In Sophos’ 2021 report, even after paying a ransom, only 8% of victims recover all their data. This should put backups on the forefront of everyone’s mind.
In celebration of World Backup Day, and to aid in spreading awareness around the importance of securing data, several tech industry leaders have shared their thoughts and advice on how to effectively secure your sensitive data.
Adrian Knapp, CEO and Founder, Aparavi
“Backing up your files is extremely important, and World Backup Day is a great reminder to do so. As your data, especially unstructured data, footprint grows, so too does your data risk. It is important to understand that redundant, outdated, and trivial data, also known as ROT data, puts you at increased risk and can cost you millions.
One of my top tips for backing up data is to know what data you have. By doing a data assessment and knowing your data, you are in control to mitigate risk, reduce costs, and create value for your organization with confidence.
Another helpful tip is to think about World Backup Day as a spring cleaning opportunity for your data. Take a moment to remove data that does not need to be backed up. This will improve your security as you can avoid a backlog in data management and limit the unstructured data that could be subjected to a ransomware attack, providing a more efficient and secure data environment.
My final tip is to implement an intelligent data automation tool so you can locate all of your data no matter where it lives. This will allow you to organize and uncover hidden files and dark data that you or your organization may be unaware of, putting you in control to make better informed decisions to assist in reducing your data footprint, and know what you are backing up.”
Terry Storrar, Managing Director, Leaseweb UK
“Business continuity is an essential part of today’s ‘always-on’ operations, but this isn’t an easy level of service to maintain consistently. From human error, to cyber attacks, or even extreme weather, there are many circumstances that can place an organisation’s operations and data at risk.
“Even with the most robust infrastructure and cybersecurity measures in place, businesses can never guarantee that unforeseen disaster won’t strike. So, to maintain business continuity and prevent downtime, an integrated approach to backup and disaster recovery is a necessity.
“With businesses increasingly migrating to the cloud, more emphasis needs to be placed on protecting mission critical data wherever it is located. Thankfully, modern cloud backup solutions have the benefit of being suitable for businesses of any size. They allow for data backup from any server or device, anywhere with an internet connection. Cloud backup solutions are easy to manage, and their providers offer reliable, hands-on customer support.
Data centre providers need to take every necessary precaution to ensure that customers’ data is available around the clock, along with comprehensive backup. This includes the availability of emergency backup services, such as batteries and generators, in case of power outages. Agreements should also be in place with energy suppliers for redundant energy connections that enter the data centre from different locations, redundant internet connections, and an agreement with local authorities for evacuation work to reduce possible damage to any important cables. In the event of a disaster, it’s important to keep in mind that a proactive plan for backing up data to ensure business continuity always has multiple moving parts to consider; having the right providers and products in place helps ensure these parts work in concert if disaster strikes.”
Steve Cochran, Chief Technology Officer, ConnectWise:
“Data sits at the heart of the organization’s IT systems, powering every essential business process. Unplanned downtime, as a result of a cyber attack or system failure, can have a significant impact: Shutting down the businesses’ organs for hours, days, even weeks at a time. In 2021, one in three mid-market organizations suffered a 24 hour outage as a result of cyber attacks, highlighting that having a backup and disaster recovery (BDR) plan in place is critical for resuming normal business operations as quickly as possible, while minimizing the impact or damage associated with such an event.
But, how does an organization go about backing up its data securely?
Organizations need to ensure they are keeping a current inventory of its data and where it is stored, critically prioritizing the data and adjusting the backup strategy to align to the 3-2-1 model. This means having three copies, on two devices/media, and one off-line for the backup. Having a backup service storage that is disconnected from the network or system and securely placed in a different, yet accessible location, is hugely important in case all online locations are impacted. As is testing the backups to ensure that, if needed, data can be retrieved, and systems up and running instantly.
This World Backup Day, organizations need to be prepared to tackle challenges head on and minimize any impact to the end customers. While backup is not a silver bullet to costly cyber attacks and downtime, it is a critical component to good cyber hygiene and all-around best business practice. It’s important to take backup seriously, before it’s too late.”
Neil Jones, director of cybersecurity evangelism, Egnyte
“On World Backup Day, we need to take a moment to reflect on the exploding volume of mission-critical digital data that’s being generated today (and every day), and consider how to encourage our employees, contractors and business partners to protect that data more effectively. Unfortunately, many organizational stakeholders are unaware of how to properly protect their companies’ valuable data, so it’s up to the company to educate them on best practices. As an IT leader, you should consistently update your data backup strategies and implement measures that protect you from accidental data loss, potential theft of information by malicious insiders, and corruption of stored files.
With proper training and by focusing on the importance of proactive data backup procedures, organizations can protect themselves from becoming victims of the next big data breach. Limiting access to mission-critical internal data on a “business need to know” basis also enables you to minimize the potential cyber-threat attack surface and prioritize threats more effectively. The best way to thwart potential data loss is to have a proactive data backup program in place that accounts for worst-case scenarios and can be adapted to rapidly-evolving technological changes. Today and every day, encourage your employees to take proactive steps to back up the critical data that they generate and reinforce the importance of personal accountability.”
Surya Varanasi, CTO, StorCentric
“On World Backup Day, we are reminded that ransomware and other types of malicious malware can disrupt any environment. And further, while hundreds of thousands if not millions might be at stake for the actual ransom payment, the gravest consequences of ransomware is data loss and downtime. Both present almost incalculable expense, with significant downtime resulting in potentially millions in lost revenue, as well as costly legal fees and regulations compliance cost, in addition to a rise in insurance premiums and decreased customer trust.
Today, the process of backing up has become highly automated. But now, as ransomware and other malware attacks continue to increase in severity and sophistication, we understand the need to protect backed up data by making it immutable and by eliminating any way that data can be deleted or corrupted.
An Unbreakable Backup does exactly that by creating an immutable, object-locked format, and then takes it a step further by storing the admin keys in another location entirely for added protection. Other key capabilities users should look for include policy-driven data integrity checks that can scrub the data for faults, and auto-heals without any user intervention. In addition, the solution should deliver high availability with dual controllers and RAID-based protection that can provide data access in the event of component failure. Recovery of data will also be faster because RAID-protected disk arrays are able to read faster than they can write. With an Unbreakable Backup solution that encompasses these capabilities, users can ease their worry about their ability to recover — and redirect their time and attention to activities that more directly impact the organization’s bottom-line objectives.”
JG Heithcock, GM, Retrospect, a StorCentric Company
“On World Backup Day we are reminded of the myriad reasons a sound data backup strategy and proven solutions are critical to the success of virtually all organizations, as it is a given that at some point most will suffer a failure, disaster or cyber-attack. However, given the world’s economic and political climate, the customers I speak with are most concerned about their ability to detect and recover from a malicious ransomware attack.
My advice to these customers is that beyond protection, organizations must be able to detect ransomware as early as possible to stop the threat and ensure their ability to remediate and recover. A backup solution that includes anomaly detection to identify changes in an environment that warrants the attention of IT is a must. Administrators must be able to tailor anomaly detection to their business’s specific systems and workflows, with capabilities such as customizable filtering and thresholds for each of their backup policies. And, those anomalies must be immediately reported to management, as well as aggregated for future ML/analyzing purposes.
Of course, the next step after detecting the anomaly is providing the ability to recover in the event of a successful ransomware attack. This is best accomplished with an immutable backup copy of data (a.k.a., object locking) which makes certain that the data backup cannot be altered or changed in any way.”
Kevin Cole, head of training and technical marketing, Zerto, a Hewlett Packard Enterprise company
“With 50% of organizations suffering from unrecoverable data loss in the last three years, World Backup Day serves as a timely reminder to protect your data from a potential disaster or disruption, such as ransomware. It’s also important to understand that simply making backups is not good enough—you have to prioritize restores & recoveries. Being able to non-disruptively test and prove your ability to recover lost data following an incident is what can make or break an organization.
To truly be prepared for data loss and downtime, every organization should have a recovery plan in place that is built upon continuous data protection (CDP), which provides streaming protection of each and every change in an application or on a server. Without CDP, you might be stuck making a false choice between low RPO or low RTO. Instead, look for solutions that offer both, without compromises, at a scale to match where you are now and where you want to be in three to five years. Doing so would mean every World Backup Day you’re breathing easy instead of rethinking whether you can really deliver on continuous availability and an uninterrupted business.”