Object vs. File Storage: Why Security Is a Key Consideration

Object storage first hit the market about a decade ago, emerging in a landscape previously dominated by file storage. The two architectures have coexisted, and often competed, in the years since. In general, organizations prize object storage for its ability to scale limitlessly and the fact that it allows users to quickly access data from any location. File storage stands out for its extreme simplicity, particularly when it comes to file sharing and local archiving of moderate data volumes. But the major differentiator between the two, especially when making a choice to upgrade or replace existing IT infrastructure, is security.

Object Storage’s Security Advantage

Generally speaking, when it comes to security, object storage offers more specialized and agile features than file storage. Why? It’s primarily due to object storage’s more robust support for APIs: Object storage supports a rich API ecosystem, while file storage offers only basic API support. Its robust API support, which allows users to build and deploy their own APIs, means object storage platforms can be customized to offer nearly any type of unique feature. This includes tailor-made security capabilities. Object storage allows organizations to select a range of key management systems and encryption options. Organizations can apply unique access policies at any level, including at the object, bucket and user/group levels.

Data security is a paramount concern for organizations of all types. According to a recent survey, data breaches in 2020 will cost U.S. enterprises an average of $8.6 million. Ransomware, in particular, poses an incredibly grave data security threat. A separate report found that ransomware attacks were up nearly 140% in the U.S. in 2020. This, of course, overlapped with the worldwide COVID-19 pandemic and the corresponding rise in remote work. Neither COVID-19 nor remote work are likely to disappear in the immediate future, and ransomware attacks have only become more sophisticated during the past two years.

Due to the object storage architecture’s broad support for APIs, it is ideal for guarding against ransomware. Select object storage platforms incorporate Object Lock, a cutting-edge capability for fighting ransomware. Leveraging WORM (Write Once, Read Many) technology, Object Lock mitigates ransomware attacks through data immutability. It allows organizations to store backup data copies that cannot be changed for a set time period, making it impossible for hackers or malware to rewrite, encrypt or delete these backup copies. With immutable data, organizations know that they always have a safe backup copy they can recover.

File storage is a different story. With minimal support for APIs, the architecture is unable to easily incorporate new features such as Object Lock. There are file storage solutions that support WORM; however, it’s more costly to implement these solutions and they are harder to manage.

Cyber Insurance is no Guarantee

Some organizations may not think they need to improve the security posture of their storage infrastructure to protect against ransomware. They believe their cyber insurance will simply cover the payout in the event of an attack. However, that’s not necessarily true; more and more, cyber insurers are refusing to reimburse clients for costs associated with ransomware attacks, especially if their investigators conclude the client did not do enough to prevent such attacks. This is exactly what happened to the local government in Jackson County, Georgia, which was left on the hook for a nearly half-million dollar ransom bill when its insurer argued the county didn’t take sufficient measures to mitigate ransomware attacks.

So, what sort of measures do cyber insurers require before they cover ransomware claims? Across the industry, it increasingly comes down to immutable data storage. For organizations to be sure their claims will be covered in the event of a ransomware attack, they must support immutable backup data.

Today, ransomware is the greatest data security threat to organizations across all sectors. Governments, healthcare providers, financial services firms and education institutions face the biggest risk, but anyone can fall victim. Of course, a brand-new threat could appear and eclipse ransomware in a few years. In that case, object storage, thanks to its robust API support, will be able to quickly add new features to combat such emerging threats. Ultimately, object storage allows organizations to develop homegrown APIs and incorporate any custom security features they need. File storage, however, doesn’t provide the same agility to safeguard data against ransomware today or new security threats tomorrow.

Avatar photo

Gary Ogasawara

Gary Ogasawara is Cloudian’s first Chief Technology Officer, responsible for setting the company’s long-term technology vision and direction. Before assuming this role, he was Cloudian’s founding engineering leader. Prior to Cloudian, Gary led the Engineering team at eCentives, a search engine company. He also led the development of real-time commerce and advertising systems at Inktomi, an Internet infrastructure company. Gary holds a Ph.D. in Computer Science from the University of California at Berkeley, specializing in uncertainty reasoning and machine learning.

gary-ogasawara has 1 posts and counting.See all posts by gary-ogasawara

Cloud Workload Resilience PulseMeter

Step 1 of 8

How do you define cloud resiliency for cloud workloads? (Select 3)(Required)