5 Top Storage Security Predictions for 2023

Enterprise Storage Forum content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More.

Storage security and data protection have become so important that they are now regarded as being almost as vital as the actual storage of that data.

Of course, that isn’t the case. Nevertheless, the current cybersecurity battleground makes it appear that security is paramount.

It is clearly important, but it is there to serve the data stored and is not the central part itself. Thus, security must always be balanced with the functions of storing and feeding data to the applications that need it.

Here are some of the top trends in storage security and data protection for next year:

1. RAID Storage in Retail

Over the holiday season, shopping volume — online and in store — spikes up massively. And so does the volume of spam, scams, and cyberthreats.

Surya Varanasi, CTO of StorCentric, said that while retailers are well aware of the importance of uptime and data security, many continue to struggle, particularly during these high-stakes shopping periods. However, with inflation and a recession looming, they must ensure they can meet customer demand and their service expectations to capitalize on a time when consumers may be loosening their purse strings.

This is a time when data backup and data security best practices are critical. Today, many backup and security processes have become highly automated. But as ransomware and other malware attacks continue to increase in severity and sophistication, it is clear that proper cyber hygiene must include protecting backed up data, by making it immutable and eliminating any way that data can be deleted or corrupted, according to Varanasi.

A backup in an immutable, object-locked format takes it a step farther by storing the admin keys in another location for added protection. An additional best practice should include deploying a solution that includes policy-driven data integrity checks that can scrub the data for faults and auto-heals without any user intervention. High availability is also best ensured with dual controllers and redundant array of independent disks (RAID)-based protection, which can provide uninterrupted data access in the event of a cyberattack from any internal or external bad actors as well as a simple component failure.

“In this manner, recovery of data will also be faster, because RAID-protected disk arrays are able to read faster than they can write,” Varanasi said.

“Retailers can ease their worry about their ability to recover — and redirect their time and attention to activities that more directly impact maximizing opportunities at this time of year and all year long.”

See more: RAID 6 Explained

2. More Thorough Storage and Backup Scanning

The prevailing view is that storage and backup systems are largely immune to attack, as they are back-end systems and out of the view of cybercriminals.

That fallacy is forwarded by the fact that many vulnerability scanning and patch management tools focus their efforts on application and operating system (OS) vulnerabilities. However, they often do a poor job of finding storage misconfigurations, weaknesses, and unpatched common vulnerabilities and exposures (CVEs) sitting on storage and backup systems. Hence, these systems are becoming popular among cyber gangs as a way to enter the enterprise and find a way to breach a network.

“As more backups are infected with ransomware and more storage and backup vulnerabilities are used to infiltrate other enterprise systems, the word is slowly getting out,” said Doron Pinhas, CTO, Continuity.

“In 2023, we will continue to see well-known storage CVEs being exploited for criminal gain as organizations fail to implement available patches. Similarly, we will see cyber gangs continuing to exploit gaping holes in organizational security that can be traced back to well-publicized storage and backup misconfigurations.”

To lessen the damage, organizations are advised to focus on the protection of their data. Add new layers of protection across their backup and storage infrastructure to thwart efforts that bypass networking and endpoint security. Make it extremely difficult to tamper with backups and exfiltrate data.

See more: 5 Top Backup Security Trends

3. 3-2-1 Still Applies

The cloud has led to sloppiness in data protection. Just dump a copy in the cloud and all will be well — until it isn’t.

Either key data never reached the cloud, got infected somehow, or it costs a fortune to retrieve it all from the cloud provider.

Brian Dunagan, VP of engineering at Retrospect, said the basics still apply, such as the time-honored 3-2-1 backup strategy: always have at least three copies of data — two on site on different media and one in an off-site location.

Add to this the ability to detect ransomware as early as possible to stop the threat and ensure you can remediate and recover. Therefore, a backup solution is a must that includes anomaly detection to identify changes in an environment that warrants the attention of IT. Administrators must be able to tailor anomaly detection to their company’s specific systems and workflows, with capabilities such as customizable filtering and thresholds for each of their backup policies. And those anomalies must be immediately reported to management as well as aggregated for machine learning (ML)/analyzing purposes.

“The cost of downtime can be staggering, and while malicious or even careless employee actions can also present downtime and data loss risks, external bad actors are the most common threats,” Dunagan said.

See more: Is 3-2-1 Backup Still Relevant in the Era of the Cloud?

4. Faster Restore Times

There was a time when restore times were an afterthought. Some businesses were happy to wait a few days, if necessary, to get all their data back after an event.

But the tolerance for delays is waning. They want things recovered now, although they don’t want to pay a fortune for it.

“Restore times have become more important and continuity is paramount,” said Anand Babu Periasamy, co-founder and CEO, MinIO.

“CISOs and CEOs know that the attacks will not stop and that recovering from them becomes as important as securing the data from them.”

See more: 5 Top Data Recovery Trends

5. More Cyberthreats

Research from Kroll found that the financial toll suffered from a significant cyberattack amounts to at least $5 million per attack.

In about one-third of cases, it cost organizations between $10 million and $25 million; 16% said it amounted to more than $25 million.

According to the 2022 “Data Protection Trends” report by Veeam, 76% of organizations have already suffered at least one ransomware attack. What isn’t so well known is the fact that the cybercriminals targeted backups in 94% of these attacks. They know that if they infect backups, organizations are far more likely to fork over the ransom.

The obvious solution to this problem is to ensure that all backups are safeguarded effectively from malware. That is easier said than done. The only sure way is to create a backup, verify that it is free of ransomware, and then move it offline using a removable media, such as Linear Tape Open (LTO) tape to provide an air gap between online and offline systems. In other words, there is no direct connection possible between online hackers and where the data is securely stored.

“A tape air gap is not only smart from a data protection perspective, it also makes sound financial sense when storage and backup costs are compared to the staggering costs of an attack,” said Rich Gadomski, head of tape evangelism, Fujifilm Recording Media USA.

See more: 5 Top Trends in Tape Storage

Drew Robb
Drew Robb
Drew Robb is a contributing writer for Datamation, Enterprise Storage Forum, eSecurity Planet, Channel Insider, and eWeek. He has been reporting on all areas of IT for more than 25 years. He has a degree from the University of Strathclyde UK (USUK), and lives in the Tampa Bay area of Florida.

Get the Free Newsletter!

Subscribe to Cloud Insider for top news, trends, and analysis.

Latest Articles

15 Software Defined Storage Best Practices

Software Defined Storage (SDS) enables the use of commodity storage hardware. Learn 15 best practices for SDS implementation.

What is Fibre Channel over Ethernet (FCoE)?

Fibre Channel Over Ethernet (FCoE) is the encapsulation and transmission of Fibre Channel (FC) frames over enhanced Ethernet networks, combining the advantages of Ethernet...

9 Types of Computer Memory Defined (With Use Cases)

Computer memory is a term for all of the types of data storage technology that a computer may use. Learn more about the X types of computer memory.