Data security isn’t just something on the mind of an IT professional in the workplace. It’s often that little niggle in the back of our head that we can’t ignore, even at the end of a hard day’s work. You may be wondering why this is.
Well, most IT professionals have seen first hand the impact a cyberattack can have on mission-critical functions. And if they haven’t, they’ve certainly heard and read about it. With these fears hanging overhead, it can be hard to relax at the best of times – including with our loved ones who deserve our undivided attention, especially on holidays like Valentine’s Day.
IT professionals need to remember that data backup and recovery are not just a gift for this special day of the year. It’s a necessity for facilitating business continuity, ensuring transparency around data and key to maintaining the resilience of an organisation’s most valuable assets. Businesses need to embrace a new approach to data protection, which embraces a holistic strategy and leverages the latest in machine learning and automation. Get this right – and you’ll be able to ‘back up and chill’ every day of the week, not just on Valentine’s Day this year.
Back to basics: Getting it right the first time
Firstly, companies must get the basics right – and that means storing data in secure, separate locations and backing up regularly. Many organisations make the mistake of storing on-premises or in the cloud with the same service and OS that operates core aspects of their business, such as Microsoft Office 365. Given the central purpose of data backup is to have duplicate information available if primary data platforms are compromised, keeping data separate and robustly protected – on a separate OS and in a different, unconnected location – is key.
The cloud is the perfect platform for backup storage. When it comes to scalability, security, and capability, no other infrastructure comes close. Best practices, including the use of an independent vendor, like AWS, hosting on an independent OS, role-based access controls and end-to-end encryption all help create an important gap between your critical backups and any potential attack on your server or other cloud-based systems.
Keep it simple
Regular, current duplicates are also critical to ensure you’re prepared in the event of a disaster. Instead of undertaking this task individually or as a team, automated backups can easily ensure this is always happening. Typical backup software sends full backups and full-file incremental backups to an appliance that then duplicates them. A well-written source deduplication system, on the other hand, sends only the new, unique blocks each time a backup runs.
These efficiencies make the difference between automated backups measured in seconds, versus minutes and hours. As applications become more intricate, and interdependencies become more complicated, your approach to data protection should become more simplified – anything else simply isn’t scalable. For example, automating runbook execution and streamlining core processes for rapid recovery removes opportunities for human error and shortens the potential recovery window.
Romance not ransomware
Microsoft Office 365 is arguably the most prominent example of significant data protection gaps IT professionals contend with on a regular basis. While many may assume their data is safe because “it’s in the cloud,” without a proper backup solution that follows the basics of separated, regular and automated backups with runbook execution for rapid recovery, the ability to meet business continuity, data retention, and compliance needs can be in serious jeopardy. Contrary to what others may tell you, the Recycle Bin is not a backup strategy.
A perfect example is a ransomware attack. If files are deleted or corrupted, users can’t restore an entire account to a point in time without literally doing so one file at a time from the recycle bin. Or, reverting an entire site to an earlier version simply to fix one person’s system. While Office365 does provide a number of tools to protect against ransomware, they are mainly perimeter tools aimed at stopping the penetration in the first place. When a rogue administrator or hacker gains access, they can turn off versioning and generally wreak havoc within the system to a degree that renders any stored backups almost unusable.
Show your data some love
In essence, Office 365’s inherent protections ignore the foundational rule of storing backups on a separate platform, and lack the sophistication or urgency that modern businesses require when such an attack takes place. With intelligent, user-based and file-level recovery capabilities, recovering from an event, whether intentional or unintentional, can be completed in as simple as a few clicks. For additional peace of mind, advanced artificial intelligence technology can be used to monitor a company’s backups and notify administrations of any anomalies that could signal a ransomware attack.
Retention of OneDrive, Exchange and SharePoint data is more than just key to protecting users, it can now be a critical regulatory requirement. A fine is enough to ruin anyone’s day. Particularly when it’s a GDPR fine of up to 4% of total global revenue. This is where Druva really shines. Instead of costly backup systems and tape storage, customers can preserve user data at minimal cost in cloud-based long term storage – whilst still supporting any regulation and compliance needs. By storing data within a robust, intelligent and autonomous platform designed for cost efficiency, security and maximum value, customers get the peace of mind that their data is protected.
If you fancy allowing your team the time to ‘back up and chill’ this weekend – it’s time to ensure security is at the forefront of the business agenda. Save your IT professionals heartache this Valentine’s Day, and gift them with the power of cloud – and some relaxation.