Zerto+Storj: How Immutable Storage Yields Faster Ransomware Recovery

October 3, 2022

“Redundancy, redundancy, redundancy. That’s the key to a good disaster recovery solution.” exclaimed Zerto Technical Marketing Engineer, Anthony Dutra, during a recent webinar on immutability and ransomware. One of the ways to get that redundancy is with cloud storage for additional backups. But that redundancy can’t come at the cost of being a weak point for cyber attackers.  

Zerto and Storj recently teamed up with a powerful integration to improve data protection and recovery times. They discussed how it works in the webinar Become Immutable to Cyberattacks & Ransomware. This article will cover the key points from the webinar, but more detailed schematics on how it works are in the on-demand webinar. And if you want to dig in and start working with Storj and Zerto, there is a live working lab session on how to do this on October 6 at 12pm EST—Register here.

The three R’s of data security

After the obligatory statistics on how frequent, damaging, and expensive cyber attacks are, Dan Willoughby, developer advocate at Storj, described his experience with the three R’s of data security during his career as a software engineer.

  • Read - who can view your data. Typically this is a least privileged access model.
  • Recover - how fast you can recover your data. This is where RPO and RTO come into play in disaster recovery plans.
  • Reach - having backup data reachable anywhere, anytime.  This is why global availability is so important for data storage.

Willoughby shared multiple examples from his own experience about mistakes being made by good engineers that wiped out production data and caused serious downtime. All crystallizing just how important these three R’s are to get right. To cement it even further, he shared some real-life costs of relatively short downtimes.

  • In March 2015, a 12-hour Apple store outage cost the company $25 million.
  • In August 2016, a five-hour power outage in an operation center caused 2,000 canceled flights and an estimated loss of $150 million for Delta Airlines.
  • In March 2019, a 14-hour outage cost Facebook an estimated $90 million.

The big idea is that it is clearly important to pay attention to the details of disaster recovery plans to ensure that the three R’s can be addressed from recovery providers like Zerto, through to storage solutions like Storj.

How Storj and Zerto address the three R’s of data security

Storj and Zerto together address all three R’s of data security

Storj addresses the read and reach of data security with its unique, globally distributed storage solution. For read, Storj has a zero-trust architecture which always uses end-to-end encryption. Data stored on Storj is broken up into 80 segments and stored in different locations across its global network of over 15,000 storage nodes. Only 29 of these segments are needed to rebuild the file. At a fundamental level, no one, from Storj who runs the network, to the individual storage node providers, can ever access the data.

The difference in data access between traditional cloud storage and Storj

This is unlike traditional cloud storage in data centers where they have a “defend the perimeter” mentality. They assume the data is physically safe and often take shortcuts within (see brick wall illustration). But, as WIlloughby reminds us, that is where mistakes happen. An insider can make a mistake and delete data or, as was the case recently with Uber, a hacker gets in and can move freely within the data center. Willoughby commented on the Uber attack, “The attackers got in and were basically taunting them on Twitter that they had all their financial data and even entered their Slack channel to taunt them further.” But with Storj, no one, not even the owner, can delete their data and an attacker can’t ever get access.

When it comes to reach, Storj’s global network immediately trumps the data center model. Objects are segmented and stored across over 15,000 nodes without worrying about replication and paying extra for region-specific storage. This means you never have to worry about data access due to power outages or other disasters in a particular region. Willoughby explained, “We only need 29 of those 80 pieces to reconstitute your file. So whether your data needs to be accessible in Europe or any geography, it takes the fastest peers in that geography and restores it there.”

Zerto is the key to achieving the final R of data security—recover. Storj supports this with immutable backups that are literally impossible to delete. But Zerto has the solution to execute fast recovery. Zerto offers continuous data protection and long-term retention solutions. The place where Storj and Zerto work very well together is in long-term retention. Zerto does near-synchronous replication using a software-only solution with “journal” functionality. This feature makes it easy for rollbacks to be logically grouped together to get the full app online at the same time.

Granular point-in-time recovery with the Zerto Journal

Dutra explained the importance of application grouping, “So an application today, whether it's in Kubernetes or in a virtualized infrastructure is not just one application. You might have a database app. You might have a front end app. So these all are different. And what Zerto allows you to do is logically group those together to roll them back to that point in time.” This recovery methodology is logical to getting the business back up and running as fast as possible.  

Storj and Zerto work together to fight ransomware

Zerto and Storj connect easily using the S3 protocol to send immutable copies from Zerto into backup storage for long term retention. Dutra shared in the webinar the architecture diagrams for how Zerto and Storj work together in various backup scenarios such as:

  • Local, same-site replication with additional off-site copy
  • Continuous replication to disaster recovery site
  • Replication to disaster recovery site with additional off-site copy
  • Local replication plus disaster recovery site and additional off-site copy.

Dutra also shared how Journal File level recovery and instant VM-level restores happen pulling immutable copies from Storj into Zerto. It is clear that Zerto and Storj are a powerful combination for long term retention and recovery. But storage decisions aren’t just made based on security, storage is a combination of security, performance, and, of course, cost. In the live Q&A, one of the attendees asked how Storj measures up.

Willoughby answered the question with hard numbers. “Storj is up to 80% cheaper than AWS. So, what that means is we charge $4 per terabyte for data at rest. And the egress is $7 per terabyte. And what you'll typically see on Amazon are costs that are $23 per terabyte for data at rest and between $70 to $90 for that egress, which means when the data is coming out. And so you'll basically knock one zero off of your bill if you switch to Storj.”

To get the rest of the Q&A and a special offer from Zerto for a free edition of their enterprise cloud licensing that includes ten virtual machines for long term retention, watch the webinar on demand here. And if you want to get into the developer-level details, join live or watch on demand the Storj +Zerto working lab session here.

Share this blog post

Put Storj to the test.

It’s simple to set up and start using Storj. Sign up now to get 25GB free for 30 days.
Start your trial