Protect. Detect. Recover. Together, this trifecta of capabilities creates the foundation of a powerful cyber resilience strategy. The three capabilities are equally important, but protecting and being able to quickly recover data when a cybercriminal breaks through your detection barrier are crucial to the ability of your business to survive an attack. Even if your data resides on a public cloud platform like Google Cloud (which uses some of the industry’s strongest data security technologies), you are still responsible for making sure that your data is protected and recoverable. Fortunately, NetApp® SnapshotTM technology is here to save the day (and your data).
When you use NetApp Cloud Volumes ONTAP® or NetApp Cloud Volumes Service for Google Cloud, you have access to the built-in data protection features that NetApp ONTAP data management software provides. And Snapshot copies are at the heart of ONTAP data protection. But what are Snapshot copies, and what’s so magical about them?
NetApp Snapshot copies are read-only, point-in-time file system images. They take only a few seconds to create, regardless of the volume size or the level of activity on the NetApp storage system. These images work like pointers to the actual data blocks, and common data blocks are shared with the live or active volume. If new data is written to the active volume or data is overwritten, a new data block is created and the Snapshot copy retains its pointer to the original data block. Because common data blocks are shared, the amount of storage you need to store your copies is minimal, which translates into huge savings in storage capacity. The following figure illustrates how this works.
Now that you understand how NetApp Snapshot copies work, you might wonder what all that has to do with better cyber resilience. Because Snapshot copies are low overhead and quick to create, you can take copies frequently (once a day, four times a day, every hour—however often your business requires). The more frequent your copies, the more likely you are to have up-to-date copies of data to recover from—and therefore minimal data loss.
Suppose that your detection software identifies an unauthorized user trying to access your data. You can block that user and instantly create a Snapshot copy of your data at that point in time. Now you have a copy of data that is as current as possible in case you need to use it for recovery. If your data has already been compromised before you can take the copy, no worries—you have multiple versions taken at regular intervals. That means you can go back in time to the version that has the most recent, uncompromised data and restore from there.
Another invaluable feature of NetApp Snapshot copies is their innate immutability. They can’t be changed. This is especially important because an increasing number of ransomware attacks involve attackers encrypting your data and holding the key hostage. Immutable Snapshot copies cannot be encrypted, corrupted, or otherwise compromised by attackers.
Snapshot copies are great on their own, but by combining them with other data protection features that are native to NetApp ONTAP, you can be sure that your data is safe from loss.
For example, even though NetApp Snapshot copies are immutable, they can still be deleted by outside attackers or rogue administrators. But WORM file locking powered by NetApp SnapLock® technology makes your Snapshot copies indelible as well. They are still easily accessible (whether you store them on premises or in Google Cloud) in case you need to recover your data, but they cannot be deleted either by accident or by malicious intent. That doesn’t mean you're stuck storing decades-old copies forever. You can set retention times after which a trusted administrator can delete copies that are no longer needed.
With your Snapshot copies fully protected, you can start to think about the safest place to store them. With NetApp SnapMirror® software you can leverage your copies to replicate data between multiple sites. If your data is stored on premises, you can replicate to Google Cloud. If your data is already in Google Cloud, you can replicate to another region. If you are using Cloud Volumes ONTAP, you can replicate your data from Google Cloud to on-premises storage. Whatever you choose, you know that your Snapshot copies are safely stored in case you are the target of a cyberattack.
Finally, one of the greatest benefits of NetApp Snapshot technology is its rapid recovery capability. When a cyberattack hits, the most damaging financial impact of the attack is not the ransom demand. It’s the downtime that results from the attack. The cost of downtime is estimated to be $9,000 per minute, or $500,000 per hour. When you recover your data using your Snapshot copies and NetApp SnapRestore® data recovery software, you can restore data and be back to business in seconds—instead of the hours or days that other solutions may require.
Fast, efficient, tamper-proof NetApp Snapshot copies are the foundation of a strong cyber resilience solution. To learn more about the magic of Snapshot technology for cyber resilience and Google Cloud, see the Google Cloud data protection overview.
Jason is a business and marketing professional with over 20 years of product marketing, product management, and corporate finance experience. Since joining NetApp in 2008 he has been focused on SAN and NAS storage, backup and disaster recovery solutions, and cloud data services. When not in the office, you can find him cycling, cooking, enjoying time with family, and volunteering at his church and in the community.