NIS2 Compliance: Strengthen Cyber Resilience with S3-to-Tape

It remains to be seen what specific requirements companies in Germany will have to meet if they fall under the criteria of the European Union’s NIS2 Directive. However, it is already clear that a robust strategy for cyber resilience and mature data protection and restore methods will be critical to compliance.

Critical data must be stored in a way that provides the best possible protection against an attack. At the same time, you need to ensure that your business can quickly regain operational control in the event of a cyberattack. To do this, it must be able to access intact data.

Organizations affected by NIS2 will need to take a hard look at how they currently store and manage data:

  • How well is the data protected against a cyberattack and, for example, malicious encryption, manipulation or deletion?
  • What protection is available for stored data?
  • How long does it take to resume operations after a successful ransomware attack?
  • What measures can be taken to make current data protection and restore workflows more reliable and to increase data security and cyber resilience?

Data storage on tape provides a cost-effective and secure way to protect critical data from cyber-attacks while ensuring reliable recovery processes.

  • Offline media with air gap
    When it comes to data security and protection against cyber-attacks, tape’s offline characteristics are a big plus. Tape offers “air-gapping”, which means that copies of data on tape can be stored in complete isolation. As a result, data stored on tape is protected from cybercrime attacks.
  • Long-term archiving on tape
    Tape media also has an impressive 30-years lifespan. This covers the standard retention periods and avoids the need for archive migrations during this period.

Immutable Storage on Tape with PoINT Solutions

PoINT’s software solutions integrate tape as a particularly cost-effective and secure storage class into the storage infrastructure via the standardized S3 interface. In this way, companies benefit from the security-relevant advantages of tape to strengthen their cyber resilience without significant restructuring.

The software-defined S3 storage PoINT Archival Gateway also offers numerous features to protect the data stored on tape against modification, manipulation or deletion. This functionality ensures an immutable backup and thus a decisive improvement of data security – especially in combination with the tape’s own air gap.

  • Object Lock
  • Versioning
  • Retention Management
  • WORM protection of the media

Secure Data Recovery with Snapshot Restore

In the event of a malware attack, data must be restored as quickly as possible so that the business can resume operations safely. One of the challenges of data recovery is to restore a data set that has not been corrupted. Ransomware may have been “dormant” in the system for some time before taking effect.

PoINT Data Replicator‘s Snapshot Restore functionality provides this security when restoring data: It enables the recovery of a data set based on a selectable date and thus the return to an uninfected state.

Conclusion

The NIS2 directive and its requirements should not be the only reason to review storage and data protection strategies. Also, improving cyber security should not only be on the agenda of companies affected by the NIS2 directive. Tape as a storage medium offers essential features that contribute to strengthening cyber security. With PoINT’s software solutions, tape can be homogeneously integrated into the storage infrastructure as an S3 storage class and used as an additional security layer against cyber threats. This enables companies to strengthen their cyber resilience and establish secure data protection and restore procedures.