Intelligent CIO Europe Issue 47 - Page 85

Object storage can also be leveraged to make data immutable , without the drawbacks of tape . A feature known as Object Lock is supported in select object storage systems and uses WORM ( Write Once Read Many ) technology to make backup data copies immutable for a set time frame . Once backup data is written , it cannot be changed or deleted until the time is up , meaning hackers can ’ t encrypt the data and a clean copy is available for quick and easy restore if an attack occurs . Object Lock works the same onpremises , in a private cloud or in the public cloud .
How are we protecting data at-rest ?
Data theft is increasingly common today . Hackers threaten to expose a company ’ s proprietary information unless a ransom is paid . To protect your data from theft , it ’ s essential that it be encrypted on the storage device . CIOs would be wise to deploy AES-256 encryption – the specification established by the US National Institute of Standards and Technology ( NIST ) – using a system-generated encryption key ( regular
SSE ) or a customer-provided and managed encryption key ( SSE-C ). This allows the upload and download requests to be securely submitted using HTTPS , and the system does not store a copy of the encryption key .
How are we protecting in-flight data ?
It ’ s common for data to be breached through ‘ eavesdropping ’, where hackers ‘ listen ’ to data communications , looking for passwords or other information being transmitted in plaintext . CIOs must
To avoid having to pay the ransom to decrypt data , organisations must ensure they have an immutable backup copy of data that can be restored in the event of an attack .
www . intelligentcio . com INTELLIGENTCIO EUROPE 85