The 3-2-1 Data Protection Best Practice involves making three copies of the data on two types of media with one of those copies stored offsite. Designed and developed by QStar Technologies, this technique is internationally acknowledged as one of the top data protection best practices and is used to protect sensitive data by numerous government agencies in the United States. QStar Active Archive protects data without backup by ensuring all data is available in at least one additional place (preferably two additional places). Archive Manager can create these three copies, using a single archive technology (tape or cloud only).
To support multiple archive technologies, QStar developed Archive Replicator, an enhancement of Archive Manager that allows replication of data to up to four different types of storage technology (choosing from Tape Library, Object Storage, Cloud, Optical Library or Disk Storage). The archives may be grouped together at a single site or dispersed to separate geographical locations. Archived data is replicated and written synchronously to each of the stores employed.
Another Archive Manager enhancement is Data Director, which employs physical synchronous block-level mirroring technology using its proprietary TDO media format (normally between two identical archive technologies – such as two tape libraries) and ensures that data is continually written to two storage systems located within a single or geographically-remote site(s). QStar understands that individual organizations have unique requirements for their data. By offering advanced feature options such as data replication, real-time mirroring, file encryption and digital signature, additional levels of security can be added for their archived data protection in order to create an extremely secure, disaster-proof environment. Our team understands 3-2-1 data protection, storage and solutions for your enterprise. For assistance work with QStar today.
Safe from Ransomware
In recent years we have seen an enormous growth in criminal activity via malware, hacking and, above all, ransomware. This last is an incredibly effective addition to the already vast category of cyber threats that have been around for some years. Sadly, criminal activity is evolving as fast as data protection. It is quite impossible to feel safe just by installing software, even of the latest generation, to protect against such criminality. These days we need top level security measures that go beyond the traditional systems. News stories abound of organizations that have spent millions of dollars in infrastructure security only to fall hopeless victims to attack. Ransomware comes in a variety of forms. Lock-screen ransomware, as the name suggests, causes the PC to freeze and show a message demanding payment, making the computer unusable until the malware is removed. While this is a nuisance for users, it generally only involves a single PC, and is usually relatively easy to remove. The rapidly emerging ransomware cryptography, on the other hand, is a gigantic threat to companies since it can permanently block the whole corporate network. Files remain encrypted until the company pays up to receive the decryption key – always assuming that the criminals actual hand it over once they have been paid. The immediate question this raises is how can we trust such people? Not to mention the worry that decryption might not even work after paying a ransom. Companies that have suffered an attack, and unfortunately there are plenty of them, as so often happens realized too late that they had underestimated this increasingly widespread danger. Backup protection is one of the most basic ways to systematically combat the threat, but it is not sufficient on its own. Today’s company backups use storage systems with data deduplication based on hard disks and usually an internal embedded Linux server to manage the actual deduplication system, that can be easily attacked, blocking all backups! Even in the most fortunate of cases, backups do not save very recent data, so data loss is in any case inevitable. QStar has developed a specific technology and 3-2-1+1 methodology to protect customers from ransomware attacks thanks to a super secure archive that does not allow direct access to its content.
Duplicating data in different geographical locations is the safest way of ensuring business continuity in the event of disaster, even though this is the most cumbersome method. This requirement, that in some cases has also become a legal obligation, forces businesses to not only acquire and run another expensive infrastructure for the secondary site, but also incur additional running costs for its upkeep (energy, air conditioning, maintenance, upgrades, etc.). QStar Disaster Prevention lets you drastically reduce the cost of setting up a disaster recovery site using architecture designed to guarantee data integrity and business continuity at a fraction of the cost of conventional architecture produced for such purposes. By making all the mirrored devices self-contained, Data Director (DDR) software module provides the means for disaster prevention and recovery. Any device in the storage hierarchy can be completely rebuilt from the mirror device, thus providing enhanced protection from data loss.
QStar Network Migrator (QNM) is a policy-based tiered storage and data lifecycle manager. QNM software uses advanced policy management to monitor and automatically migrate, copy or move less frequently used files from primary storage to tiered storage or to a central archive or Cloud. By migrating static or less frequently used files to lower cost storage such as Tape Libraries or Cloud, businesses can optimize the use of primary storage, reducing the need and costs associated with purchasing more. In addition, when data is managed properly and only the most recent or frequently changing files are included in the backup process, the backup window will be reduced.
QStar Network Migrator software can be easily installed on a Windows or Linux server. Agents are available for each server managing data, whether it is Windows, UNIX, Linux or Mac. QNM also supports a variety of API sets to integrate with “closed” file systems.