Slashdot Mirror

← Back to Stories (view on slashdot.org)

Companies Are Once Again Storing Data On Tape, Just in Case (marketwatch.com)

Posted by msmash on from the fighting-back dept.

An anonymous reader shares a report: To stay up to date in the battle against hackers, some companies are turning to a 1950s technology. Storing data on tape seems impossibly inconvenient in an age of easy-access cloud computing. But that is the big security advantage of this vintage technology, since hackers have no way to get at the information. The federal government, financial-services firms, health insurers and other regulated industries still keep tape as a backup to digital records. Now a range of other companies are returning to tape as hackers get smarter about penetrating defenses -- and do much more damage when they do get in. Rob Pritchard, founder of the Cyber Security Expert consulting firm and associate fellow at the Royal United Services Institute think tank, has noticed the steady resurgence of tape as part of best-practice backup strategies. "Companies of all sizes must be able to restore data quickly if needed," he says, "but also have a robust, slower-time, recovery mechanism should the worst happen." Mr. Pritchard, who works with a range of organizations to improve corporate cybersecurity practices, says: "A good backup strategy will have multiple layers. Cloud and online services have their place, but can be compromised."

21 of 199 comments (clear)

  1. Tape? by DontBeAMoran · · Score: 5, Informative

    Apart from what I assume is a lower cost, is there any reason to use tape instead of just doing a rotation of RAID systems and disconnecting the unused ones?

    --
    #DeleteFacebook
    1. Re:Tape? by redmid17 · · Score: 5, Informative

      Reliability, portability, and length of time the data can be stored, possibly speed. LTO-4 and lower is definitely going to be slower. LTO-5+ might be faster for writing depending on the RAID setup.

      Pretty much the reasons you would use tape in the first place.

    2. Re:Tape? by houstonbofh · · Score: 5, Informative

      Hard drives do not like to sit powered off. In 3 to 5 years the fail rate is significant. Tape is fine for that. I have restored 40 year old tapes.

    3. Re:Tape? by whizzter · · Score: 3, Interesting

      But would that really apply for tapes capable of storing "modern" amounts of data?

      At thousands times more data the density would need to be high enough that cosmic radiation should start affecting tape also?

    4. Re:Tape? by arth1 · · Score: 5, Informative

      By design, tapes are sequential append, not random write. That makes it much harder to modify data. For tape stations that can be set to not allow programmatic rewinding, but tapes have to be physically cleared for rewind, it's even more of a security benefit this way.

      Much like some of us like having important system logs go to an unbuffered dot matrix printer in dumb mode - there's no way to undo what's already written like a local log, no way to DoS logging to a remote syslog server, nor kill the print job while it's buffering, like a modern page based printer.

    5. Re:Tape? by Anonymous Coward · · Score: 3, Interesting

      RAID is not archival grade, and unused hard drives tend to die. SSDs do not have a long archival life because the electrons escape the gates. Once the threshold between a zero and a one is too close, the data is gone, beyond any hope of recovery.

      Tape, on the other hand is archival grade. Unlike the garbage in the 1990s like 8mm, 4mm, and QIC, DLT and LTO have a long working life. In fact, at one place I worked for for five years, out of tens of thousands of tapes, I've seen two have hard write errors, and zero with hard read errors. So, out of the petabytes of LTO-3 to LTO-7 data, those are good odds.

      Tape isn't that expensive for the enterprise. $5000 gets you a 24 tape LTO-7 autochanger that goes into two RUs, and hooks up via SAS. You can then hook it to your Veeam server as a way to do D2D2T, and have an air-gapped backup. Encryption? Trivial. Set a password, make sure the password is in a recoverable place, and then, if a tape falls off the back of the Iron Maiden truck, it is just a trivial loss. No encryption, and that becomes a front page headline.

      I trust tape far more than the cloud. At least I know that if the Net takes a crap, my data is still restorable.

    6. Re:Tape? by Kjella · · Score: 5, Insightful

      Reliability, portability, and length of time the data can be stored, possibly speed. LTO-4 and lower is definitely going to be slower. LTO-5+ might be faster for writing depending on the RAID setup.

      If it's any kind of high performance system you usually do mirroring to a "hot" backup then do backup to tape from there so speed is not that relevant. You can do pretty well on reliability and portability by simply making many redundant copies. I don't think I'd plan to use it as ordinary backup, not even occasionally. To me tape belongs in the disaster recovery plan, like what if hackers root our servers or a rouge sysadmin goes berserk. The "put it on a tape, stick in a vault and pray you'll never need it but if you do you'll be really happy to have it" kind of backup.

      This is particularly true if it's for legal compliance or you're the one maintaining the master data, imagine if you're say the DMV and lose the database of what driver licenses or license plates you've issued. Even in most epic of epic fuck-ups that wouldn't be acceptable. But I'm thinking it's the kind of service you contract out to a third party, maybe even with your own encryption because it doesn't really pay off until you've got huge amounts of data and a perspective of years and decades. Or well you can use tape for that, but then it's the kind of "non-disaster" backup I'd use HDDs for.

      --
      Live today, because you never know what tomorrow brings
    7. Re:Tape? by Anne+Thwacks · · Score: 3, Informative
      Here's a secret about tape; you drop it, it's as fragile as a HDD.

      NO, its not. If you drop it, the puck (the bit that the loading mechanism uses to pick the end of the tape) may fall out of its retaining slots. It can be put back in place if you are moderately careful. If the plastic case is not broken, the tape is probably readable.

      I have dropped a fair number of tapes from desk height over the years (have been using them since the 1970's and designed both hardware and software for tape drives). None has failed as a result. I have also dropped a few H/Ds as well - some were damaged by falls of a few inches (they are actually more robust if operating). I have restored many tapes after 30 years. You will have a hard time finding an ST506 interface that connects to a modern computer.

      I also seem to have significant problems with bit-rot on both Windows and Linux. This is noticeable as jpgs which have problems after sitting idle on the disk for a year or two, and occasionally docs and odts that won't read. Less of a problem with SCSI disks AFAICT, so I suspect hardware, but I did use DOS 4.0, so, I am not sure its not software.

      I have definitely had brand new server grade HDs fail to start after 3 years on the shelf. I doubt used ones are more reliable.

      --
      Sent from my ASR33 using ASCII
    8. Re:Tape? by lgw · · Score: 3, Informative

      Live mirroring is a way to make a backup, but isn't a backup until you break the mirror. Most RAID systems aren't really good at moving that sort of stuff around on the fly, unless you're talking about legacy "big box" storage systems that charge 10x-100x what the drives cost.

      But, yeah, there are 3 distinct scenarios:
      * Backup
      * Disaster recovery
      * Archiving

      Tape is far and away the best for archiving, and is the easiest/cheapest way to do DR. It's not all that good for simple backup - snapshotting of some sort (even if the backup is in the same rack or even device as the main storage) wins for backup, since most restore requests are for recovery from user error, not hardware failure.

      It makes good sense to optimize backup for fast recovery from accidental file deletion and the like, as long as you also have a DR strategy that will help you if you lose a rack full of storage (or datacenter etc).

      Archiving is usually the legal compliance angle, not the other two use cases. Plenty of big companies have fancy cross-site DR strategies, but still archive to tape for compliance with "store your records for N years" compliance. Heck, the same truck from Iron Mountain likely takes both their paper records and tapes.

      --
      Socialism: a lie told by totalitarians and believed by fools.
  2. it never went away by banbeans · · Score: 4, Insightful

    It never went away at smart companies and those in regulated industries.

  3. It's a reliable long-term storage medium by blind+biker · · Score: 4, Insightful

    In terms of longevity, I classify storage this way, from short to long term:
    - SSD
    - 5.25" floppy disks (anachronistic, but existing)
    - hard drives
    - Taiyo Yuden CDs and DVDs
    - EPROMs
    - magnetic tape
    - masked ROMs
    - books

    --
    "The agriculture ministry is not in charge of Gundam" - Japanese ministry official.
    1. Re:It's a reliable long-term storage medium by freeze128 · · Score: 4, Interesting

      I recently booted up my old Apple //e computer and was amazed to see that nearly ALL of my old floppies still worked. These are disks that were formatted in the mid 80's. The disks that failed were off-brand cheaper disks that were purchased more recently. I also remember buying 100 3.5" disks from Computer City in the late 90's. ALL of them failed within 5 years. Many were DOA right out of the box, and were unable to be formatted.

      So the adage that magnetic media suffers from bit rot isn't quite as bad as you think... Cheap crappy disks and tapes will fail, but good quality ones last a good long time.

  4. Comment removed by account_deleted · · Score: 3, Informative

    Comment removed based on user account deletion

  5. Medium longevity by DrYak · · Score: 4, Informative

    is there any reason to use tape instead of just doing a rotation of RAID systems and disconnecting the unused ones?

    The main reason IS the one you mentioned (with tape, you basically disconnect only the medium, the magnetic tape. Not the whole read/write drive or even whole RAID cabinet. So you only need to pay for magnetic media as you expand capacity, not full blown electronics. A single tape drive and robot can last you quite some time).

    But there is also some other practical consideration :

    - Tape has been around for a lot of time. It has been already quite studied regarding its longevity. Its various failure modes are all well known (ghosting).
    Manufacturer are now pretty much sure they can guarantee you that you can store a tape cartridge in fridge for Yyy years and it will still be 100% readable afterward.

    - Hardisk are a bit more recent technology. We don't have quite the same guarantee regarding mechanical failures, bitrot, etc.
    Since the whole purpose of this approach is to disconnect completely the storage, it means that the back-up disk will need to be reconnected and re-spun back to 7200RPMS at some point in the future. A small number out of all disk will fail and will not spin, due to various mechanical feature. A small number of the spinning disks will have suffered bitrot and will have corrupted.
    Companies don't have the half-century long experience to make exact guarantee for Zzz years.

    It's nothing horrible that can't be compensated with correct duplication and erasure coding. But it's still a bit less guaranteed.

    --
    "Sufficiently advanced satire is indistinguishable from reality." - [Tips: 1DrYakQDKCQ6y52z6QbnkxHXAocMZJE61o ]
    1. Re:Medium longevity by afidel · · Score: 3, Interesting

      Yup, that's why our backup audit log had a weekly restore as one of the lines. We also checked the tick box in our backup software that read from the tape when done and compared CRC to that stored in the database, in theory this could differ from what was on disk, but at that point any modern backup program with dedupe is already hosed. We also did semi-annual DR testing which involved removing key people from the exercise to test cross training and documentation and also included deleting a whole filesystem and doing a restore from the backup system and doing spot check on files selected at random from the source filesystem.

      --
      There are 4 boxes to use in the defense of liberty: soap, ballot, jury, ammo. Use in that order. Starting now.
  6. Then there's the other half by 93+Escort+Wagon · · Score: 4, Insightful

    If you're backing up your company's data to tape... have you - even once - went through the restore process to make sure you can actually recover it?

    --
    #DeleteChrome
  7. Paper chemistry by DrYak · · Score: 3, Interesting

    - books

    Although that varies a bit depending on the chemistry of the paper (e.g.: acid-free vs. acidic)

    On the other hand, the *toner* used to laser-print on them (basically, fused plastic) will surely outlive the acidic paper.

    --
    "Sufficiently advanced satire is indistinguishable from reality." - [Tips: 1DrYakQDKCQ6y52z6QbnkxHXAocMZJE61o ]
  8. ECC by DrYak · · Score: 5, Informative

    At thousands times more data the density would need to be high enough that cosmic radiation should start affecting tape also?

    Nearly every modern serious data storage (even some high-range SD flash cards: see Transcend) uses some form of error correction.
    Neither tape nor harddisks (nor SD cards with ECC) are that much affected by single bit flips induced by cosmic radiation.

    But HDD can still be affected by mechanical failures.
    While on the other hand, "mechanical failure" is hardly a risk for a medium that is just basically just a long band of magnetic tape.

    Also, the bitrot of tape is better known because it has been studied for a longer time.

    Not to mention that modern tapes still has a lower density than modern harddisks (with all their "super-paramagnetic" and "shingled" tricks).
    An LTO-7 tape is shy of 1km of lenght for 12mm width (they have exactly 11 square meters to store their native uncompressed raw 6.0 TB)
    A Seagate drive of similar capacity crams its data on 6 platters (of 9cm diameter each - that's 0.076 square meters)

    --
    "Sufficiently advanced satire is indistinguishable from reality." - [Tips: 1DrYakQDKCQ6y52z6QbnkxHXAocMZJE61o ]
  9. Re:One good EMP from DPRK... by aaarrrgggh · · Score: 3, Insightful

    It is pretty easy to protect cold tape from an EMP, even if it is at a close range.

    The problem is that Tape really isn't any more secure than anything else-- just modifying the tape drive firmware could easily corrupt data. With a little extra work it could encrypt the data and allow DR simulations to run as long as the event horizon hasn't been reached.

  10. Re:One good EMP from DPRK... by lgw · · Score: 3, Insightful

    Tape lets your transform the problem from digital security to physical security, and that's something a lot of companies are pretty good at. Further, very few attackers are good at both (you're pretty much down to governments at that point).

    You really can't beat tape for archiving. The cost per TB is small (and there's no ongoing cost beyond physical storage), and it's basically immune to stuff like EMP. There's actually is a chip in some tape cartridges to burn out, but losing that won't matter much.

    As far as hacking the firmware - IIRC, modern tape drives still requires that you use a firmware tape during the process, so stand-alone tape drives at least would be immune to a purely online attack. Worst case, though, you just buy new tape drives (or use the new ones you have in a box at Iron Mountain next to all your boxes of tapes) to recover.

    With a little extra work it could encrypt the data and allow DR simulations to run as long as the event horizon hasn't been reached.

    Tape drive firmware is like coding for the Atari 2600. Lots of things are theoretically possible, but very few people could actually pull it off. For this example, only in recent years has encryption hardware been added to drives - without that, there just aren't enough resources in a tape drive to encrypt on the fly (most tape drives can't do asymmetric crypo at all as they don't have the accessible memory to even hold a cert - tape buffer memory is sort of walled off and not general purpose).

    --
    Socialism: a lie told by totalitarians and believed by fools.
  11. Re:One good EMP from DPRK... by bev_tech_rob · · Score: 3, Interesting

    IIRC, modern tape drives still requires that you use a firmware tape during the process, so stand-alone tape drives at least would be immune to a purely online attack. .

    Nope. HP Tape Tools https://www.hpe.com/us/en/prod... allow you to update firmware, perform maintenance, etc on most modern HP tape drives that are attached to your server. So conceivably, a hacker could access the backup server (assuming it has HP tape drives attached physically to it), and inject their own firmware (unless there is safeguards in the software to not allow random firmware packages to be uploaded).

    --
    You're messin' with my Zen Thing, man.....