Last year, the IDC reported that 93% of organisations had suffered data-related business disruptions within the last 12 months and almost 68% experienced four or more such disruptions. Even more concerningly, only 1 in 7 companies were able to recover 100% of their lost data following a ransomware attack.
Statistics like this clearly demonstrate that there is a disconnect between how vulnerable businesses are to data loss and the effectiveness of the current methods they are employing as preventative measures.
So, how should organisations be protecting themselves?
“Too many organisations still only consider backups after a data loss scare or something disastrous happens,” explains Roman Pavlyuk, VP of Digital Strategy at Intellias. “Businesses should consider backups as a fundamental part of their data protection strategy, keeping the following four considerations in mind:
Simply backing up data isn’t enough: Regular validation checks should be conducted to ensure data is restorable, readable and available within a set time limit. Failure to do so can result in businesses being unable to access or restore their backed-up data when they need it most.
Privacy is a top priority: Under GDPR, when customers or employees leave an organisation, all their data, including backups, must be deleted. To ensure compliance, businesses must have flexible and controllable systems that can automate data removal without the risk of corruption.
Don’t put all your eggs in one basket: Backups should not only be stored on local servers. Organisations should also backup data in the cloud and ensure they have backups in multiple locations to minimise the risk of data loss. Furthermore, each data storage location runs its own risks so businesses should have multiple backups in each location.
Encryption: By encrypting the data, businesses can ensure that their data remains protected even if it falls into the hands of an intruder. It’s essential to remember that no matter how safe the original location may be, it’s always possible for it to end up in an unexpected location”.
Different environments need different methods
As technologies continue to evolve and new infrastructures burst onto the scene, it’s important to keep your backup solutions evolving with the times. The same tried and tested backup methods are not going to keep working on new tech.
“The way organisations use and store data has changed drastically in the last few years; gone are the days of clunky external hard drives and floppy disks”, details Terry Storrar, Managing Director, Leaseweb UK. “Now, it’s all about the cloud. In fact, recent industry research found that the majority (66%) of respondents suspect that the industry will see the end of on-premises infrastructure over the next two years.
“With this change in storage must come a change in protection. More emphasis needs to be placed on protecting mission critical data wherever it is located and ensuring business continuity. Thankfully, modern cloud backup solutions have the benefit of being suitable for businesses of any size. They allow for data backup from any server or device, anywhere with an internet connection. Cloud backup solutions are easy to manage, and their providers offer reliable, hands-on customer support.
“However, not every cloud backup solution is created equal. Organisations need to ensure that they are choosing a trusted cloud hosting provider that offers comprehensive expertise, 24/7 support and robust disaster recovery solutions. From the data centre providers’ point of view, they need to take every necessary precaution to ensure that customers’ data is available around the clock, along with comprehensive backup. This includes the availability of emergency backup services, such as batteries and generators, in case of power outages. Agreements should also be in place with energy suppliers for redundant energy connections that enter the data centre from different locations, redundant internet connections, and an agreement with local authorities for evacuation work to reduce possible damage to any important cables. In the event of a disaster, it’s important to keep in mind that a proactive backup plan to ensure business continuity always has multiple moving parts to consider; having the right providers and products in place helps ensure these parts work in concert if disaster strikes”.
Ameer Karim, EVP & GM, Unified Monitoring and Management at ConnectWise, similarly highlights: “As many workloads shift to the cloud, many believe that backup is no longer needed, not realising that the SaaS providers often don’t backup user data for their end users. Only 25-30% of organisations rely on third-party SaaS Backup solutions to back up their data, leaving their mission-critical applications, such as Microsoft 365, Google Workspace, Salesforce.com, and Azure Active Directory, unprotected. Data loss due to accidental deletions, malicious insiders, and cyberattacks can easily cost small businesses thousands of dollars in lost business and productivity.
“It’s important to prioritise backups as not only a best practice but also a lifesaver for your SaaS solutions that assist in maintaining company operations. By regularly backing up data and partnering with trusted MSPs, SMBs can prepare their businesses for unforeseen events”.
It’s all about the whole package
When it comes to data protection, there are a multitude of dangers that need to be safeguarded against and, as such, organisations need to go beyond simple backup remedies and implement holistic protection and recovery solutions should the worst occur.
Kevin Cole, Director, Technical Marketing and Training, Zerto explains that, “securing your data is just the start: once you have a data protection strategy in place, it’s critical to consider recovery of that data should any disruption, outage, or cyber-attack occur. Especially with ransomware, speed of recovery is the key: how quickly can you resume operations and do so without losing data nor paying the ransom? Rapid recovery with no downtime and no data loss helps businesses of all sizes achieve true resilience and bounce back no matter what comes along”.
Gregg Mearing, Chief Technology Officer at Node4 furthers: “As cybersecurity risks become ever greater, we see increasing numbers of customers having to use backups to recover critical data whether that be applications, virtual machines or files. That means that having a decent recovery strategy and trustworthy backups is crucial, so in the event you need to recover you can. If you don’t have a good strategy in place a good place to start is to follow industry best practices around the 3-2-1 rule – 3 copies of your data, 2 media types and 1 offsite – but to drive even more reassurance the 3-2-1-1-0 rule adding in 1 copy of that data on immutable or air-gapped storage, and having 0 backup check failures.
“Without reliable and trustworthy backups you risk not being able to recover when you most need it. This is increasingly important as it is thought that in over 60% of ransomware attempts the bad actors actively target backup data on your network as part of the attack. One of the core strategies for organisations to deal with ransomware is to simply restore from it, so if the bad actors can encrypt your backups, your entire recovery strategy is foiled. Having that immutable or air-gapped layer helps to work around this as the ransomware encryption cannot spread to your backup data”.