To coincide with World Backup Day, Business Reporter spoke to the experts at Commvault to ask them how the pandemic has affected disaster recovery strategies
Businesses had to quickly adjust to the sudden move to remote working last year and as a result, many won’t have had an effective disaster recovery plan in place. However, COVID-19 has forced many businesses to look at backups they do have in place and improve them, as well as realise how crucial a disaster recovery plan is to their survival.
To coincide with the tenth anniversary of World Backup Day, we hear from Commvault about the impact of COVID-19 and the importance of successful disaster recovery.
How COVID-19 has boosted the need for backup
Kate Mollett, Regional Director for Africa discusses how, “organisations all over the world closed their physical offices during lengthy lockdown periods and millions of employees had to continue to do the same work and access the same applications and critical data, but in a very uncontrolled, decentralised and dispersed way. Aside from that level of complexity, the entire process was 100% unprecedented and unplanned.”
Mollett also believes that “the COVID-19 pandemic truly provided the opportunity – whether you wanted it or not – to test your organisation’s data protection, business continuity and DR plans. An opportunity to ensure that your systems and security posture is rigid enough to provide the security and governance required to be compliant and manage data loss and cyber risk, but equally agile enough to allow users to connect from wherever, whenever and on any device.”
What have we learned from the pandemic?
Mark Jow, EMEA VP, Sales Engineering reflects on the past year, and emphasises how this has placed a spotlight on the importance of data. “With the global pandemic shining a bright spotlight on the value of data, it’s perhaps not a surprise given the recent OVH data centre fire, that companies are becoming increasingly focussed on the integrity of their DR processes and solutions. This World Backup Day, it’s key to remember why having a comprehensive disaster recovery plan that includes data backups is invaluable.”
The pandemic acted as a catalyst for flexible working and cloud adoption. Ronnie Kaftal, Senior Sales Engineer discusses how customers are increasingly using a cloud-first, SaaS-first approach. “As many organisations have shifted to working from home, remote access and VPN concentrators had to be put in place and scaled, which in turn may have required the opening up of corporate services that were previously locked in with no remote access.
“Home or remote workers are in many cases connecting to corporate or to the cloud service by using a BYO device which is running outside of the corporate firewalls with questionable security hardening – devices may be used by attackers to get access to corporate data or as a means to encrypt the end user’s data even if it synced with a cloud copy. Beware though, latest statistics say nearly 60% of attacks where data was encrypted involved data stored in the public cloud.”
What is the biggest threat to data right now?
The risk of cyber-attack is more likely than ever. In fact, 90% of companies faced an increase in cyber attacks during COVID-19. Mollett agrees that “it is not a question of ‘if’ but ‘when’ you will be the victim of a cyber-attack or multiple cyber-attacks. Assume the worst and plan for the worst. The difference between surviving or succumbing to an attack is an organisation’s ability to react, respond and recover quickly from a cyber-attack, and to do that you need intelligent and robust data protection and data management solutions. The threat surface continues to expand and evolve.
“The IP behind these cyber-attacks is super sophisticated. And the target, or the threat to data is unfortunately the end user, who remains the unsuspecting weakest link in an organisation’s security posture. You need to educate and continuously communicate with your user community about cyber security and what to do when compromised.”
Recommendations for successful data backup
“Like everything in this world, you get the good, the bad and the ugly and this applies to back up software solutions as well,” according to Mollett. She advises to take your time and take a look at all options before deciding on a data backup strategy.
“There are many backup options and solutions available in the market that claim to protect your data; to guarantee data immutability; to promise 100% restore and recovery capabilities; to integrate seamlessly into enterprise applications with ‘out of the box’ features and functionality. The list of promises is endless and the options are overwhelming. Use the research and advisory muscle of organisations like Forrester, IDC and Gartner. Insist on ‘top right’ solutions; interview existing customers; check references and remember, invariably in this life you get what you pay for. If it seems too good to be true – it probably is.”
For Kaftal, moving from the traditional backup strategy to cloud storage is the desired approach.
“Securely storing backup copies of your critical data is a must-have for defending against malicious attacks. After all, more than half of organisations that did recover their data from ransomware did so from backup copies. The traditional 3-2-1 data protection strategy recommends: 3 copies, 2 media types, 1 off-site location.
“Implementing this strategy in the physical world often means cumbersome media and long restore times, and the overhead of managing and maintaining on-premises copies also make it cost prohibitive in some cases. A better alternative is to consider using cloud storage as a backup target.”
John Day, Sales Engineering Leader advises businesses to begin their backup strategy by starting in reverse,because “effective backup really starts with the recovery requirements and aligns to the business needs for continued service. Ensuring you have the right recovery solution that aligns to the criticality of the application and data, whilst balancing the cost to the business, as well as the simplicity of operations. For example, with Office 365, protecting email and information held in collaboration tools, using a SaaS solution like our Metallic offering enables customers rapid deployment of protection capabilities, without the overhead of building and maintaining traditional, self-created data protection services.”
However businesses decide to backup their data, it’s imperative that they do. In the face of disasters out of human control or cybercriminals looking for an easy win, a disaster recovery plan could be the difference between a business’ survival or a business’ downfall.
Main image courtesy of iStockPhoto.com