Is your data backup as secure as you believe? It appears not, according to a report from Continuity, which reveals an average of fourteen vulnerabilities in enterprise storage and backup devices, with three posing high or critical risks. Issues such as insecure network configurations, overly broad access permissions, and weak user management and authentication practices are not uncommon. You’re in the same boat as many if your organization exhibits any of these problems. The primary vector for ransomware attacks, as highlighted by the Veeam 2022 Ransomware Trends Report, involves exploiting unaddressed flaws in storage and backup systems, with backups being the target of more than 90% of cyber-attacks. In the last year, 85% of companies experienced at least one ransomware incident, causing significant concern among top executives. Despite 87% of these companies adopting a risk management strategy to guide their security efforts, only 35% are confident in its effectiveness.
Furthermore, the adoption of immutable storage is on the rise, but without appropriate security protocols, it may offer a misguided sense of security. Immutable backups alone are not a complete solution for protecting corporate data. According to Microsoft, 69% of companies worry about data backups occurring outside their regional boundaries. The focus should not solely be on immutability but also on ensuring data sovereignty and hyper-resilience in backup solutions that adhere to the 3-2-1 backup principle, an approach exemplified by solutions like Cubbit.
The 3-2-1 backup rule: what it is and why it’s so important
Originally introduced by American photographer Peter Krogh, the 3-2-1 backup rule advises maintaining three copies of your data across two different storage types, with one copy stored remotely to aid in disaster recovery. The Cybersecurity and Infrastructure Security Agency (CISA) recommends adopting the 3-2-1 strategy to improve the likelihood of restoring data that’s been lost or corrupted.
Why is adhering to the 3-2-1 rule crucial? Essentially, it reduces the chances that a single unexpected incident could result in significant data loss. Storing all your data on a single type of media is risky; any harm to this storage medium could mean losing your data. Similarly, without a backup located off-site, a local disaster could permanently cut off access to your data.
Cubbit: the hyper-resilient, sovereign backup based on the 3-2-1 backup rule
Cubbit represents Europe’s pioneering approach to geo-distributed cloud object storage, setting itself apart from conventional cloud storage solutions that rely on centralized data centers. By encrypting, fragmenting, and dispersing data across a geo-distributed network, Cubbit offers a robust defense against cyber threats and localized calamities. This design inherently incorporates the principles of the 3-2-1 backup rule, ensuring that all data copies are stored remotely across a decentralized, peer-to-peer network spanning various locations, such as across Germany.
This innovative framework allows organizations to mitigate cyber risks while guaranteeing data recovery capabilities. Unlike traditional cloud storage, where data becomes unreachable if the data center encounters issues, Cubbit’s model eliminates the risk of a single point of failure by storing data fragments across multiple nodes. Even if a node were compromised, the data, being encrypted and only partially stored on any given node, would remain secure and indecipherable. Cubbit enhances data protection further with features like Object Lock and Versioning, safeguarding against data theft, ransomware, and natural disasters.
Gartner recognizes the shift towards geo-distributed storage as a key technological trend, emphasizing digital sovereignty that empowers customers to manage their data, infrastructure, and expenses more effectively.
Cubbit enables clients to repurpose existing onsite infrastructure, leading to considerable savings in costs and CO2 emissions (up to 25 kg of CO2 saved per terabyte stored). Its compatibility with S3 technology facilitates seamless and free data migration for users, integration with widely-used backup solutions such as Veeam, Naviko, LucidLink, and compatibility with hybrid cloud and NAS systems like QNAP and Synology.
Moreover, Cubbit supports geofencing, allowing for precise geographic limitations on where data is stored, in full compliance with data protection regulations like GDPR, CCPA, ACN (formerly AgID), and ISO standards.
Creating an off-site backup of your NAS with QNAP and Cubbit
Creating a backup of your data in a location separate from your main storage is a crucial strategy for data protection. This section guides you through the steps to establish an off-site backup for your Network Attached Storage (NAS) by leveraging QNAP Hybrid Backup Sync together with Cubbit’s geo-distributed cloud storage solution.
Prerequisites
Sign up for a Cubbit account. After your account is created, proceed to the Cubbit Web Console to create your access and secret keys. It’s important to securely store these keys, as they are necessary for the setup process.
Installation
Navigate to the QNAP AppCenter on your NAS.
Locate and install QNAP Hybrid Backup Sync.
Configuration
Launch QNAP Hybrid Backup Sync from the QNAP interface. Select Backup & Restore. Click on Create and then on New backup job.
Select the folders on your NAS you wish to back up and click Next.
Now, set your backup destination. Choose Cloud Server and then S3 Compatible, then click on Add new account.
Fill in the S3-Compatible object storage configuration fields as shown below:
- Service provider: S3 Compatible
- Server address: s3.cubbit.eu
- Signature version: v2 or v4
- Fill in the access key and secret key from your Cubbit account.
- Check the box for Use SSL connection.
- Click on Create.
Backup Job Creation
Once the S3 Cubbit endpoint is configured, a new backup job can be created.
- Select the newly created S3 endpoint (S3-Cubbit) from the list.
- Bucket name: select a previously created bucket or create a new one.
- Multipart Size: Leave the default value at 128 MB or adjust as needed.
- Click on Select.
NOTE: The value of 128 MB refers to the single part that makes up the multipart upload. Setting this value to 128 MB will theoretically allow uploading up to 1.28 TB maximum size per single file since the maximum number of parts that make up a multipart upload is 10,000. Increase this value if you plan to upload single files larger than 1.28 TB in size.
Choose the destination path within the previously selected bucket, or leave blank if desired, then press Next.
If you wish to start the backup immediately, check the Back Up Now box, or schedule a preferred date and time, then press Next.
Set any filters and exceptions on the file extensions to be backed up if needed, then press Next.
Confirm the creation of the backup job by clicking on Create.
Your backup job will now commence, transferring your data securely to Cubbit’s geo-distributed cloud storage.
You have now successfully created an off-site backup of your NAS, adhering to a prudent data protection strategy.
Want to know more about Cubbit? Start a free trial right away, no credit card is required.
