Look to the Basics of Backup for the New Year

By JG Heithcock, GM, Retrospect, a StorCentric company

When organizations made the necessary adjustments to accommodate a rapid shift to remote work this year, we learned about the increased cyberattacks stemming from bad actors leveraging the pandemic for crime. Whether achieved by phishing, malware distribution, false domain names, or other attacks on teleworking infrastructure, remote work created the perfect environment for bad actors.

As this year's Verizon Data Breach Investigations Report shows, 80% of security incidents were caused by phishing attacks, with email serving as the main catalyst to carry out these attacks. As a result, businesses need to optimize their remote working solutions by ensuring their employees are aware of the threats landing in their inboxes. This will remain a key consideration for any organization with a remote or hybrid work environment in 2021 and beyond.

Looking at developing trends for 2021, Global Workplace Analytics approximates that by the end of the year, 25-30% of the workforce will be working from home multiple days of the week. This aligns with the increase in organizations around the world adapting their work environments to follow guidelines around the virus and accommodate the growing trend in  adopting remote and hybrid working cultures.

Part of maintaining business continuity with a distributed workforce is a result of an organization's reliance on email. As such, email attacks have risen and will likely continue to increase, making them prime targets for cybercrime, especially surrounding information about COVID-19 testing, resources, vaccinations and research.

Additionally, remote employees pose a significant challenge to legacy backup systems. Their endpoint needs data protection, but cloud services like Office 365 and Dropbox don't ask employees to log into the VPN in order to work. But without a VPN, legacy backup systems cannot back up the employees' desktops and laptops because the agents are behind firewalls and routers with network address translators (NATs). This presents a serious blind spot for data protection strategies that need to work with today's cloud service providers and meet the needs of employees who now rely on their products.

With this in mind, effective backup remains vital in defending against the activities of cybercriminals. While many organizations understand the risks and will increase their focus on data protection in 2021, others still need to revert to basics and take the minimum steps required to defeat attacks which will inevitably come throughout the year. This approach offers an effective launch pad for businesses to increase their protection against risk, with backup as a foundation.

As we continue to navigate the uncertainties of the pandemic in 2021, it is important to reiterate simple steps to avoid or minimize attacks on businesses such as identifying suspicious senders, exercising caution before clicking on links or opening attachments, and instilling a backup strategy that utilizes the 3-2-1 backup rule. A strong 3-2-1 backup plan includes having at least three copies of data across multiple locations: the original, a first backup stored onsite and a second backup located offsite. In our current environment of rampant ransomware attacks, three copies of data - on the computer, on local storage, and on offsite storage - mean rapid recovery from threats such as ransomware will become much more practical.

Below you'll find a variety of infrastructure options available if you're looking to implement a 3-2-1 backup strategy:

• Disks and the Cloud - Combining local disks and cloud storage locations is popular among small businesses. With available backup on a local disk, you get fast recovery time because the local network allows for a higher bandwidth. Utilizing a remote backup on a cloud storage location protects business data from disaster, malware, and other problems that arise.
  

• NAS Devices and the Cloud - NAS devices are an affordable onsite storage location for backups. Leveraging an onsite NAS ensures a large dedicated storage pool and high bandwidth for organizational data. Transferring those backups to the cloud as an offline process avoids accessing the original source multiple times.
  

• Disks and Tapes - This remains the most common storage media, and despite its long history, tape continues to make strides in speed and storage capacity. With a local disk, users can quickly back up their environment and have the backups available for fast restore. Using a tape library for offsite storage enables backups to be stored in a safe location (akin to a security deposit box).
  

While the new year will continue to present organizations with new and familiar risks, tools are readily available to build a foundation that actively protects data. Many organizations across industries and around the globe have faced massive challenges this year in the anticipation of post-pandemic recovery in 2021, it is crucial that progress isn't affected by a growth in serious cybersecurity breaches and the lack of a reliable backup plan.

##

About the Author

JG has 18 years of experience in the storage and backup industry. He was the user experience architect at WildPackets (now Savvius) before coming back to recruit and manage the engineering team for Retrospect at EMC. JG was one of the founding members of Retrospect, Inc, and is now general manager at Retrospect under the StorCentric family.