Airgaps Assemble: S3 and Physical Tape

The last time we shared our thoughts on airgaps, we spoke about S3 and the idea that it can give you an airgap similar to the one you’ll get from using tape as part of your backup solution. You can read that blog here to give you a better insight into what we’re about to cover. But to save you some time, we concluded that S3 wasn’t quite the same. Any organisations considering using S3 have to weigh up whether the security offered by the tape airgap outweighs the benefits of using S3.

After we published our blog, one of our customers got in touch wanting to know more about the pros and the cons, and the additional judgments needing to be made when weighing up their options. And kudos to them, because it really got us thinking. Digging deeper into the pros and cons of each storage type could easily become a never-ending rabbit hole, so we’ve outlined everything as simple as we can, right here.

Unravelling Physical Tape

Firstly, let’s look at the grandfather clock of backup storage: physical tape. And, before we go on, you can read more about physical tape here, where we talk about backup and storage through the ages. It’s riveting stuff, really.

As we’ve already mentioned, tape is immutable. It’s simply not possible for somebody to write to a tape once it has been removed from the tape drive. There’s no chance that your data is going to get encrypted once it’s been stored there. The other major selling point for tape is capacity. An LTO-7 tape can store 6 TB of raw data) or 15 TB of compressed, whilst LTO-8 has numbers of 12 TB raw and 30 TB uncompressed.

For organisations that are looking to retain a lot of data in an archive for a long time, the combination of security and capacity might be what encourages them to go for tape. Then, we have cost. Seems simple, right? But it’s just not as simple as it was a decade or so ago.

This is because the difference in the per TB cost between tape and disk is no longer the vast chasm that it once was. Over the last ten years, the cost of storing data on disk has fallen by over 80%. This means that whereas disk was once seen as a premium purchase, it’s now a commodity. So, how can tape compete?

Searching S3

Let’s look at some of the strong points of S3 storage in the Cloud. Most vendors will charge you for that S3 storage based purely on usage. If you are using 1 TB of storage, you’ll get billed for 1 TB. Hardened storage admins will know all too well how tricky it can be trying to eke out the last dregs of capacity in an overburdened array; that shouldn’t come into the equation with S3. In fact, the storage admin needs to be more focused on keeping the storage utilisation under control. With unlimited storage, it’s easy to use more than you really need.

As we’ve discussed, one of the flaws with any form of disk storage is that it’s never completely immutable. Although, that’s what your storage vendor might tell you. You might be told that your object storage is immutable because it doesn’t use the same protocol as your native file systems. And – or – because your backup application can only talk to it via API. But, there’s probably still the capability for a rogue actor to remove data directly from the buckets. In which case, you’d only find out when you tried to recover the data.

Winner winner, Tape or S3 for Dinner?

If things still feel a bit foggy to you, we’ll outline it here in a table. Each feature is marked out of 3 Predatar Approval Points.

If your priority is to preserve that airgap and to ensure that the data your company is keeping long-term is secure, storing that data on tape is going to be a compelling direction for you. If that’s not you, then you might want to consider the flexibility that you can get from S3. Just make sure that you consider any security implications are taken into account before you start to use it.