPO variable (* mins-hrs)̶ RTO variable

How to add air gapped solutions to aSpectrum Scale storage hierarchy Spectrum Scale’s Information LifecycleManagement data tiers allows targetingobject storage, tape storage orbackup/archive engines as externalstorage tiers. Each of those options supports multiplecopies of data. As mentioned earlier, an advanced filesystem will also support TapeStorageTierObjectStorageTier

IBM Tape Market Leader Lowest Cost, Fastest StorageMedium Removable Inherent Air Gap Works with IBM Spectrum Protect̶ Efficient Copy Management (of copies) Environmentally Friendly High Automation

Take copies of Revenue ProducingData Modern Application Protection Modern Virtual Machine Protection Data stored in native format, immutable Simple Configuration Easy to use Roles based access controlRecoveryDisaster RecoveryEnd user data access to copies of stored data̶Patch Management Automation for End to End provisioning Recovery̶̶Test/Dev DevopsAnalyticsReportingRPO 15m - 24hRTO mins

Block based replicated data Leverage CDM to drive automation Replicate Application LUNs to an airgaped/fenced storage infrastructureAirgap means IP network connectivity is limitedAdministrative privileges are separatedCDM drives snapshots of working systemsSufficient historical snapshots are retained foradditional recovery points̶̶̶̶ Policy Driven“Snapshot Of Snapshot” used to present data backout when requiredSeparate Administrators̶̶ Recovery̶̶RPO 15m - 24hRTO mins

IBM cyber resilience lifecycleDetectDetectDetecting occurrence of cyber security events– timely, continuous monitoring, detectionprocesses

DetectLeverage Tools to Identify Breaches Monitor Revenue Producing DataRealtime Performance Monitor Copying of RevenueProducing Data Performance Understand Changes in DataReduction Results

Proactive̶ Validate protected data (AUDIT *) In Action Changes in̶ Number of Files Protected̶ De-duplication Ratio̶ Virtual Machine Block Change Rate̶ HSM Recalls

Proactive̶ Review historical performance In Action Changes in̶ Unusual performance impact alerts

NIST – Detect Develop & Implement Activities to identify acybersecurity threat̶̶̶Anomalies & EventsContinuous Security MonitoringDetection Process Key IBM Offerings help:̶ Monitor Performance – Insights / Control̶ Understand data changes – Insights / Protect̶ Validate protected data– Protect

IBM cyber resilience lifecycleRespondRespondTaking action regarding a detected event –contain, analysis, mitigation

RespondDisconnect from the threat Leverage Storage InfrastructureManagement̶̶̶To know where to disconnectWhat to disconnectWhat to shutdown Validate “Go/No Go” for recovery:̶ Where you able to stop the threat intime from full destruction?̶ Full recovery is destructive Ensure you do need to revert Identify IBM Storage Products̶ IBM Storage Insights Pro̶ IBM Spectrum Control̶ IBM Spectrum Protect

NIST – Respond Develop & Implement Activities to take action on acybersecurity incident̶̶̶̶̶Response ts Key IBM Offerings help:̶ Full environment recovery – Protect̶ Instant application / data recovery – Protect Plus / CDM̶ Utilize data copies – Protect Plus / CDM̶ DR Automation – CDM

IBM cyber resilience lifecycleRecoverRecoverRestore capabilities and services - recovery,improvements, communications

Recover Disaster Recover Manager Fast, Single Pass Recovery Leverage Replica for Recovery Recover Protect itself from aReplica

Instant Recovery̶ Test before commit Application End to End Recovery̶ Automation̶ Skills Automation with RESTful APIs Leverage Replica for Recovery

IBM Cyber Resilient ArchitectureIdentifyRecoverProtectOff-Premise InfrastructureRespondPrimary Data CenterSeparateAdministrationZonesCopy of Revenue Producing DataCyber Resilient Data CenterXProprietaryViritualisedManagementXDetect

Spectrum Protect Family and WORM/Immutable Storage Spectrum Protect provides logical, software-based protection of backup/archives, but a Protect Admincan delete data as part of normal operations. Clients can be authorized to delete or expire backups, aswell. Spectrum Protect for Data Retention/System Storage Archive Manager provides software WORM forarchives (administrator cannot delete or obfuscate the archive data). Spectrum Protect supports many WORM/Immutable storage devices (physical WORM such as optical orFirmware-based WORM like tape). Spectrum Protect Plus supported IBM Cloud Object Storage retention vaults starting v10.1.3 (released02-2019). Spectrum Protect will support creation of recovery points based upon existing backups, starting in v8.1.7(released 02-2019).

Defining a Recovery ServiceStrategy Do not just focus on Ransomware. Other Malware, internal threatsand regulations need to be taken into account.You may have air-gap, encryption at-rest or immutability/WORMrequirements. This may apply to all or just a sub-set of data andlocation of storage and recovery may be different. You may have much more aggressive requirements for recoveringlarge amounts of corrupted data, from an incorruptible source. You may have multiple requirements that appear similar, butlooking past the superficial similarities shows important details. We have to look beyond the traditional Recovery Time Objective(RTO) and Recovery Point Objective (RPO). Separate security domains for primary, Disaster Recovery andCyber Recovery locations.

Quantifying the concepts of Air Gap and Immutability The term air gap initially referred to a computer truly disconnected from the network. From a networkedapplication or networked backup perspective, this term is somewhat incongruous. When discussing air gapped storage, it is better to consider some key characteristics: Logical and Physical Separation: Is the recovery point a read-only logical snapshot within the same filesystem? Is the recovery point a space-efficient snapshot within the same disk subsystem? Is the recoverypoint a traditional backup of data on a different disk subsystem within the same datacenter? Is the recoverypoint on tape, ejected from the library and shipped to a vault? Ease of Corruption or Destruction: Is the recovery point offline or immutable from automatic encryptionattacks? Is the recovery point stored within the same file system or disk subsystem and therefore susceptibleto insider attacks? Is the recovery point retained for a short enough period such that it will be corrupted if thecorruption of the primary data is not detected in a timely manner? Is the recovery point a file systemsnapshot, disk snapshot or backup stored in a location secured such that a single infiltrator/insider cannotattack multiple copies of the data. Note: since the greater the degree of separation may also mean the slower the recovery, it is not uncommonto need a multi-level/multi-copy solution. So, we cannot ignore performance characteristics to meetRTO/RPO requirements in different scenarios. We are beginning to see more requirements for Cyber Recovery(CR) in addition to traditional backup/restore and DR requirements.

Third Characteristic Important to Cyber Recovery In addition to the 2 characteristics related to Air Gapped storage, a third is important to otherCyber Incident Recovery: Ease of Reuse: Can the storage in question easily be recovered or otherwise accessed for use byautomatic validation software? Such capabilities are key to advanced cyber incident recoverytools, which evaluate whether backups contain infected or otherwise compromised data.

Recap: Four Main Criteria to Compare Air Gap orImmutable Storage Logical and Physical Separation (Isolation) Ease of Corruption or Destruction(Immutability) Performance (Speed to meet RTO/RPO indifferent scenarios) Ease of Reuse

Recovering from a large malware encryption event Ransomware works by targeting a user machine, but it doesnot damage that machine at first. After it has infected amachine, it attempt to encrypt data on any share that it canlocate from that machine (Latch-On and Expand). In otherwords, it is targeting files on a file system, which can bedocuments, databases, etc. After following good security practices and eliminatingunneeded shares or exports, there may still need data thatneeds more protection to prevent having to pay the ransom inthe Restore (decrypt) stage. One good first step is to create read-only snapshots of filesystems or, for applications, disk snapshots not exposed tothe machine’s operating system. These snapshots can beused as a quick recovery. It will be necessary to keep a sufficient number of snapshotsto give you time to detect and stop the Expand (encryption)stage.

Recovering from a large malware encryption eventWhile Snaphots provide: Very fast Recovery Time and Recovery Point They are either read-only (file system snapshots) or offlineto the physical machine (disk subsystem snapshots orlogical snapshots in backup repository) Local Snapshots can be attacked by infiltrator/insider withaccess to the file system or subsystem. Replicated copies can exist on remote systems withdifferent security settings. Sophisticated worklows may exist (create snapshot andreplicate to another location; create replicas which are thensnapshotted at remote location and mounted forreuse/validation, etc.) IBM DS8000 family provides for SafeGuarded snapshotscreated by Copy Services Manager or GDPS, for protectionagainst infiltrator/insider. CSM provides advanced supportfor SafeGuarded copies.

Evaluating Snapshots using the 4 CriteriaLogical and Physical Separation (Isolation):Snapshots are not visible to automatic orsimple malware attacks, but typically reside within the same file system or controller. Replicatingsnapshots to DR/CR locations may create greater separation, and newer technology DS8000 hiddensnapshots can help create greater isolation.Ease of Corruption or Destruction (Immutability):If a snapshot resides within the samefile system or controller, they may not be protected from infiltrator/insider attack, or simple human error.Depending upon the technology, a snapshot may or may not be truly read only. Replicating snapshots toDR/CR locations may create greater isolation, and newer technology DS8000 hidden snapshots can helpcreate greater levels of protection.Performance (Speed to meet RTO/RPO in different scenarios):Snapshots typicallyoffer the greatest level of recovery performance, so are a good candidate for the first level of recovery fromlarge data corruption/encryption attacks.Ease of Reuse:Snapshots are typically very easy to Reuse, as they are copies of the nativelyformatted data. They are also easily replicated to DR/CR locations, which allows the location of this reuseto be flexible.

IBM Storage & SDIBackup Solution Design with Immutability, Air Gap andCyber Vaulting

Spectrum Protect for Data RetentionSpectrum Protect for Data Retention is a special-use version ofSpectrum Protect. This allows the following features: Spectrum Protect administrators cannot delete data as part ofnormal administrative tasks such as data cleanup, hostdecommissioning, etc. Data archives are protected with software-based WORMcontrolled by data management policies. Extra capabilities to place data holds on archives, includinginteracting with external content management software. Both normal Spectrum Protect and Spectrum Protect for DataRetention support multiple storage pool types such as WORMtape. Some content addressable storage features such as NetAppSnaplock, Hitachi Content Platform, etc. are supported bySpectrum Protect for Data Retention.

How to add air gapped solutions to abackup hierarchy A modern backup engine with a disk-onlystorage pool layout will need to have itsprofile reduced and protective layersenabled, as outlined earlier. If desired to provide faster recovery of abackup engine, should it be attackedsuccessfully, disk-based components can besnapshotted. If greater levels of protection on its storagepool is desired, a copy of data can be takento different storage types. Spectrum Protect container pools supportencryption at-rest for both disk and object.DatabaseDiskbasedStoragePool

Evaluating Spectrum Protect Directory Container Pools using the 4 CriteriaLogical and Physical Separation (Isolation):The directory container pools themselves arepart of the data protection engine, and stored on a file system on that host (or networked file system).While the data protection engine can be secured, the storage cannot be considered isolated. DR Replicascan be created which can potentially increase isolation.Ease of Corruption or Destruction (Immutability):Node Replication/Protect Stgpool cancreate a single replica (multiples possible with custom scripting or future features), and the DR target(s)can have different security to help control infiltrator/insider destruction. One can also keep more versionsat the replication target(s). But, if the original data is corrupted or destroyed, the replicas can becompromised.Performance (Speed to meet RTO/RPO in different scenarios):Directory containerpools generally provide good recovery performance for traditional backup/restore.Ease of Reuse:Directory container pools are traditional backup repositories (which are deduplicaedand optionally compressed and/or encrypted). This does not yield itself to simple reuse scenarios,although automatic restores can be performed at DR/CR locations.

How to add air gapped solutions to abackup hierarchy A physical tape infrastructure canalso provide true air gap (media is notmounted on drive at all times). For the greatest possible amount ofair gap, a copy of the data can bemade and ejected from the tapelibrary. This can be combined withmedia rotation, to provide both airgap and DR protection.DatabaseDiskbasedStoragePool

How to add air gapped solutions to abackup hierarchy Tape provides a great deal of logical isolation: For backups, it is not a file system targeted byransomware Encryption/WORM features Physically offline, perhaps ejected from libraryand stored in vault. Tape can be very fast, if sufficient tape drives are implemented. Other benefits (low cost per TB, high density, low powerconsumption.DatabaseDiskbasedStoragePool

Evaluating Tape using the 4 CriteriaLogical and Physical Separation (Isolation): Tape offers the greatest level of isolation. Serial storagedevices are not targeted by automatic malware. The media is not automatically online, you can eject theon-site copy from the library, you can create multiple copies and physically rotate those to DR/CRlocations. The Vaulting options are more flexible with tape (it can be rotated to any secure location). Dueto the nature of physical tape media, an infiltrator/insider may not be able to logically delete/corrupt themedia without physical access to it.Ease of Corruption or Destruction (Immutability): Tape is inherently harder to corrupt due to its greaterisolation. It also offers encryption capabilities as well as WORM media options. Due to the nature ofphysical tape media, an infiltrator/insider may not be able to logically delete/corrupt the media withoutphysical access to it.Performance (Speed to meet RTO/RPO in different scenarios): Tape read/write performance makes it avery fast option for traditional backups (non-snapshot). But, if you wish high performance across multipletasks, you must have sufficient numbers of tape drives in the location(s) that requires this performance.Ease of Reuse: Since tape is exclusively used for traditional streaming backups, it is not particularlyeffective for simple data reuse. Automatic recovery of data at a DR/CR location can certainly be done, butthat will be slower and more complex than exploiting snapshots or disk replicas.

How to add air gapped solutions to abackup hierarchy A Virtual Tape Library can be added(Ransomware does not currentlytarget serial scsi/fcp device and theunderlying disk is not exposed). Some VTLs also support movingvirtual tape volumes to virtual storageshelves, so malware cannot directdata to those volumes. Some VTLs also provide additionalcyber-recovery capabilities such asimmutability.DatabaseDisk-basedStorage PoolVTL

Evaluating Virtual Tape using the 4 CriteriaLogical and Physical Separation (Isolation):Virtual Tape is somewhat isolated as serialstorage devices are not currently targeted by automatic malware attacks. The use of native replicationand its underlying constructs typically mean the media is logically offline, but an infiltrator/insider candestroy the backups without physical access.Ease of Corruption or Destruction (Immutability):Virtual Tape is more protected thandisk storage pools that reside on file systems but not as protected as physical tape. Support foremulating tape WORM or Encryption will vary, but given the nature of virtual tape it may not be valid.Some VTL vendors have begun offering proprietary, software-based immutability/WORM.Performance (Speed to meet RTO/RPO in different scenarios):Virtual Tape librariescan typically be a fast storage option for traditional backups, depending upon the VTL model Generally,VTL cannot be scaled to be as fast as physical tape (if sufficient tape drives are implemented).Ease of Reuse:Since VTL is emulating physical tape it is not particularly effective for simple datareuse. Automatic recovery of data at a DR/CR location can certainly be done, but that will be slower andmore complex than exploiting snapshots or disk replicas.

How to add air gapped solutions to abackup hierarchy An Object Storage tier can also beexploited, as RansomWare does nottarget object storage devices. Many Object Storage solutions havebuilt-in replication with multiplecopies of data retained by theunderlying object storage application.DatabaseDisk-basedStorage PooObjectStoragePool

6How to add air gapped solutions to abackup hierarchy IBM Cloud Object Storage can beused to provide a powerful ObjectStorage solution, with capabilitiesincluding Disaster Recoveryprotection and Retention protectedvaults ideal for use in Cyber Recoverycapabilities.DatabaseDisk-basedStorage Pool

Evaluating Object Storage using the 4 CriteriaLogical and Physical Separation (Isolation):Object Storage is somewhat isolated asobject storage layers devices are not currently targeted by automatic malware attacks. The use of nativereplication may mean there are dispersed or replicated copies in different locations.Ease of Corruption or Destruction (Immutability):Object storage may have immutabilityfeatures that prevent simple data destruction or corruption (such as COS retention vaults). Aninfiltrator/insider cannot perform surgical data destruction, but large scale destruction of the backupinfrastructure or COS itself may be possible.Performance (Speed to meet RTO/RPO in different scenarios):Object storage,especially cloud-based obje

Cyber Security Cyber security is designed to protect systems, networks and data from cyber crimes. Effective cyber security reduces the risk of a cyber attack and protects organizations from the deliberate exploitation of its assets. Business Continuity Business continuity provides the capability to

Related Documents:

Ceco Building Carlisle Gulf States Mesco Building Metal Sales Inc. Morin Corporation M.B.C.I. Nucor Building Star Building U.S.A. Building Varco Pruden Wedgcore Inc. Building A&S Building System Inland Building Steelox Building Summit Building Stran Buildings Pascoe Building Steelite Buil

Fundamentals of Protection Protection System – A complete arrangement of equipment that fulfills the protection requirements Protection Equipment – A collection of devices excluding CT, CB etc Protection Scheme – A collection of protection equipment providing a defined function. 34! Zones of Protection

akuntansi musyarakah (sak no 106) Ayat tentang Musyarakah (Q.S. 39; 29) لًََّز ãَ åِاَ óِ îَخظَْ ó Þَْ ë Þٍجُزَِ ß ا äًَّ àَط لًَّجُرَ íَ åَ îظُِ Ûاَش

Collectively make tawbah to Allāh S so that you may acquire falāḥ [of this world and the Hereafter]. (24:31) The one who repents also becomes the beloved of Allāh S, Âَْ Èِﺑاﻮَّﺘﻟاَّﺐُّ ßُِ çﻪَّٰﻠﻟانَّاِ Verily, Allāh S loves those who are most repenting. (2:22

BUILDING CODE Structure B1 BUILDING CODE B1 BUILDING CODE Durability B2 BUILDING CODE Access routes D1 BUILDING CODE External moisture E2 BUILDING CODE Hazardous building F2 materials BUILDING CODE Safety from F4 falling Contents 1.0 Scope and Definitions 3 2.0 Guidance and the Building Code 6 3.0 Design Criteria 8 4.0 Materials 32 – Glass 32 .

Solution to 79 Question 80 Solution to 80 Question 81 Solution to 81 Question 82 Solution to 82 Question 83 Solution to 83 Question 85 Solution to 85 Question 86 Solution to 86 Chapter 7: Cables Question 88 Solution to 88

managing such data). On 25 May 2018, the General Data Protection Regulation (GDPR) will replace the DPA. There is also a new Data Protection Bill being considered in Parliament. The Bill updates data protection laws in the UK, supplementing the GDPR, implementing the EU Law Enforcement Directive, as well as extending data protection

4.3.8 A Reference Library for data protection 28 4.3.9 Protecting privacy in the EU institutions 28 4.3.10 Transparency vs. protection of personal data 30 4.3.11 Data protection for social workers 33 4.3.12 A healthy approach to data protection 33 4.3.13 Partners in compliance 36 4.3.14 Catching up with the institutions: inspections and visits .