Why you need to be data assured

James Blake, Field CTO Security EMEA at Rubrik, looks at defining data assurance and explains how businesses can ensure an architecture that supports it going forward.
James Blake, Field CTO Security EMEA at Rubrik, looks at defining data assurance and explains how businesses can ensure an architecture that supports it going forward.

Data is at the heart of every modern organization; without it, business applications, systems and processes simply can’t function. It’s become mission-critical for almost every business on the planet, so it’s no wonder that it’s highly sought after by cybercriminals.

But what makes data so desirable? Some have learned to collect data and metadata from every corner of their organization, using it to make informed decisions, save costs, or predict what’s around the corner and prepare accordingly. Hackers, meanwhile, have mastered the fine art of ransomware, holding that very data hostage to those who need it most in exchange for one hell of a payday.

According to a recent survey by IDC, over a third of organizations globally have experienced a ransomware attack in the last year, with an average ransom payment of nearly US$250,000. In the UK, ransomware attacks doubled in the first half of 2021 compared to the same period in 2020. It’s clear that the traditional ‘perimeter’ approach to security is no longer working. 

To combat this, modern businesses need to be data assured. This means not only ensuring that they are accurately collecting data and correctly analyzing it for maximum impact, but that that very data is also protected when the worst happens. Sounds easy enough, but how do organizations achieve that, how can they best protect the lifeblood of their infrastructure, and what solutions can help along the way?

It’s time to rethink data protection. It’s time for an inside-out security strategy, whereby the data is not only the last line of defence but the first line of defiance. It’s time to become data assured.

Data assurance, explained

Simply put, data assurance is the act of understanding and correcting errors throughout the data communication process, such as between a host and a storage array. In doing so, data assurance improves the integrity of data across a storage system by enabling the storage array itself to check for said errors, appending error-checking codes to data blocks in order to determine errors in transit. If and when corrupted data is recognized, it is corrected before it reaches its next destination. 

However, for data assurance to thrive, the organization must first adopt the concept of zero trust. A zero trust architecture assumes all users, devices and applications are untrustworthy and can be compromised. In other words, it means trusting nothing and verifying everything. In doing so, permissions are significantly limited, data is only accessible via multi-factor authentication, and therefore the likelihood of anyone or anything maliciously impacting that data is removed.

An architecture designed around zero trust must employ immutable backups to further ensure data security. Immutable backups cannot be modified, deleted or tampered with in any way – intentionally or otherwise, while every attempt to read the data is subject to authentication. So, if you find yourself suddenly exposed, you know at the very least that you have clean, immutable data to reinstate.

As well as requiring certificate-based mutual authentication for secure communications as part of its zero trust cluster design, immutability is built upon filesystem distribution and API authentication. It provides tight controls over which applications can exchange information, how data is transacted, and how it is arranged across physical and logical devices, and requires authentication to all endpoints to allow any of this to happen. With all this in place, security teams can rest in the knowledge that they are on the right track to true data assurance.

In short, being data assured allows security teams to know exactly where their data is, rest easy that it’s stored immutably, and confidently leverage said data to initiate recovery operations or run attack forensics in the wake of a ransomware attack.

READ MORE:

The final piece in the data assurance puzzle is deploying a modern backup solution that can enforce all of the above. Traditional solutions simply aren’t built with data assurance in mind, and therefore don’t offer the visibility and governance capabilities needed to effectively monitor the data flowing through an organization.

For more news from Top Business Tech, don’t forget to subscribe to our daily bulletin!

Follow us on LinkedIn and Twitter

An image of data, Big Data, Why you need to be data assured

Amber Donovan-Stevens

Amber is a Content Editor at Top Business Tech

Why low-code is the best code

TBT Newsroom • 12th June 2022

According to Gartner, over 50 percent of medium-to-large enterprises will adopt low or no-code platforms as part of their overall IT strategy by 2023. Low-code platforms are increasingly popular because they help organizations to deliver capabilities faster, reduce reliance and pressure on the workforce and are simpler to understand.

Classroom management software supporting teachers through flexibility

TBT Newsroom • 11th June 2022

Despite educators’ best efforts, the digital transformation from in-person to online and hybrid learning certainly didn’t go off without a hitch. The sudden onset of the coronavirus pandemic forced schools to scramble to change their systems overnight. While many schools rushed to purchase online education technology tools, few had the foresight to invest in reliable...

The Four Key Steps On Purchasing Cloud Software

TBT Newsroom • 10th June 2022

Following the COVID-19 pandemic, digital transformation efforts have accelerated across the majority of industries with businesses being forced to make alterations to their usual working routines in next to no time. What’s more, remote working made it apparent that legacy systems were no longer up to the task for businesses to operate in an effective...

APIs: What are they and how can we embrace them?

TBT Newsroom • 07th June 2022

Gravitee.io is a leading open-source API platform, enabling worldwide developers and business users to build, manage and monitor their APIs. As a team, we are driven by the purpose of giving customers the ability to manage synchronous and asynchronous APIs securely. We started out as an open-source product and still follow an open-source first ethos...

N-able Introduces Cove Data Protection

Chris Groot • 05th May 2022

N-able, the solutions partner helping IT services providers deliver security, data protection, and remote monitoring and management services, today announced the launch of Cove Data Protectionℱ, the cloud-first data protection-as-a-service (DPaaS) solution that modernizes data protection for business-class backup and disaster recovery.