Distributed data protection for physical security

1 . A computer-implemented method of backing up data in a distributed network, comprising: deploying a plurality of networked devices to protect data of a target device in the network, wherein each device of the plurality of devices contains memory sufficient to store at least a portion of backed up data from the target device; registering each device of the plurality of networked devices to indicate configuration as a storage device within a mass group of similarly configured devices; periodically forwarding a heartbeat signal through each device of the mass group; storing index information for backup data of the target device stored in each device of the plurality of devices; initiating, upon detection of a cyber-attack on the network, a lockdown operation on each device of the plurality of devices; transmitting a canary signal indicating the detection along with normal backup messages to each of the plurality of networked devices to eliminate a need to send detectable burst or acknowledgment signals regarding the cyber-attack; initiating a lockdown of the plurality of networked devices if at least one of the heartbeat signal lost or the canary signal is detected; using the index information to reconstruct the backed up data from the portion of backed up data stored on each respective device of the plurality of devices; and storing the backed up data in a data protection system (DPS) comprising a cyber vault physically isolated by an automated operational air gap within a protected part of the distributed network. 2 . The method of claim 1 wherein the backup data of the target device comprises files that are new or changed from a prior backup of the target device. 3 . The method of claim 2 further comprising splitting a file of the backup data into a plurality of chunks corresponding to a number of devices selected to store the backup data. 4 . The method of claim 3 further comprising: generating a hash of each chunk of the plurality of chunks; encrypting each chunk; and compressing each chunk. 5 . The method of claim 4 further comprising writing a file ID, chunk ID, and hash value for each chunk to an index file for each device of the number of devices selected to store the backup data. 6 . The method of claim 5 wherein the index file comprises one of: an individual file maintained within each device of the number of devices, or an indexed entry to a database storing index files for all devices of the number of devices. 7 . The method of claim 3 wherein the number of devices selected to store the backup data are selected based upon a failure to tolerate (FTT) metric defining a minimum number failures that the target device can tolerate for the backed up data. 8 . The method of claim 7 wherein the chunks are distributed among the number of devices using a distribution scheme selected from one of: double mirroring, triple mirroring, parity, or erasure coding. 9 . The method of claim 1 wherein the heartbeat signal is considered lost if not received after a defined amount of time. 10 . The method of claim 1 further comprising restricting access to the index file to authorized users only based on one or more access control procedures. 11 . The method of claim 1 wherein the plurality of devices comprises personal computer devices, communication devices, and network edge devices. 12 . The method of claim 1 wherein the data protection system (DPS) implements a deduplication backup process to store data from the target device to the cyber vault. 13 . A computer-implemented method of providing distributed protection of data, comprising: dividing a file to be backed up from a target device into a plurality of chunks; storing each chunk in a different respective device of a plurality of devices coupled to the target device over a network; registering each device of the plurality of networked devices to indicate configuration as a storage device within a mass group of similarly configured devices; storing the backed up data in a data protection system (DPS) comprising a cyber vault physically isolated by an automated operational air gap within a protected part of the distributed network; periodically forwarding a heartbeat signal through each device of the mass group; storing index information for each chunk in each device of the plurality of devices; transmitting, in the event of a cyber attack, a canary signal along with normal backup messages to each of the plurality of networked devices to eliminate a need to send detectable burst or acknowledgment signals regarding any data attack; detecting the cyber-attack on the network by detection of at least one of a lost heartbeat signal or the transmission of the canary signal; locking down each device upon detection of the cyber-attack; and restoring, after cessation of the cyber attack, the backup data to the target device using the index information. 14 . The method of claim 13 further comprising scanning the plurality of devices for files added or changed since a last backup to identify the target device. 15 . The method of claim 13 wherein failure of the heartbeat signal is indicated after a defined amount of time. 16 . The method of claim 13 further comprising: generating a hash of each chunk of the plurality of chunks; encrypting each chunk; and compressing each chunk, and wherein the index information comprises a file ID, chunk ID, and hash value for each device of the plurality of devices. 17 . The method of claim 13 wherein the plurality of devices are selected among all devices of the network to store the backup data are selected based upon a failure to tolerate (FTT) metric defining a minimum number failures that the target device can tolerate for the backed up data, and further wherein the chunks are distributed among the number of devices using a distribution scheme selected from one of: double mirroring, triple mirroring, parity, or erasure coding. 18 . The method of claim 13 wherein the plurality of devices comprises personal computer devices, communication devices, and network edge devices, and further wherein the backed up data is stored by a deduplication backup process. 19 . The method of claim 13 further comprising storing the index information in a respective index file or database entry associated with each device, and restricting access to the index information to authorized users only based on one or more access control procedures. 20 . A system for backing up data in a distributed network, comprising: a target device sourcing data to be backed up as backup data; a plurality of networked devices deployed in the network to protect the backup data, wherein each device of the plurality of devices contains memory sufficient to store at least a portion of backed up data from the target device; a database storing index information for backup data of the target device stored in each device of the plurality of devices, and registration information for the each device indicating respective configuration as storage devices within a mass group of similarly configured devices; a signal generator periodically forwarding a heartbeat signal through each device of the mass group and transmitting a canary signal along with normal backup messages to each of the plurality of networked devices to eliminate a need to send detectable burst or acknowledgment signals regarding the cyber-attack; a detector detecting a cyber-attack on the network in order to initiate a lockdown operation on each device of th