Achieving Data Immutability in a Backup and Recovery Strategy

Follow the journey of Mirazon, a managed service provider, as it transformed its data backup strategy in response to new technologies and security challenges.

Karen D. Schwartz, Contributor

August 21, 2023

6 Min Read
data backup written on a key on a keyboard
Alamy

Backup used to be a straightforward process, even for companies like Mirazon, a managed service provider based in Louisville, Ky. Mirazon offers managed IT, cybersecurity, and consulting services to a diverse range of companies. Established in 2000, Mirazon’s growth has run in tandem with advancements in backup technology.

When CTO Brent Earls joined Mirazon in 2007, the company’s tech stack was pretty basic. Virtualization had yet to take off, and the company managed both its own backups and the backups of its customers with physical servers and BackupExec software. Data was backed up onto tapes, which were manually taken offsite on a daily or weekly basis. This traditional approach suited the company’s requirements at the time.

“The biggest thing we worried about back then was that the building would burn down or a tornado would hit,” Earls recalled. “We weren’t really worried about backups for cybersecurity.”

Fast-forward just a year or two, and significant changes began to take place. As the managed service provider (MSP) grew, the long, laborious backup processes became increasingly unwieldy.

Upgrading Data Protection and Cybersecurity Measures

In response to the changes, Earls spearheaded a switch to Veeam for data protection, along with a move to VMware virtualization technology. Although Veeam was only in Version 2 at the time (it has since progressed to Version 12), it made a substantial difference in terms of speed and efficiency.

Related:Rethink Your Data Storage Strategy: Cloud, On-premises, or Hybrid?

But the new setup wasn’t perfect. Since Veeam didn’t support tape storage, Earls introduced online backups through Amazon S3 and Wasabi cloud storage. The additions provided the data immutability he was looking for, but they created some challenges. In addition to varying and unpredictable costs, the online backups eliminated the offsite air-gapped backups that Earls considered critical for cybersecurity protection.

Today, data immutability is an absolute necessity, particularly within the context of cyber recovery, noted Christophe Bertrand, a practice director at research firm Enterprise Strategy Group. Data immutability plays a key role in protecting backups and other critical data, ensuring they can be recovered. “By going after backups, cybercriminals can remove any hope of recovering from an attack that encrypts, exfiltrates, or generally makes the data unavailable,” Bertrand explained.

Christophe Bertrand quote

Christophe Bertrand quote

Mirazon also had problems with ensuring timely cloud-based backups due to spotty internet access in the Midwest region. “Sometimes, [our customers] would be waiting days for backups to get to the cloud,” Earls noted.

Related:Why AI and BCDR Are a Natural Fit

Delays like this can happen when the network is involved during the backup or recovery process from the cloud, Bertrand said. “That’s where bandwidth issues can become an issue, especially when massive amounts of data are transferred,” he said.

More Problems Emerge

As data immutability became more critical, Mirazon found itself dealing with increased complexity. After the initial backup to a server, an additional step was required to copy the data to the cloud, as well as to a tape drive and external hard drive that could be taken offsite. In situations where Mirazon ran a disaster recovery site for its clients, the backups also had to be sent to the offsite location.

“Our initial backup would happen, but we weren’t immutable yet until we got it onto the tapes and external hard drive that was unattached, or to the cloud. That left us exposed,” Earls explained. “At one point, it could take as much as 24 hours after our initial backups that we got our first immutable copy. In a ransomware situation, we could have lost up to 24 hours of data.”

The volume of data Mirazon needed to store and back up grew exponentially as the company expanded.

“Recently, everybody is capturing everything,” Earls noted. “In manufacturing, for example, they are getting every single ticket, holding orders for a long time, and scanning things as they go out the door multiple times.”

With storage dynamics changing and ransomware becoming endemic, customers began to understand why Mirazon continuously reevaluated and upgraded its backup strategy.

“Customers get it now,” said Dustin Lamkin, systems engineer at Mirazon. “We’ve had so many clients get hit with ransomware or know someone who has been hit, so they are very much backup and disaster recovery-centric now. They want to know their data is protected.”

Lamkin added that Mirazon tries to craft innovative backup and recovery methods. That kind of creative thinking led the company to develop a solution that reintegrated an air-gapped offsite copy into its strategy. It called for some out-of-the-box thinking since, although Veeam was an effective tool, it didn’t integrate with any on-premises technology that would enable Mirazon to store a data copy elsewhere.

Inspiration Hits

About two years ago, Earls came across a startup freshly out of stealth. The company, Object First, offered an on-premises backup product called Ootbi that incorporated immutability. Ootbi was backed by and integrated with Veeam, which allayed Earls’ concerns about partnering with a startup. He conducted a feature and cost analysis, comparing Ootbi to Amazon S3, and determined Ootbi to be preferable.

To test Ootbi’s resilience, Earls’ team procured a beta unit and immediately tried to break it. Over a few months of deliberately trying to delete data, he realized that he couldn’t. He then put Ootbi into Mirazon’s production environment. In the new setup, Veeam uploads data to the on-premises device and simply designates the backup as undeletable for a specified number of days before sending it off.

“We use it just like it’s normal backup,” Earls said. “We don’t have to copy it to the cloud or another device. It can be our primary backup source. As our primary backups run, they are immediately immutable, so there is no gap waiting for it to copy somewhere else.”

The Backup and Recovery Journey Continues

All this marked just another step in what is likely to be an ongoing backup evolution for Mirazon.

Earls is currently focused on trying to streamline backup for customers’ cloud-based applications and workloads. The challenge is that companies often subscribe to cloud services without verifying how they are backed up. “[The cloud service providers] say, ‘Sign here, and we’ll take care of everything,’ but [customers] are essentially giving up stewardship of their data,” he said.

In addition to educating Mirazon’s customers on this issue, Earls and his team are seeking a way to guarantee reliable recovery of cloud data if an incident like ransomware occurs, which could potentially erase that data. The key, he said, is that customers or their service providers have a means of recovering the data.

About the Author

Karen D. Schwartz

Contributor

Karen D. Schwartz is a technology and business writer with more than 20 years of experience. She has written on a broad range of technology topics for publications including CIO, InformationWeek, GCN, FCW, FedTech, BizTech, eWeek and Government Executive

https://www.linkedin.com/in/karen-d-schwartz-64628a4/

Sign up for the ITPro Today newsletter
Stay on top of the IT universe with commentary, news analysis, how-to's, and tips delivered to your inbox daily.

You May Also Like