Virtual Event Now Live: Zero Trust Strategies Summit! - Login for Access
Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Ransomware

Google Introduces ‘Air-Gapped’ Backup Vault to Thwart Ransomware

“It’s critical to not only back up your critical workloads, but also to secure those backups against subsequent modification and deletion.”

Google Cloud

Google has fitted a new backup storage vault feature into its flagship cloud service to help organizations protect backed-up data from crippling ransomware attacks.

The new feature is promising immutable (preventing modification) and indelible (preventing deletion) backups, securing data backups against tampering and unauthorized deletion

The new utility, being added to the Google Cloud Backup and Disaster Recovery (DR) service, is meant to combat ransomware attacks that target backed-up data during encryption and extortion cyberattacks.

“Backups often represent the last resort for recovery when production data becomes unavailable or untrusted,” Google said in a note describing the feature. “It’s critical to not only back up your critical workloads, but also to secure those backups against subsequent modification and deletion. Backup vault provides secure storage for backups.”

The company said backup vault data is stored in a Google-managed project and is logically air-gapped from an organization’s self-managed Google Cloud project. 

“The underlying backup vault resources are not visible or accessible to users in your organization, which prevents direct attacks against those resources,” Google said.

“When creating a backup vault, you can specify that vaulted backups must be strongly secured against modification and deletion until the administrator-specified minimum enforced retention timeframe has elapsed. This layered protection enables you to deliver on backup immutability (security against data modification) and indelibility (security against data deletion) objectives, which are often driven by security initiatives or by regulatory compliance requirements,” Google added. 

The company touted reliable and flexible recovery of data via vaulted backups that are  self-contained and enable recovery even when the source resource is no longer available. 

Advertisement. Scroll to continue reading.

“Backup vaults can be created in a project that differs from the source project (e.g., the project where a protected Compute Engine VM is running), thus ensuring that backups remain accessible even if the source project or resource is no longer present. As a result, you can configure your backup policy to provide strong resilience against source project deletion,” the cloud provider said.

The new utility also supports immediate recovery of production applications to pre-existing or newly-created projects, including recovery into projects configured as isolated recovery environments (IREs) for pre-recovery testing/forensics in the aftermath of a ransomware attack.

The backup vault feature supports protection for Compute Engine VMs, VMware Engine VMs, Oracle databases, and SQL Server databases.

Related: Google Cites ‘Monoculture’ Risks in Response to Microsoft CSRB Report

Related: Phil Venables: ‘I’m short-term pessimistic, long-term optimistic’

Related: Google Pushes Rust in Legacy Firmware to Tackle Memory Safety Flaws

Related: Google Acquires Siemplify in Ambitious Cybersecurity Push

Written By

Ryan Naraine is Editor-at-Large at SecurityWeek and host of the popular Security Conversations podcast series. He is a security community engagement expert who has built programs at major global brands, including Intel Corp., Bishop Fox and GReAT. Ryan is a founding-director of the Security Tinkerers non-profit, an advisor to early-stage entrepreneurs, and a regular speaker at security conferences around the world.

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join SecurityWeek and Hitachi Vantara for this this webinar to gain valuable insights and actionable steps to enhance your organization's data security and resilience.

Register

Event: ICS Cybersecurity Conference

The leading industrial cybersecurity conference for Operations, Control Systems and IT/OT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.

Register

People on the Move

Former Darktrace CEO Poppy Gustafsson has joined the UK government as Minister for Investment.

Nupur Goyal has joined cloud identity security and management solutions provider Saviynt as VP of Product Marketing.

Threat intelligence firm Intel 471 has appointed Mark Huebeler as its COO and CFO.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.