Protecting business-critical data in a virtual world

Philip Bridge, President at Ontrack, talks to us about the unfortunate reality of rising cyberattacks causing data loss in virtual systems and the steps we can put in place to prevent our businesses becoming victims to these attacks.

An unfortunate reality


Data loss is fast becoming an unfortunate reality for anyone who manages virtual systems. The sad truth, according to Europol, is that the frequency of cyberattacks has never been higher. Unscrupulous criminals across Europe are abusing the unrest that has arisen over the coronavirus as an excuse to target their victims. In particular, there has been a significant rise in the number of phishing mails containing the words corona or COVID-19. One such example is a spoof email purporting to come from the National Institute for Public Health, that claims to contain important information about the virus. However, be warned. If you open the attachment, not only will your computer be infected with ransomware, but there is the potential that your backup system could also be erased.

Lately, we are seeing more and more data recovery cases emerging where backup applications have been erased by cyberattacks. These are often virtual machine (VMs) backup files. This is because organisations are increasingly running multiple VMs on one physical server, rather than using the separate servers of old. Moreover, modern hypervisors make the configuring and maintaining of physical servers far less complicated. Although sometimes the data from backup files and storage systems can be saved, it is often not clear how long the cybercriminal has had access to the system. As a result, organisations cannot rely on backups to restore their vital data. So, what can be done to circumvent the issue?

Common causes of data loss


Our own data shows that – in addition to ransomware – human error, hardware malfunction and RAID issues are the most common cause of data loss on VMs. Sad but true. Damage and data loss are often a result of simple human error. This could include patches with programming errors from under pressure developers, updates without an offline backup, poorly planned implementation of new company-wide software, accidentally overwriting or formatting a storage medium, damage to the core database of integration problems between disparate systems.

The hardware problems faced by virtual systems are almost the same as with physical systems. Think of faulty drives, faulty controllers, faulty server components and power problems. However, RAID damage is a much bigger challenge for VMs because of the very nature of virtualisation. RAID controllers are responsible for assigning all information to the many disks available. However, if a RAID configuration becomes corrupt, files cannot be simply rebuilt. Rather, when that happens, the interconnectedness of multiple systems may lead to significant data loss and long downtime.

Measures to take


With the consequences potentially causing serious data loss to business-critical data (and leading to the likely heavy fines from regulators) it is wise to take measures that can prevent such incidents. Firstly, it is important that organisations recognise that virtualisation and VMs are not flawless. The reality is that they can become defective just as quickly as other legacy storage options. Therefore, before creating a virtual environment for sensitive applications, think about which solution best fits the specific needs of your organisation.


Read More: 10 Tips to Working Remotely


Secondly, do not combine virtualisation solutions. Using multiple virtualisation solutions in the same environment can increase the risk of data loss exponentially. Adding too many layers of complexity can be very risky and makes the data recovery process time consuming for even a seasoned pro. Therefore, it is better to keep your virtualisation simple and stay with one solution within one environment.

Thirdly, always back up and take snapshots of your changes. No exceptions. Since advanced persistent threats (APTs) are showing up more and more, a good backup rotation scheme is vital. I would advise to make multiple backups. Then don’t forget to save them to another physical location (whether that be a local server, hard drive or tape) or in the Cloud. Always provide an airgap so that a hacker cannot access the network during backup. Also, think carefully about the right backup software for your virtual environment so that it can support you in your endevours. There are several backup software solutions on the market. Some can be used with both VMware and HyperV solutions. Probably the most important factor to consider when choosing your backup software is how much time it takes to recover VMs from the backup.

If, not when


Although virtualisation can undoubtably save time and eliminate complexity for users, VM files can still be lost or damaged. Data loss is a reality for anyone who manages virtual systems. It is, therefore, essential that the IT department is fully aware of the ins and outs of their systems and has a specific plan on how to respond to an incident. It should never be considered an if, but a when. In this way, they can consult a specialist within seconds who can perform adjustments or repairs at the file system level, so that the data that the business relies on can be quickly accessed again.


Philip Bridge

Philip Bridge, President of Ontrack. Ontrack understands data; it draws on its expert engineers and R&D facilities to solve customers data management challenges at different stages of the data lifecycle.

Choose an AI solution to transform beyond technology

Kit Cox • 09th December 2024

The first step is knowing exactly what your business wants to achieve with AI; think faster, smarter and more efficient. Once you know what you are working towards, you can start looking for a solution that can help you make it a reality. AI integration can feel like a daunting task at the beginning, so...

A Roadmap to Security and Privacy Compliance

John Lynch Director of Kiteworks • 04th December 2024

Only by understanding the current regulatory environment and implementing robust data protection measures, can organisations enhance their security posture, ensure compliance, and build resilience against the latest cyber threats. This article provides a comprehensive roadmap of how to do it.

Data-Sharing Done Right: Finding the Best Business Approach

Bart Koek • 20th November 2024

To ensure data is not only available, but also accessible to those that need it, businesses recognise that it is vital to focus on collecting, sorting and governing all the data in their organisation. But what happens when data also needs to be accessed and shared across the business? That is where organisations discover a...

Nova: The Ultimate AI-Powered Martech Solution for Boosting Sales, Marketing...

Erin Lanahan • 19th November 2024

Discover how Nova, the AI-powered engine behind Launched, revolutionises Martech by automating sales and marketing tasks, enhancing personalisation, and delivering unmatched ROI. With advanced intent data integration, revenue attribution, and real-time insights, Nova empowers businesses to scale, streamline operations, and outperform competitors like 6Sense and 11x.ai. Experience the future of Martech with Nova’s transformative AI...

How E-commerce Marketers Can Win Black Friday

Sue Azari • 11th November 2024

As new global eCommerce players expand their influence across both European and US markets, traditional brands are navigating a rapidly shifting landscape. These fast-growing Asian platforms have gained traction by offering ultra-low prices, rapid product turnarounds, heavy investment in paid user acquisition, and leveraging viral social media trends to create demand almost in real-time. This...

Why microgrids are big news

Craig Tropea • 31st October 2024

As the world continues its march towards a greener future, businesses, communities, and individuals alike are all increasingly turning towards renewable energy sources to power their operations. What is most interesting, though, is how many of them are taking the pro-active position of researching, selecting, and implementing their preferred solutions without the assistance of traditional...

Is automation the silver bullet for customer retention?

Carter Busse • 22nd October 2024

CX innovation has accelerated rapidly since 2020, as business and consumer expectations evolved dramatically during the Covid-19 pandemic. Now, finding the best way to engage and respond to customers has become a top business priority and a key business challenge. Not only do customers expect the highest standard, but companies are prioritising superb CX to...