Wednesday, December 27, 2023

Ransomware protection with object storage

What is Object Storage?

Object storage is a highly adaptable and scalable solution for effectively handling massive volumes of unstructured data. Contrary to the conventional hierarchical file system, it structures data as objects—such as files, documents, or images—each with a unique identifier. With its ease of use, scalable design, and resilience against ransomware attacks, object storage has emerged as a favoured option for organizations in need of securely storing large volumes of data.

Object Storage Architecture: How Does It Work?

The fundamental difference between object storage and other traditional methods of storage is the way data is handled. In this case, data is kept as an object, which typically contains a unique ID, the actual data, and its metadata. The unique identifiers allow for the seamless location and retrieval of data without the need for hierarchical file structures or block mappings. This helps significantly increase the speed and efficiency with which data can be accessed.

Now, let us look at the 3 different layers that make up an object storage architecture: the data storage layer, the metadata index, and the API Layer:

Data Storage Layer

It is in this layer that the actual data is stored. However, the data is kept differently from that of other storage methods. Here, the data is distributed among multiple nodes to ensure redundancy, durability, and high performance.

Metadata index

This layer manages the metadata associated with each object. The metadata is everything you need to know about the data, such as who created it, creation data, access controls, and size. It is a vital component of the object storage architecture because it keeps a record of each object’s unique ID. The metadata is often stored in the database, making retrieval of data efficient.

API Layer

What’s really cool about the objects is that they can be accessed via APIs. This allows users and apps to store, retrieve, and manage data objects. Also, APIs enable developers to seamlessly integrate object storage into their apps.

Object storage vs file storage vs block storage

To better understand block storage, it is good to compare it against other popular forms of storage, such as file and block storage.

File storage

This is a hierarchical approach to storing data. It involves storing data in files, which are arranged in folders. The folders are then organized into directories and subdirectories. To locate a file in this type of storage, you will need to know the pathway from the directory through the folder and specific file. This information is included in the metadata that is attached to the file. File storage typically uses TCP/IP for transport, and devices use SMB protocol in Windows and NFS Linux.

Block storage

This technology is primarily used for storing data files in cloud-based storage environments or on SANS. In the cloud, it is typically implemented by attaching a virtual disk to a cloud-based virtual machine. Block storage breaks data into individual blocks, which are then stored as individual pieces. Each data block is given a unique ID, allowing the storage system to place the smaller data in the most efficient location. Block storage uses iSCSI or Fibre Channel for transport.

Object storage

Object-based storage involves breaking data files into individual chunks known as objects. These objects are then kept in a single self-contained repository and are shared across multiple cloud-based servers and network systems. Here, each object is given a unique ID, which apps can use to identify and retrieve objects when stored across a distributed system. The object also has metadata, which defines its characteristics and allows for easy retrieval. Object storage uses TCP/IP for transport, and the devices communicate via APIs and HTTPs.

Object Storage Benefits

So, let’s dive into the advantages that can be achieved by utilizing object storage:


Generally, object storage comes at a lower price point compared to traditional storage methods such as disk-based storage. Plus, many cloud storage providers adopt a ‘pay-as-you-use’ pricing model, which helps to forecast and optimize the total cost of the solution.

Ransomware Protection

As ransomware attacks are increasing, the matter of cybersecurity has become extremely important. Object storage can be a powerful defence against ransomware due to its very design. Thanks to file locking, versioning, and other security features, object storage makes sure that data won’t undergo any unwarranted changes without authorization. You can easily reduce the risks of any damage caused by ransomware attacks by incorporating object storage into your organization’s data protection strategy.


Block-level storage makes scalability easy as there are not many limitations with block or file storage. It is suitable for storing vast amounts of unstructured data like backups, videos, photos, etc.


Each object is stored with rich metadata, which can be customized to allow for detailed tagging, categorization, and management of data. Furthermore, the metadata is also used for more efficient data retrieval, management, and analytics.

API access and integration

Users and apps can easily access objects using APIs. This allows for easy integration with apps, web services, and cloud-native deployments. The most commonly used are RESTful APIs, which use standard HTTP methods, making integration straightforward.

Is Ransomware a Global Threat?

Ransomware indeed poses a global threat in today’s world. According to Black Fog, 2023 has seen the rise of ransomware everywhere, with individuals, businesses, and even governments being targeted. Elaborate techniques employed by cybercriminals enable them to infiltrate systems and encrypt the most valuable and protected data. This could potentially lead to a catastrophe, resulting in massive financial losses, business dead-ends, and the compromise of sensitive information. Every organization is actively enhancing its security measures and raising awareness so as to avoid such a fate. People and businesses alike must maintain a constant state of vigilance, stay informed about the evolving threat landscape, and take a proactive stance on safeguarding their data and, especially, backups.

Is Object Storage an Optimal Means for Ransomware Protection?

As we have already discovered, the concept of ‘write- once- read- many’ is the key to ransomware protection. Essentially, it ensures the immutability of stored data, which means that once data is written, it cannot be modified or deleted. Such a feature is inherent to the very design of object storage and provides a crucial layer of protection against ransomware. Even if cybercriminals gain access to the backup infrastructure, they still won’t be able to alter or encrypt the existing data, preventing them from holding it hostage.

Versioning capabilities of the object storage enhance its efficiency as an anti-ransomware solution even further. This feature basically allows storing multiple copies of the same object, each representing a different point in time. Even if your backups were to be compromised by a cyberattack, you could still freely access and use previous versions. You can also easily revert to a safe data version. That way, the damage is localized, and you do not need to pay the ransom.

And yes, seamless integration with existing backup infrastructure is, luckily, a thing. Admittedly, any organization has in place an existing backup system that requires integration and configuration, which proves to be a challenge with more backup solutions than you’d think. In our case, APIs and connectors practically allow backups to be directed to the object storage repository without any actual changes to the existing backup infrastructure. Such an approach guarantees a smooth transition to an updated backup system without disrupting the organization’s workflow or requiring extensive reconfiguration.

Object Storage Use Cases

Organizations have a lot to gain from using block storage. Here are some of the most common use-case scenarios for object storage:

Backup, archiving, and the “3-2-1-1 rule

One of the best ways organizations can archive data and store backups is by using object storage, thanks to its scalability, durability, and lower costs. Since each object has its custom metadata, businesses can easily ensure strict compliance with regulations and manage retention policies.

Now, to ensure that your backups are safe from ransomware attacks, another strategy needs to be implemented. The 3-2-1 backup rule has been a cornerstone in data protection for ages. It advocates for three versions of your data – the original and two extra backups. Two copies are kept on local, varying formats, while the third takes a trip off-site. The bonus’ 1′ in the 3-2-1-1 approach signifies something we call immutable storage. Once data hits this write-once-read-many (WORM) format, it becomes locked down, unchangeable, and out of reach from ransomware and similar threats. The cool thing? Most object storage solutions offer this kind of lockdown mode, complete with versioning and object locking, boosting the security of your long-term data storage.

Big data and analytics

Object storage is the best way to store vast amounts of unstructured data for big data processing and analytics. This information is then used by companies to gain valuable insights into customer behaviour and market trends.

Media storage and delivery

Object storage is the best option for storing and delivering unstructured data such as video, images, and audio. That is why it is often used by media companies, streaming services, and photo-sharing platforms.

Internet of Things (IoT)

Object storage is well-suited for storing and managing the increasing amount of data generated by connected IoT devices, thanks to its flexibility, scalability, and support for unstructured data formats.

What are the popular methods of ransomware protection for backups?

Currently, storing immutable backups in the cloud through Amazon S3 API is the most commonly used method of ransomware protection. It is equally effective as keeping them on-premises, but the differences lie in scalability, performance, and initial expenses. For many organizations, cloud-based immutable backups offer a more suitable solution, particularly for archiving and long-term retention.

How can StarWind Help?

For instance, one way to implement ransomware protection is through StarWind VTL, which can be configured to either seamlessly integrate into the existing backup infrastructure or to serve as a replacement for physical tapes. StarWind VTL allows full implementation of the 3-2-1-1 backup scheme with “WORM” backups stored on-premises and an “air-gapped” backup copy offloaded to cloud object storage such as Backblaze B2, AWS S3, Wasabi, or Azure. If you want to delve into the process, all the information is here.

For Veeam users, we have one more option in stock. StarWind VSAN is a software-defined storage that leverages Veeam Backup & Replication (B&R) v12 and XFS file locking, allowing the deployment of immutable backup storage (aka “Hardened Backup Repository”) in just a couple of clicks. This approach offers an alternative way to achieve immutability for backups without the need to use object storage. You can find more detailed information here.

In Conclusion

Practically, object storage is a great option if you are looking for data protection from ransomware and other threats. Immutability ensures that once a file is created, no modifications or deletions are possible. This feature acts as an effective safeguard against unauthorized access or tampering. Considering its useful features and efficiency, it’s safe to say that object-based storage will continue to be one of the main approaches to secure data backup in the future.

This material has been prepared in collaboration with Asah Syxtus Mbuo, Technical Writer at StarWind.

from StarWind Blog

No comments:

Post a Comment