Mainframe Blog

The Power of Air-Gapped Object Storage as Part of a Mainframe Data Resilience Strategy

cloud-cubes
3 minute read
Mikhael Liberman

Safeguarding sensitive data has become a paramount concern for organizations. As cyberthreats evolve and new regulations to safeguard data emerge, the need for robust data resilience solutions has never been more pressing. Air-gapped object storage is a technology that provides security and protection for mainframe data against cyberthreats.

The need for mainframe data resilience

It is crucial to understand the importance of data resilience in mainframe systems. Organizations rely heavily on their mainframe data to make informed decisions, conduct day-to-day operations, and maintain a competitive edge. Any disruption due to cyberattacks, natural disasters, or human error can have significant consequences.

Mainframe data resilience strategy ensures the continuous availability, integrity, and accessibility of critical information. Traditional storage solutions may provide some level of protection, but they often fall short in the face of sophisticated cyberthreats. This is where air-gapped object storage should be considered as an additional level of security.

New regulations are being issued globally to ensure companies are protecting their data adequately and can recover from a cyberattack or other logical data corruption. For example, the Digital Operational Resilience Act (DORA) regulation will come into effect in the European Union in January 2025.

The role of BMC AMI Cloud Vault in data resilience strategy

BMC AMI Cloud Vault protects mainframe data from cyberattacks such as ransomware by creating an additional copy on immutable, air-gapped, cloud-based storage, creating a third copy of the data. This enables quick recovery from cyberattacks such as ransomware and reduces the risk of data loss while maintaining compliance with regulatory requirements for enterprise data retention.

The power of BMC AMI Cloud Vault and air-gapped object storage

Unplugging from cyberthreats

Air-gapped storage involves physically isolating the storage infrastructure from the network, creating an “air gap” that serves as a powerful barrier against cyberthreats. Without a direct connection to the internet or any external network, the chances of unauthorized access or data breaches are significantly reduced. BMC AMI Cloud Vault provides the ability to write data directly from the mainframe to air-gapped storage and, after isolating the storage, create a “golden copy” of the data.

Immunity to online attacks

Common cyberthreats, such as ransomware and malware, rely on network connectivity to propagate and infect systems. With BMC AMI Cloud Vault, mainframe data is kept in an air-gapped environment, allowing organizations to create a fortress that remains impervious to online attacks. The air-gapped storage remains untouched and secure even if the network is compromised.

Protection against insider threats

While external threats are a significant concern, insider threats pose an equally formidable risk. Air-gapped storage limits access to authorized personnel who are physically present at the storage location. This minimizes the risk of internal breaches and ensures that only individuals with explicit permissions can interact with the stored data. BMC AMI Cloud Vault, leveraging mainframe security control, helps create end-to-end protection against threats.

The cloud is a different technological environment from the mainframe and relies on a separate set of authorizations and security controls than the mainframe does. A mainframe user with admin privileges, such as a storage administrator, would typically not have admin privileges in the cloud environment. This provides an additional layer of protection in case a mainframe user ID has been compromised.

Guarding against data corruption

Air-gapped object storage enhances data integrity by protecting against accidental or intentional corruption. Since the storage system is isolated and can keep track of any changes to identify attacks, the likelihood of malware altering or deleting critical data is virtually eliminated. BMC AMI Cloud Vault’s ability to recover a specific version of the data ensures organizations can quickly recover their data in its original, unaltered state.

Resilience in the face of disasters

Beyond cybersecurity concerns, air-gapped storage adds an extra layer of resilience against physical disasters. Whether natural calamity, fire, or other catastrophic events, data stored in an air-gapped environment remains sheltered from external factors that could compromise its integrity. With cloud hyper scalers, data is spread over three availability zones by default to ensure maximum availability.

Conclusion

In an age where data is the lifeblood of organizations, ensuring its resilience is non-negotiable. BMC AMI Cloud Vault, with air-gapped object storage as part of a mainframe resilience strategy, offers unparalleled protection against cyberthreats and provides a robust solution for data resilience needs. By adopting this innovative approach, organizations can fortify their data infrastructure, safeguard critical information, and confidently navigate the digital landscape.

Finally, considering new regulations such as DORA, mainframes can no longer afford to rely on existing solutions for data resilience and recovery and must act as soon as possible to ensure compliance.

To learn more about BMC AMI Cloud and how to modernize your data management with hybrid cloud agility check out our hybrid cloud solutions webpage.

Access the 2024 BMC Mainframe Report

The results of the 19th annual BMC Mainframe Survey are in, and the state of the mainframe remains strong. Overall perception of the mainframe is positive, as is the outlook for future growth on the platform, with workloads growing and investment in new technologies and processes increasing.


These postings are my own and do not necessarily represent BMC's position, strategies, or opinion.

See an error or have a suggestion? Please let us know by emailing [email protected].

Business, Faster than Humanly Possible

BMC empowers 86% of the Forbes Global 50 to accelerate business value faster than humanly possible. Our industry-leading portfolio unlocks human and machine potential to drive business growth, innovation, and sustainable success. BMC does this in a simple and optimized way by connecting people, systems, and data that power the world’s largest organizations so they can seize a competitive advantage.
Learn more about BMC ›

About the author

Mikhael Liberman

Mikhael is a principal solution engineer for AMI Cloud products. He has over two decades of hands-on experience with mainframe systems as a software engineer, system programmer, application DB2 DBA and system DBA. Mikhael joined BMC as part of the Model9 acquisition and provides AMI Cloud sales technical support to local teams in EMEA and APAC regions.