Decentralized Storage in the Battle Against Ransomware
Overview: Ransomware has become one of the largest challenges facing IT organizations, consistently ranks as one of their top concerns. Protecting against and recovering from ransomware is a complex area, which typically involves several different strategies, solutions, and technologies. One emerging technology that may be of use in this battle against ransomware is decentralized storage used as a remote backup target.
Decentralized Storage in the Battle Against Ransomware
Analyst Take: What is the role decentralized storage plays in the battle against ransomware? That’s exactly what I set out to tackle here. Ransomware protection, as well as the broader category of cyber resiliency, is a difficult problem and one that requires a layered approach.
Among the many components in the battle against ransomware that require consideration is the resiliency of the technologies storing data – especially for backup copies. If a primary data source has been impacted by malware, it is quite possible that backup copies were corrupted as well. When considering a resilient backup architecture, it is important to consider the fundamental properties of the technologies used. While there are a variety of solutions used – including tape, object storage, and public cloud storage – newer decentralized storage technologies may become a key tool as well.
Backup Architecture, the 3-2-1 Rule, and Where Decentralized Storage Comes In
A good starting place for any backup architecture, whether focused on ransomware protection or otherwise, is the 3-2-1 rule or strategy. The fundamentals of the 3-2-1 strategy are well aligned with ransomware protection – multiple copies, utilization of different media, and a remote copy. The remote copy, in particular, can become a key factor in ransomware protection, and this is where I see decentralized storage playing a role. Traditionally, tape – which has strong fundamental anti-ransomware properties due to its ability to create an air gap – was commonly used as remote storage. However, we are seeing that public clouds are increasingly being utilized as an off-site copy, which can be problematic.
Public cloud storage often comes with a false sense of security. The common assumption is that data is securely in the hands of the public cloud provider, and that this public cloud provider is impenetrable to cyber attacks. While I certainly believe that public cloud providers try their best to keep things as secure as possible, it would be naïve to assume that relying on a public cloud is a silver bullet for avoiding ransomware.
Decentralized storage solutions, or “decentralized clouds” – solutions such as Filecoin, Storj, Sia, or Impossible Cloud – are capable of offering a similar remote storage option, with properties that provide increased security. The key difference between a traditional public cloud and a decentralized cloud is that the data in a decentralized cloud, as the name would suggest, is decentralized and spread out amongst numerous storage hosts. Depending on the exact solution, this may involve replication or erasure coding data across hosts. This solution provides decentralized storage with a unique anti-ransomware property built into the architecture of the solution. Since storage is distributed across hosts, even if one host becomes compromised with ransomware, the data can still be recovered from the other uncorrupted nodes.
Decentralized Clouds Should be Viewed as Another Tool for IT Teams
While public clouds shouldn’t be thought of as a perfect solution to ransomware, decentralized clouds shouldn’t either. The better way to think about this is that decentralized clouds can become yet another tool available to IT organizations in the ongoing battle against ransomware. Specifically, decentralized clouds offer an intriguing new option to the remote portion of a 3-2-1 data protection plan with additional anti-ransomware properties.
The distribution of data in a decentralized storage solution removes the single point of attack that is made available by storing data with a singular public cloud provider. While decentralized storage is a relatively new technology area, its potential as a backup target that provides additional ransomware protection may be a key factor in its future adoption.
Disclosure: The Futurum Group is a research and advisory firm that engages or has engaged in research, analysis, and advisory services with many technology companies, including those mentioned in this article. The author does not hold any equity positions with any company mentioned in this article.
Analysis and opinions expressed herein are specific to the analyst individually and data and other information that might have been provided for validation, not those of The Futurum Group as a whole.
Other insights from The Futurum Group:
Examining Decentralized Storage
Open Versus Closed Source: What is the State of Kubernetes Protection?
FBI 2022 Internet Crime Report Made Public by Internet Crime Complaint Center
Mitch Lewis is a research analyst at Futurum Research (formerly Evaluator Group) covering storage technologies, networking fabrics, private and public clouds, and emerging IT trends. Mitch brings deep technical knowledge and insight to the latest in data center and information management solutions providing valuable insights into the IT landscape for enterprises, IT pros, and technology enthusiasts.