The worldwide move to remote work in the past year has brought business continuity challenges as well as advantages. Backup management is one such challenge and in this article, four technology experts from Commvault answer key questions in this area.
Question #1: Has COVID-19 altered the way businesses look, or should look, at backups?
“The COVID-19 pandemic truly provided the opportunity – whether you wanted it or not – to test your organization’s data protection, business continuity, and DR plans,” explains Kate Mollett, Regional Director for Africa. “This is an opportunity to ensure that your systems and security posture is rigid enough to provide the security and governance required to be compliant and manage data loss and cyber risk, but equally agile enough to allow users to connect from wherever, whenever and on any device.
“Physically being connected to the corporate network and having automated backups of endpoints and devices is no longer possible. Most likely, elements of your workloads are also in the cloud. Are they being backed up? Have you checked? What is the shared responsibility model between your cloud service provider and you – you are after all the custodian of your organization’s data. You now also have to rely on the end user community and ensure that they have the right endpoint protection, that they are connecting via secure networks, and, most importantly, that they are cyber security vigilant and alert to hacking, ransomware, and phishing attacks.”
John Day, Sales Engineering Leader UK&I and Nordics, agrees and adds:
“Businesses are experiencing the data explosion impact of remote working, and the data sprawl that this has brought to their environments. This coupled with the knee jerk reactions that businesses were forced to undertake to tackle a world hit by the pandemic, has taken its toll. The acceleration of collaboration technology, cloud adoption, and SaaS offerings with elasticity, is top of mind, and due to the uncertain times, meant that organizations were forced to act first and revise later. This approach was necessary for businesses to minimise the impact, and in some cases, was needed for survival, but as you can imagine this has left a wake of fragmented data and dispersed technologies that need to be protected for compliance as well as business continuity.
“Disaster recovery of critical applications and the need to rapidly recover from cyber threats, should both be a top focus for organizations. Companies need reliable and resilient applications and services that provide rapid recovery solutions to mitigate these threats. As mentioned above, the impact of the data sprawl effect has multiplied the threat factors, compounding the problem for many organizations. So, having a solution that can not only protect your data, but also recover it quickly if needed, is paramount.”
Question #2: What is the biggest threat to data right now?
“The biggest threat to data today is ransomware,” states Ronnie Kaftal, Senior Sales Engineer. “Last year alone, nearly 60 percent of enterprises were hit with a ransomware attack, and 73 percent of cyber attacks resulted in data being encrypted and held for ransom. 2020 saw a continued uptick in ransomware attacks with threat actors taking advantage of economic and workplace disruption caused by the COVID-19 outbreak.”
Mollett emphasises that “the threat surface continues to expand and evolve. The IP behind these cyber-attacks is super sophisticated. And the target, or the threat to data is unfortunately the end user, who remains the unsuspecting weakest link in an organization’s security posture. You need to educate and continuously communicate with your user community about cyber security and what to do when compromised.
“Do not discount the possibility of an insider threat; a malicious disgruntled employee. It is important to have solutions in place that alert an organization to unusual user behaviour so that this can be identified quickly and the risk removed.”
Question #3: How important are backups and how would you recommend businesses backup their data?
Mark Jow, EMEA VP, Sales Engineering, advises businesses to be prepared for anything and everything:
“While it’s inherent in our human nature to hope for the best, in a business context, the smartest approach is to plan for the worst. Businesses must always operate with the assumption that their data is under constant threat – because it is. So, whether the threat is from hardware failure, human error, data breach, ransomware attack, or natural disaster. Having a plan in place which is underpinned with the right technology solutions, skills, and processes will ensure that if any crisis occurs, you can get your data back quickly with minimal disruption.
“The recent OVH data centre fire has also demonstrated why it’s so crucial to know where the responsibility for backing up and recovering your data lies. The Chief Executive at OVH recommended that customers 'activate [their] disaster recovery plan' – but how many of these customers may have assumed this was the responsibility of OVH? While we can't be certain, what we do know is that with our increasing reliance on information technology, combined with the fact that disasters are inevitable, backing up your data is no longer optional, it’s an imperative and vital ingredient in ensuring that your business stays in business when a crisis hits.”
Embracing the cloud is one way to ensure that your data is easily accessible whilst still secure, but as Jow points out, businesses need to know who is responsible for the backups.
To conclude, Kaftal shares the following tips on what a comprehensive ‘cloud shield’ against ransomware should include:
Detection – Modern security measures driven by advanced algorithms and machine-learning are better-suited to detect suspicious activity that can presage an attack on your data.
Prevention – Any access of your cloud backup data should go through increased scrutiny and additional security measures. Zero trust restrictive access controls can prevent unauthorised access and modifications to data, while encryption all the way and at rest, and secure key management are needed for an extra layer of security.
Recovery readiness – Lastly, air-gapped cloud copies are a must. Immutable copies of your data with object locks guard against malicious attack, while offline copies with the ability to shut down connectivity can contain an attack quickly.