As far as holidays go, World Backup Day does not generate the excitement of Christmas or Halloween. There is no mascot, such as a “Backup Bunny” (sorry, Easter), nor any imbibing of adult beverages, as on St. Patrick’s Day and Cinco de Mayo (probably a good thing). But March 31 is the one day of the year when data professionals can stop and consider, for one shining moment, why backups are so important.
The intersection between security and backups is well trod territory, as cyber criminals pose one of the greatest risks to precious, precious data. When you consider that 98% of organizations have suffered a cyberattack in the past year, according to Rubrik’s State of Data Security report, then it really drives home the importance of having a solid backup plan.
“If your organization is relying solely on legacy backup solutions to recover from a cyber incident, you’re exposing your critical apps and data to significant risk,” says Anneka Gupta, Rubrik’s chief product officer. “While many organizations have backup solutions in place, this legacy technology alone is not enough to effectively defend against today’s sophisticated cyber threat landscape. A more holistic approach is needed that combines backup and recovery with data security to provide cyber resiliency.”
Unfortunately, backups themselves are targets of cyber criminals. Studies shows that 94% of backup repositories were targeted in a ransomware attacks, according to Scality CMO Paul Speciale.
“With heightened ransomware threats and the prominent attacks taking place constantly, backup has taken on increased importance,” Speciale says. “Just having backups isn’t enough anymore; organizations need a solid backup protection strategy…World Backup Day is a reminder of the importance of investing in a scalable and immutable system that provides quick restores, such as those offered by modern object storage solutions.”
As data volumes and cyber attacks grow, organizations have come to realize that backups are mission-critical workloads, says Neil Jones, director of cybersecurity evangelism at Egnyte. However, not all backups are equal.
“The most significant evolution I’ve seen over the past several years is that most companies can no longer view data backup strategy monolithically,” Jones says. “Rather, they need to balance a mature Business Continuity and Disaster Recovery (BCDR) program with lighter, more nimble backup approaches such as snapshot recovery. Here’s why:
“In the event of a significant, just-in-time cyber-incident like a ransomware attack, users cannot remain productive without immediate access to their data, and even minutes or hours of data interruption can have a major impact on productivity,” he says.
So what else can organizations do to secure their systems and bolster their backups? Updating legacy technologies is a good first step, says Paul Martini, CEO of iboss.
“To meet modern cyber threats, organizations need powerful solutions that can match the sophistication of these adversaries,” Martini tells us. “Companies should consider replacing their legacy technologies like virtual private networks [VPNs], proxies, and virtual desktop infrastructure [VDIs] with a single zero-trust network access solution. This will ensure they better secure and protect data long past World Backup Day.”
The critical nature of backups means organizations should assign responsibility for maintaining backups and disaster recovery (DR) readiness to one or more employees, says Jason Konzak, senior vice president of professional services at Flexential.
“On a daily basis, an assigned employee should manually review backup and DR job successes, and failures,” he says. “Failed jobs need to be tracked as incidents and corrected so they do not become persistent gaps in protected data. Similarly, designated team members should test backups and DR solutions, document the results not only of success and failure, but also document the expected recovery time and recovery points (RTO and RPO). The results of these tests must be shared with organizational leadership so everyone can be on the same page about the ability of IT to protect critical data and keep business operations running.”
A large migration of data to the cloud has taken place over the past few years. If organizations aren’t careful, that can trip them up when it comes to their backup strategies, says Norman Kromberg, the CISO for NetSPI.
“There are a couple of critical mistakes organizations make when it comes to managing data backups,” Kromberg tells us. “The first is not updating as an organization migrates to new technology. For example, moving from on-prem to the cloud may change application and data structure. As a result, if an organization has to recover systems, the backups may not match the production systems.”
The backup itself has received the lion’s share of attention. But George Axberg III, vice president of the data protection division at VAST Data, encourages organizations to think about backup’s close cousin: data recovery.
“Data protection operations has always focused on moving data via a backup quickly, while restores were seen as a secondary, but necessary chore,” Axberg says. “Instant recovery is nothing new–restoring 10 to 20 virtual machines (VMs) instantly has been supported for years. But with the massive inflection in data accumulation/sprawl over the last few years, how can organizations instantly restore thousands of VMs, unstructured file systems, and 20+ TB databases? Organizations today must be prepared not just for backup and recovery, but for instant access and instant operations at enterprise scale.”
Not all data is equal, and not all data needs to be backed up. Giant data lakes with tens of petabytes, for example, cannot be efficiently backed up (but data lakes already feature internal redundancy, such as erasure encoding, so a separate backup is typically unnecessary). That’s an important fact that many organizations overlook, says Adam Rusho, the field CTO for Clumio.
“Several factors that can contribute to rising AWS backup bills include the incorrect perception that all data is critical enough to need a backup, using the same backup strategy for all data, little visibility into backups and copies, lack of granularity in existing backup solutions, and having to create additional vaulted copies,” Rusho says.
“To avoid such pitfalls, companies must take the time to discover and expunge unnecessary copies and backups and fine-tune backup strategies by gaining an understanding of underlying data,” he says. “It also means that companies shouldn’t be compelled to protect everything….Instead, use a data discovery tool that allows you to explore component folders and objects, and intelligently assign policies.”
The recipe to protect data is simple, according to Tyler Moffitt, a senior security analyst at OpenText Cybersecurity: You just need to develop a backup strategy, test your backups, keep backups offsite, encrypt your backups, and implement a backup monitoring system. Easy, right?
Not so fast. Of course, there’s a bit more to every one of these steps. Moffitt graciously fills in the broad outline with some pertinent details:
Develop a backup strategy: “Start by assessing what data needs to be backed up and how frequently,” Moffitt says. “Consider the type of data, its importance, and the impact of losing it. Then, decide on the backup location and method, such as cloud-based, physical backup, or a combination of both. I recommend the latter, but I can understand if budgets are in the way. That is also a primary reason why SMBs are targeted.”
Test your backups: “It’s essential to test your backups regularly to ensure they’re working correctly. Test backup data to make sure it can be recovered and is usable,” he says. “Without these dry-run rehearsals, your backups could be useless or result in your team running around with their hair on fire during a time of crisis when you need to be calm and collected.”
Keep backups offsite: “If you store your backups onsite, they could be vulnerable to theft, fire, or natural disasters,” Moffitt adds. “Therefore, keeping backups offsite as well in a secure location is recommended. Cloud-based backup solutions offer this option to supplement any onsite solution.”
Encrypt your backups: “It’s important to encrypt your backups to prevent unauthorized access to the data,” he says. “Encryption ensures that even if someone gains access to the backup data, they won’t be able to read it or use it for leverage on a leak site in data exfiltration cases, which are all too common.”
Implement a backup monitoring system: “A backup monitoring system helps you keep track of your backups and ensures they’re running correctly,” he concludes. “It alerts you if there are any issues, such as failed backups or insufficient storage space. Having snapshots and a running history of versions of files is crucial as well. In case any of the most recent versions were to become compromised, you can have copies that you know will restore correctly.”
Here’s hoping you have a happy (and uneventful) remainder of World Backup Day.
Related Items:
Improving Backup Resiliency as the Last Line of Ransomware Defense
Crafting a Hybrid Cloud Backup Strategy
Backing Up Big Data? Chances Are You’re Doing It Wrong
The post Data Leaders Share Thoughts on World Backup Day appeared first on Datanami.
0 Commentaires