Each year, March 31 is World Backup Day, which reminds all of us that we need to back up all our personal and business-related documents, photos, videos—anything else digital that we value.
Those of us who have lost important files in the past know what a pain it is—and how much valuable time it takes—to recreate them or make new copies, if it’s possible. Thinking ahead and taking the time and attention needed to ensure the protection of data valuables is well worth it and doesn’t cost that much.
There’s really no excuse anymore not to do this: Automated backup into the cloud or to onsite storage is simple to set up and inexpensive. And there are so many vendors willing to bend over backward for your business that you shouldn’t have any problem finding one that fits what your needs exactly.
Successful backup providers include those quoted in today’s article plus Code42, Intronis, iDrive, Nero, OpenDrive, Seagate i365, Carbonite, EMC Mozy, Jungle Disk, Veritas, Zetta, Druva, Asigra, Box, Veeam, Dropbox, Egnyte, Ftopia, Barracuda, SpiderOak and others.
Here are some good pieces of advice from people who know all about this topic.
Doug Matthews, Vice President of Enterprise Data Protection/Analytics, Veritas:
As some employees begin returning to a physical office and others continue working remotely, organizations must pay close attention to protecting themselves from vulnerabilities that come with a hybrid work model. The biggest problem with this model happens as devices “out in the wild” are then physically brought back into the business network. Companies must be aware these devices may be carrying a range of sleeper viruses and ransomware that could put data at risk.
This World Backup Day, organizations must take the time to understand where data lives – and standardize data protection practices across every environment, workload, cloud, and deployment model. Now’s the time for enterprises to ensure all data is properly secured, their employees are trained on security policies, and the right tools are in place to quickly recover if disaster strikes.
Matt Waxman, Vice President, Product Management, Cohesity:
As we reflect on the past year, the world has been turned upside down, so talking about RPOs and RTOs just doesn’t seem appropriate. We are living in an age where ransomware has almost become a household term. Sophisticated ransomware attacks are increasingly targeting backup data in addition to what resides in production, to knee-cap organizations and their last lines of defense. Tackling ransomware is multi-faceted, but without a doubt having a comprehensive data protection strategy with a foundation built around immutability is no longer a nice to have, but a must-have.
All companies, big and small, need to be on their guard and put defenses in place to reduce the chances of becoming the next victim. When combined with the cloud, an immutable file system is an incredibly powerful way of overcoming ransomware attacks. For too long backup has been a chore, or worse, an afterthought. However, in 2021, it is clear that sticking with your existing backup vendor’s protection without thoroughly assessing its immutability credentials is akin to doing nothing, which can no longer be an option.
Rotem Iram, Founder and CEO, At-Bay:
Backups have become important to companies that are exposed to digital risk, and to the insurance companies that protect them. An effective backup approach significantly lowers recovery costs, shortens downtime, and provides an alternative to engaging with criminals in the case of ransomware attacks. All of these factors lower risk and can contribute to lower insurance premiums.
Unfortunately, many companies are failing to put an adequate plan in place. While the vast majority of companies claim to have backups and restoration processes, our data show otherwise:
- Smaller companies (under $10M revenue) are twice as likely to lack proper backups than larger organizations ($10-100M), and four times more likely to lack proper backups than enterprises ($100M and above).
- Public administration orgs are 7 times more likely not to have backups compared to private organizations, and small public orgs (under $10 million in budget) are as much as 15 times more likely not to have backups.
- In the private sector, “offline” / traditional businesses (such as warehouse, logistics, transportation, utilities, agriculture) trail in implementing backups by 2-3x compared to professional services and technology businesses.
These shortfalls are going to cost companies a lot of money. Regardless of size, every company needs to have a strategy in place that ensures backups are segregated from the network, saves copies for 30-90 days (once there is a breach, your most recent backups may include malware), and backs up all important systems and data, even those in secondary locations or legacy systems.
Adrian Moir, Technology Evangelist and Principal Engineer at Quest Software:
The shift to remote work is empowering organizations to take backup and recovery more seriously–especially as many face new challenges navigating the move to the cloud and data proliferation. While best practices for backup and recovery haven’t changed, they have been impacted by the evolving way data is collected and changing nature of that data, requiring targeted backup technologies to adapt to ensure compliance with existing practices.
Organizations need to focus on the data itself when it comes to what the future of work will be. Whether a company’s workforce is at home or in an office space, employees are now working from anywhere, meaning organizations can no longer ensure data is always secured behind enterprise-grade equipment in a corporate environment. However, this doesn’t mean companies should look to create hard environments. These ultimately lead employees to find security workarounds, causing dark data and shadow IT growth.
Just as we’re shifting mindsets on where employees work, companies need to rethink where their data is coming from and where it ends up. This year, World Backup Day serves as a time to reflect on how teams are being enabled to work with data. In today’s remote world, it’s important that easy and efficient solutions are in place to ensure data can be tracked and properly protected, to keep the business running. On top of this, companies must continue to plan and test against that plan. Ensure that backup and recovery strategies put in place are actually effective and if they are not, plan again.
Dave Wagner, CEO of Zix:
Top two common misconceptions:
- Once you migrate to the cloud your data is safe.
According to recent CheckPoint research, Ransomware attacks are growing at a rate of 9% per month in 2021. Of course, the more data you have in the cloud the higher the cost of a ransomware attack on your business. With the increase of cloud storage driven by remote work, these risks now apply to all of us! That’s why it’s critical to have alternative solutions and/or a third-party cloud provider for automated backups.
- Your SaaS provider is a one-stop-shop for backup and recovery.
Today’s SaaS applications are incredibly powerful when it comes to boosting collaboration and productivity, but they fall short when it comes to the data retention, backup, and restore features needed to recover data at any point in time. Apps like Google G-Suite and Box, for instance, offer a limited grace period for restoring messages and files, after which point, data is gone forever. Other SaaS providers, including Microsoft, directly recommend using third-party backup services.
Three ways to proceed:
- The need for education on the executive level before empowering the rest of your team.
It is a critical first step to empower your team to take control of the data in their departments by giving them an all-in-one tool to do it. Teach them how to manage daily backups through reports, how to control user access, and how to recover lost or corrupted data–if and when disaster strikes.
- Know the difference between backup and archive and why both are important.
While often used interchangeably, backup and archive are two very distinct functions. Backups provide you with a safety net in the case of an outage or breach by storing a copy of your data in real-time in a secondary location (a third-party cloud provider), making it possible to recover.
Archive, on the other hand, is the process of moving certain data that’s no longer in use but needs to be stored and cataloged for long periods of time. This is used mostly for companies that need to comply with data-retention regulations.
- Get the right automated backup tools in place now.
The risk of ransomware is real, and your data is a living system that constantly changes during day-to-day operations. That’s why daily automated backups for all of your software platforms from Google Drive to Salesforce and Box are necessary. You want a simple process for managing your data: Set it (archive location, backup time, frequency, etc.), Manage It (reports, backup exports, etc.) and Access It (search and locate data).
Paul Speciale, Chief Product Officer, Scality:
As data becomes increasingly valuable, backup and data protection at large will remain key topics. Storage and backup infrastructure must continually be revisited as business needs evolve.
Over the last several years, we’ve seen the growth of hybrid cloud backup and business continuance strategies. Traditionally, enterprise IT has solved business continuance requirements through redundant infrastructures, in two physical enterprise data centers that are geographically separated. This commonly depended on the use of data replication strategies to maintain redundant data copies across these sites. The real shift in the last 24 to 36 months is that enterprises are now truly embracing hybrid cloud as the mechanism to enable this redundancy, by using a public cloud provider such as AWS or Azure as the secondary site, with hybrid cloud data replication as the means to maintain data synchronicity between the data center and the public cloud.
On-premises backups will certainly remain, since data is now being created everywhere, from the corporate data center, to the cloud and now the emerging edge tier, but a major new trend in the world of IT infrastructure and application development will be a shift to the “cloud-native” model. This will create a demand for an entirely new set of data protection applications that are container and Kubernetes aware, so as to provide cloud-native backup solutions for these environments.
“Most enterprises consider data backup as a type of insurance policy in case something goes wrong. However, for World Backup Day, we’re asking businesses to think beyond using backup data for insurance, and see it for the strategic asset it can be.
Joe Gaska, CEO of GRAX:
Most enterprises consider data backup as a type of insurance policy in case something goes wrong. However, for World Backup Day, we’re asking businesses to think beyond using backup data for insurance, and see it for the strategic asset it can be.
To turn this page, organizations must take ownership of their data – especially SaaS application data, which is where so much of business takes place these days. If you own your cloud app data by backing it up and storing it in your own cloud infrastructure, and control the frequency with which it is captured, not only can you get the granular historical data needed to minimize impact from app data loss and to comply with industry regulations.
Just as important, your business users can get unfettered access to the data generated in those SaaS applications, and feed it into their analytics, ML, AI and other systems. Accessing backup data from your own cloud storage, instead of using APIs to hit the applications themselves, is a much easier and much more cost-effective way to leverage SaaS data for competitive advantage. And it transforms backup into a true business accelerator.
Ajay Sabhlok, CIO & CDO at Rubrik:
Ransomware attacks have become increasingly frequent over the past year, and it’s no longer a question of if an organization is going to become a victim of ransomware, but when. When businesses suffer an attack, CIOs are faced with two options: those whose data have been compromised are forced to pay a ransom, and those who have properly backed up their data must determine how long it will take to recover their safeguarded data. If they can’t recover quickly enough, it might be financially necessary to pay a ransom and avoid suffering downtime, which could have long-lasting reputational effects.
As we approach World Backup Day in 2021, CIOs should focus on prioritizing backup and recovery solutions that natively store all data in an immutable format, enabling them to recover quickly to avoid the poor economics of ransomware recovery. It’s clear that legacy solutions don’t meet the needs of businesses today, as companies that have prepared for an attack can still be left struggling to decide whether they should quickly pay a ransom or spend more time and money recovering from an attack and subsequent downtime.