Does Cloud Immutability Guarantee a Restore Point?

*This article was 100% human written by the author, Linus Chang.

TL;DR summary

Cloud immutability is absolutely vital for achieving the highest level of cyber-resilience, but surprisingly to many, it’s not a magic wand that will get you there automatically.

Instead, think of cloud immutability as the fundamental building block – reliable cloud storage that will be ready for you when you need it, even if a hacker has broken in and deleted the data.

On top of this storage sits a stack of technologies that must work together in unison – using the right backup software that supports immutability, with the correct backup configuration, running on your systems.

It’s the combination of this stack that will give you a dependable restore point, and the highest level of cyber-resilience.

Table of Contents

1. What problem does Cloud Immutability solve?
2. The role of backup software
3. The role of the cloud storage provider
4. Who should consider cloud immutability?
5. Are there downsides?
6. Putting it together

What problem does Cloud Immutability solve?

There’s a very real problem that cloud immutability is designed to solve: to stop hackers from holding you to ransom.

Let’s try to understand this by drawing out the components of a backup system:

The key weakness is that underpinning the entire backup system is the backup storage layer. For a variety of reasons (which I’ll write about in other articles), hackers nearly always try to attack the backup storage layer and irrevocably delete the backup data. Then the hacker can install ransomware on the live I.T. systems, leaving the victim locked out of their own data, with no backup and no option other than to pay the ransom.

Cloud immutability solves this problem by implementing a write once, read many (WORM) method of storage. Once data is written to the backup storage, it is automatically locked and protected from harm. If an attacker subsequently deletes the data, it looks like it’s deleted, but actually it’s just hidden from view – past versions of that file are still there and can never be purged manually.

Each storage provider implements the fine details in slightly different ways, but what’s common is that the data will be preserved for a minimum time period, known as the retention period. And the retention periods can only be modified upwards, preventing the attacker from setting it to 0 days (which would then trigger imminent deletion).

In practical terms, if you set the retention period to 180 days, it gives you 180 days to realize you suffered some data loss. That’s ample time and opportunity to do a restore.

The role of backup software

Immutable cloud storage mitigates against the attack on underlying backup data at the storage level. However, you should think of it like it were a bank vault – while it’s a secure container, it’s up to you to put your jewels inside it.

So, in order to get a dependable restore point, you need to ensure you’re putting in the right data into the cloud vault. That’s where backup software comes in. Business-grade products like BackupAssist will:

1. Take point-in-time snapshots of your systems and applications (GB or TB in size).
2. Break down those snapshots into individual bite-sized chunks of data suitable for cloud storage (generally MB in size).
3. Apply deduplication, compression and encryption to those chunks.
4. Store those chunks on immutable cloud storage, setting retention dates based on the backup configuration and policies.
5. Maintain catalogs of the data to provide search and restore functions, and storing those catalogs on immutable cloud storage.

And the entire process runs in reverse when performing a restore.

Provided the backup software does not malfunction (for example, backups could be repeatedly interrupted due to unstable internet connection), and it was configured properly by suitably knowledgeable I.T. staff, then the combination of immutable cloud storage and your backup software will give you dependable restore points.

A simple example

Let’s say a dental clinic backs up its data to an Amazon S3 bucket using BackupAssist Classic, and cloud immutable storage. Let’s also assume that at least one full backup has been completed and the backup software is configured to keep backups for 180 days.

Now let’s also say:

1. A hacker has managed to compromise the network of the dental clinic.
2. The hacker also discovered the credentials to the cloud storage account.
3. The hacker deleted all data in the S3 bucket used for backup storage.
4. The hacker changed the configuration of BackupAssist to delete the backup job.
5. No other backup jobs were running (which is not best practice – it means backup eggs were in the same basket).

Without cloud immutable storage, the dental clinic would be vulnerable and would likely have to pay a ransom – with Step 5 meaning all eggs were in one basket, and Step 3 meaning that one basket was destroyed.

With cloud immutable storage, the dental clinic has a dependable restore point. You can simply install BackupAssist on a new computer, point it to your S3 bucket, and it will automatically detect historic backups and past versions, even if the bucket looks like it’s empty.

The role of the cloud storage provider

When relying on immutable cloud storage, you’re relying on the cloud provider’s infrastructure as well. Such factors include:

1. The software implementation of immutable storage
2. The hardware – RAID arrays, power, networking
3. Any backups or replication that the cloud provider does behind the scenes
4. Service availability – which really matters because the service must be up at the time of backup and restore.

All these factors are wrapped up into two key figures known as durability and availability. Taking Amazon S3 as an example, and assuming you’ve got 1TB of data, split into 1MB chunks:

• Durability: 99.999999999% (one in a million chance you’ll lose a 1MB of data per year)
• Availability: 99.99% available over a given year (down for up to 52.56 minutes per year)

In non-technical terms, you’ll have a higher chance of getting struck by lightning multiple times than losing data.

Nonetheless, there is always the risk of the cloud provider facing force majeure events such as natural disasters, acts of war, and so on.

Who should consider cloud immutability?

Most likely, you’ll have one of these needs:

1. Business risk mitigation – backing up to immutable cloud storage is inexpensive; paying a ransom is crippling.
2. Compliance – for example, many countries require medical records to be retained for 6+ years.
3. Certification – you may need to pass certain compliance certification tests. In my home country, Australia, cloud immutability is a key component of achieving ASD Essential 8, Maturity Level 3.

In my view, the case for using immutable cloud storage is compelling. (And yes, I’m impartial – I’m not affiliated with any cloud storage vendor.)

Are there downsides?

Yes. But they’re minimal.

In our testing, we project that there’ll be a modest increase in data storage costs – less than 10% increase for typical clients. We have not seen any noticeable performance costs.

In the coming months, we’ll conduct some comprehensive tests and report back. If you don’t want to miss any news, subscribe to our newsletter –

Putting it together

Coming back to the original question: “Does Cloud Immutability Guarantee a Restore Point?”

Benjamin Franklin once said, “… in this world nothing can be said to be certain, except death and taxes.”

I’ll confidently say that the combination of the right backup software with cloud immutability is as close to a guaranteed restore point as I’ve seen in 24 years in the industry.

It’s more dependable than many technologies we’ve had in the past. And in the future, I’m sure I’ll hear far more stories where backups to immutable cloud storage end up saving the day, than people complaining about the costs.

Until next time – stay safe, and stay cyber-resilient!