Backup is a critical first step to data protection, but organisations must think strategically and strive for resilience
Are you putting in the right safeguards to both protect data and should you lose it, how would you recover? Today is World Backup Day, a day to reflect on your data protection strategies and reassess their effectiveness. Organisations need to be vigilant against security threats to better defend business-critical data. In 2022, ransomware is continuing to wreak havoc across the globe, and a simple data backup plan is not sufficient. Organisations need to take a modern approach: data resiliency.
Here some industry leaders remind us how important it is to backup to avoid data loss, and achieve resilience by developing a comprehensive strategy to safeguard digital assets.
Brian Chappell, chief security strategist, EMEA & APAC, BeyondTrust:
Since the creation of the first software to make a backup of a system, it’s been an afterthought. Often that afterthought has occurred just after losing the very data that should have been backed up. There seems to be a drive to make the primary storage more and more resilient, almost like a rebellion against the tedium of implementing and maintaining back-ups. In organisations, there are storage solutions with terabytes of data with the ability to suffer multiple individual drive failures and still recover. Backups get pushed out, perhaps even feel unnecessary — until the whole system fails or ransomware encrypts all the data. The latter is more likely in today’s world and if you find yourself a victim of such an attack, then you have a highly resilient store of almost random information. What was missed in many cases was that resilient storage and back-ups are an “and” not an “or”.
A good backup strategy will allow you to safely store massive amounts of data, in an efficient manner, beyond the reach of ransomware and outside of the scope of a storage failure. For end-users, there are many cloud-based services and solutions that can make sure data is kept safe. For organisations, while cloud services offer similar solutions, a hierarchical backup approach will help make sure that the data your business needs to operate can be recovered, should the worst happen.
World Backup Day is a good opportunity to pause and reflect on how well protected your data is and what it would mean to you to lose some or all of it. In the cybersecurity space, we talk about assuming that you’ve been breached so that your strategies are robust enough to deal with that situation when it occurs and not rely solely on strong perimeters. Backups are the same approach to data storage — you must assume that your primary storage will fail at some point. Don’t be the one or ones caught out.
Omar Akar, regional vice president, Middle East & Emerging Africa, Pure Storage
In 2022, ransomware is continuing to wreak havoc across the globe. With organisations of all sizes storing increasing volumes of sensitive customer data, there is no place for a “it won’t happen to me” mindset. Leaders need to be thinking of the worst case scenario and prepare for rapid recovery after an attack.
Unfortunately, while backup systems have provided an insurance policy against an attack in the past, hackers are now trying to breach these too. Once an attacker is inside an organisation’s systems, they will attempt to find credentials to immobilise backups. This will make it more difficult, time consuming and potentially expensive to restore.
Organisations need a two-pronged strategy: advanced, immutable “snapshots” of their data and an ability to not just backup fast but to restore fast and at scale. Immutable snapshots are protected because they can’t be eradicated, modified or encrypted – even if an attacker gains access to sensitive data. They are also relatively easy to restore, but depending upon how much data needs to be restored, snapshots might not be a viable option.
Traditional tape or disk-based backup can restore roughly one to two terabytes an hour. That’s not going to cut it for most organisations. Some flash based solutions can offer speeds of up to 270TB an hour and are needed to get an organisation up and running with minimal negative impact.
With a multi-faceted cybersecurity strategy reinforced with snapshots and a rapid restore solution, the restoration phase after a ransomware attack can be reduced from several weeks to just a few hours. This will minimise the impact on users, customers and potential reputational damage suffered from being offline for a prolonged period of time.
Sam Curry, Chief Security Officer Cybereason:
This is really about disaster recovery and business continuity. You must have an incident response plan, so-called “immutable” backup, and must test, test, test. From tabletops to live restore tests. And a crucial element is to realise and have strategies for recovery in the event that backups contain malware, backdoors or vulnerabilities from the original critical failures. Finally, security for the processes to backup and restore and for the backup environment itself have to be strong and robust too.
Greg Day, Global Field CISO, Cybereason:
The message here is typical, we can save ourselves, but too often we are too busy to stop and do it. Be it in our personal or business lives, we continue to digitise so much of what we do. Data is gold to cyber criminals.
Today’s modern cyberattacks, including ransomware, not only will charge you to get your data back, they will also analyse your data and get incremental value by reselling it onto others. As such, think about what is valuable to you and others in terms of your data, are you putting in the right safeguards to both protect it and should you lose it, how would you recover?
Brian Spanswick, CISO, Cohesity:
Backup is a critical first step to data protection, but organisations must think strategically and strive for holistic cyber resilience, realising that backup is just one component of a much larger equation. Achieving true cyber resilience means developing a comprehensive strategy to safeguard digital assets, including integrated defensive and recovery measures that give organisations the very best chance of weathering the storm of a cyberattack.
Organisations should investigate a next-gen approach to data management that enables customers to adopt a 3-2-1 rule to data backups, ensure data is encrypted both at transit and at rest, enable multi-factor authentication, store data in an immutable file, and employ zero trust principles. Further, recent clean backups that can be quickly restored to a recent point in time delivers the business continuity required for organisations to not only prevent attacks, but continue to reduce the potential impact if breached.
If you liked reading this, you might like our other stories