Today is Thursday, March 31, 2022, and that means it's "World Backup
Day", the day we technology folks remind everyone how important it is to
back up your data.
Whether personal or business, let this be a reminder for you to make sure you have a backup and
recovery strategy in place -- no matter how great or small.
What is World Backup Day?
World Backup Day is celebrated on March 31st – and it is a yearly
reminder for both organizations and individuals to secure their files
via backups and how to improve the security per device and solution.
It’s the day to prevent data loss.
Even though backing up data should be common knowledge:
- 21% of people have never made a backup
- 113 phones are lost or stolen every minute
- 29% of data loss cases are caused by accident
- 30% of all computers are already infected by malware
Hopefully this
day will make
everyone think twice about their situation, and educate themselves on
the various options available to them so that they can get things backed
up.
A backup is only as good as your ability to recover the data. As part of your backup strategy, make sure to
have a recovery plan. Be prepared to recover an entire system, a folder or collection of folders, and a
single file. World
Backup Day should bring about awareness and create a reminder for all of us to
backup things up. No matter how secure or
safe you feel about your data, know that it's important to backup your files.
Don't
take my word for it. Hear from some of
the leading industry experts in the backup and disaster recovery industry for more commentary and expertise:
--
Daniel Hofmann, CEO at Hornetsecurity
"The
first thing that typically comes to mind when thinking about backup is
data loss prevention-and that is important. Yet, backup solutions are
about much more than protecting our data: They are key to ensuring
business continuity and keeping companies afloat when disaster strikes.
And what's more, they teach us to cherish what we have. This World
Backup Day, we all thank the countless IT professionals working
tirelessly to develop solutions that keep our data safe. It's also the
opportunity to stop and take stock. We therefore remind all companies
and organizations to take a good look at where they are in terms of
backup & DR strategy - you'll thank yourself later."
++
Sathya Sankaran, GM, CloudCasa by Catalogic
"Why
is this day important, what does it mean, what should people/companies
be thinking about, why is backup and disaster recovery important and
what should people be doing about it?
From the last couple of years of Covid to the war in Ukraine and our heightened SHIELDS UP
security posture, world events are again in the forefront of our minds
for World Backup Day. Cyber-resilience continues to be a key focus for
our customers and a key driver for our data protection products.
A
backup solution touches every data asset that is critical to a
business. Many vendors already provide useful alerts when irregular
change rates are detected on backups, but that is already too late for
businesses. Can modern backup solutions "stretch left" to make sure that
the critical data is not misconfigured to be vulnerable or under an
active cyber-attack? Active read/write scanning, tamper-proof and
immutable backups, cloud and container security posture review, honey
pots, and multi-factor authentication are all capabilities we've added
to our backup solutions since the last World Backup Day. Cyber-attackers
are constantly evolving, and we must have our shields up! A proactive
and cyber-resilient backup service can both be a shield and a bunker in
times of need."
++
Indu Peddibhotla, Senior Director of Products & Strategy, Commvault
"Enterprise IT teams today are increasingly starting to realize that backup extends far beyond serving as their ‘last line of defense’ against cyberattacks. It can now help them take the offense against cybercriminals, by allowing them to discover and remediate cyberattacks before their data is compromised.
For example, data protection solutions now have the ability to detect anomalous behaviors indicating a threat to a company’s data. In addition, emerging technologies will soon allow enterprise IT teams to create deceptive environments that can trap cybercriminals. These features, coupled with other early warning capabilities, will allow companies to use their backups to detect, contain, and intercept cyberattacks before they can lock, alter, steal, or destroy their data."
++
Simon Taylor, Founder and CEO, HYCU
"This World Backup Day, we are reminded of the global reality that backup and recovery and data protection are even more important than ever. The continued rise of cybersecurity and ransomware threats especially in light of events in Ukraine and with Russia are turning both backup and recovery into first class citizen status. Both have quickly become not just another important piece of the technology puzzle or check box on a compliance list, they have become an important last line of defense for businesses, employees and families. Use this year's World Backup Day to further work to reduce your attack surface and make sure you are safe and protected in the inevitable event of an attack. Being best prepared is half the battle."
++
Rick Vanover, Senior Director of Product Strategy at Veeam
"In today’s world of cyberattacks and ransomware threats, data backup is critical. Ransomware happens more often than people think and following an attack, organizations who haven't prepared accordingly only recover about 64% of their data, losing 36% of their data, resulting in significant data loss. In honor of World Backup Day, organizations should evaluate their data systems to ensure proper and modern data backup and recovery systems are in place—it’s not if you get attacked, it’s when."
++
Thomas LaRock, Head Geek, SolarWinds
"Data
enables business leaders to make informed decisions and it’s also at
the heart of applications that drive business success. In fact, SolarWinds® Database Priorities and Pitfalls 2021 Report
found that seven out of 10 IT respondents say that 50% or more of their
organization’s databases are considered critical to the success of
their business.
World Backup Day serves as an opportunity for
business and database leaders to think critically about their
organization’s backup strategy, and ensure they are employing the best
practices and tools to protect their business’ most important asset:
data. With increasing ransomware and cyber-attacks, a robust database
backup strategy is non-negotiable. A backup can save your business from
losing the data that underpins your operations and, ultimately, the
future success of your business.
Finally, consider where you
store your data—in the cloud, on-premises, or across other systems —as
location can have a major impact on cost and the overall effectiveness
of your recovery process."
++
Jack Bailey, Director of Sales & Channel Enablement at iland
"World Backup Day serves as an important reminder that ensuring effective offsite backup is critical to any business, whether large or small. Business interruptions are inevitable – it’s a matter of “if” not “when” they will happen to an organization. It’s the response that is important to the bottom line. Cloud backup services provide an accessible, cost-effective insurance policy to protect data from any number of data loss threats, and ensure immediate search and restore functionality.
With the rise in ransomware events and increasing amounts of data loss, the need for an air-gapped/hardened backup target has also become a must-have. Many ransomware varieties or malicious processes will now attempt to delete or encrypt backup data. Ensuring an organization’s backups are protected from such threats is vital.
As internal and external threats evolve, businesses need to monitor and remediate risks along with the ability to restore and recover on-site, or perform recovery to the cloud, in a secure and seamless manner."
++
Kevin Cole, head of training and technical marketing, Zerto, a Hewlett Packard Enterprise company
"With 50% of organizations suffering from unrecoverable data loss in the last three years, World Backup Day serves as a timely reminder to protect your data from a potential disaster or disruption, such as ransomware. It’s also important to understand that simply making backups is not good enough—you have to prioritize restores & recoveries. Being able to non-disruptively test and prove your ability to recover lost data following an incident is what can make or break an organization.
To truly be prepared for data loss and downtime, every organization should have a recovery plan in place that is built upon continuous data protection (CDP), which provides streaming protection of each and every change in an application or on a server. Without CDP, you might be stuck making a false choice between low RPO or low RTO. Instead, look for solutions that offer both, without compromises, at a scale to match where you are now and where you want to be in three to five years. Doing so would mean every World Backup Day you’re breathing easy instead of rethinking whether you can really deliver on continuous availability and an uninterrupted business."
++
Mark Chuang, Head of Product Marketing Cloud Storage and Data, VMware
"In today's data landscape, backup, disaster recovery and ransomware protection have become key components of organizational resiliency. With one ransomware attack taking place every 11 seconds, it is now more important than ever for organizations to understand the threats this poses to their business and their reputation. It is no longer a matter of if, but when a malicious attack or unplanned disaster will occur—but the bright side is, there is a way to avoid paying the ransom or suffering extended business downtime. How? By having a holistic, unified backup and disaster recovery strategy with immutable storage support, air-gapped copies of data, granular recovery and a well-rehearsed set of DR plans that are easily executable when disaster strikes.
Organizations should be thinking about how to better unify solutions to deliver added resilience with minimal IT retraining and leverage DRaaS (Disaster Recovery as a Service) products such as VMware Cloud Disaster Recovery to benefit from cloud economics and preserve data availability in the face of these ever-growing threats. A good option for those looking to reduce DR costs while meeting stringent SLAs is on-demand DR, as it can offer up to a 60% lower TCO compared to traditional DR.
Data resilience, comprised of backup, disaster and ransomware recovery, is the need of the hour, and this is the perfect time for organizations to rethink their strategy and make it part of their long-term business objectives by reducing cost, complexity and driving increased reliability in their solution. The time to act is now."
++
Rick McElroy, Principal Cybersecurity Strategist, VMware
"Testing the viability of backups is vital amid continued warnings from the Biden administration urging the private sector to immediately harden their cyber defenses. As geopolitical conflict spills over into cyberspace, organizations should test backup procedures to ensure that critical data can be rapidly restored if the organization is impacted by ransomware or a destructive cyberattack. Critical infrastructure providers, in particular, should operate under the assumption that they will be hit by targeted attacks. Prepare for the unexpected, test backups, and warm up incident response muscles."
++
Nilay Patel, Co-Founder and VP of Sales at Backblaze
"Research we’ve done with the folks from Harris Poll shows that more than one in every two people (61%) have suffered data loss. That’s unacceptable, and why we believe that backup should be SO easy that everyone would think of it as common sense. But backups only work if they both exist and are useful.
That’s why, on our favorite holiday, we remind businesses everywhere to consider the following best practices: ensure backups are physically remote (in the cloud), virtually air gapped (protected by object lock wherever possible), instantly accessible (in hot storage), and configured to be put into action immediately during a disaster (with a rock solid disaster recovery setup that doesn’t rely on their on-premises infrastructure).
World Backup Day is March 31 to remind us what happens if we’re not adequately backed up: We end up feeling like April Fools. Nobody wants to realize the day after a disaster or attack that their backups are corrupted, ransomware’d, or otherwise inaccessible. So hopefully today’s celebration encourages everyone to revisit their backup plan and make sure their data is safe and ready for recovery from any April Foolishness. It’s easy."
++
Peter Donnelly, Director of Products at ATTO Technology
"World Backup Day is a reminder for every organization that it's not
just unintentional disasters that can lead to data loss, bad actors'
threat vectors are becoming more sophisticated in finding entry into
their targets. From on-prem to cloud, businesses will continue to use
multiple options to effectively protect data. While backing up to the
cloud has certain benefits, more organizations are looking at
traditional tape backup as it remains a proven, ever-evolving, and
cost-effective technology. The primary advantage of tape is its physical
immutability: data on a tape drive is not physically connected to a
network when at rest providing an ‘air gap' that leaves backed up data
untouched in the event of an attack."
++
Clara Angotti, President, Next Pathway
"In
a recent survey that we conducted with 1200 IT Leaders from large
organizations in North America, 20% of respondents agreed that the
biggest risk to a cloud migration is ensuring that a backup strategy is
developed to help reduce the chance of data loss. A successful cloud
migration plan will include a data migration analysis to ensure
historical data extraction and ingestion of transferred data is done
correctly."
++
Peter Tsai, Head of Technology Insights at SWZD
"It's
often said that backups are the last line of defense against
cyberattacks and ransomware - a last resort to turn to in the event of a
catastrophic failure. Ideally, all businesses would create and
test backups on a regular basis. However, many organizations lack the
time or resources to follow best practices. The current elevated threat of cyberattack
that has coincided with the invasion of Ukraine has served as a wakeup
call that has prompted many businesses to take additional precautionary
steps to protect corporate data.
A recent Spiceworks poll
of 125 IT professionals found that 45% of businesses have taken
additional backup measures due to the current elevated risk of
cyberattack. These precautionary measures could include additional
testing to ensure data can be fully and quickly restored, making sure
backups exist in multiple locations to reduce the risk of the backups
themselves being encrypted by ransomware, or expanding the scope of
backup plans."
++
Joe Noonan, Product Executive, Backup and Disaster Recovery for Unitrends and Spanning
"World
Backup Day is a great reminder for businesses to take a closer look at
their full business continuity and disaster recovery (BCDR) plans-which
includes everything from the solutions they use to their disaster
recovery run book.
The shift to remote working completely
transformed the way organizations protect and store their data. Today,
there is a greater focus on protecting data no matter where it lives -
on-prem, on the laptops of remote employees, in clouds and in SaaS
applications. Recovery time objectives (RTOs) are increasingly shrinking
in today's always-on world, with goals being set in hours-if not
minutes. Cybercriminals have taken advantage of the remote and hybrid
work environments to conduct increasingly sophisticated cyberattacks,
and the data recovery process post-incident has become more complex due
to new cyber insurance requirements. These new regulations include
critical audits and tests that businesses must comply with in order to
restore their data and receive a payout after an attack-which can slow
down the recovery process.
With data protection becoming
increasingly complex, more organizations are turning to vendors that
provide Unified BCDR, which includes backup and disaster recovery,
AI-based automation and ransomware safeguards as well as disaster
recovery
as a service (DRaaS). Unified BCDR has become a necessity due to the
growing amount of data organizations must protect and the increasing
number of cyberattacks taking place against businesses of all sizes.
For
those organizations taking a closer look at their BCDR strategies this
World Backup Day, we recommend they consider the following questions:
- What data and applications are critical to ensure business productivity?
- How much downtime and data loss can be sustained?
- How will they test their solution for completeness and performance?
- What immutability safeguards are in place to eliminate ransomware risks?
- What is the process to failback to the production environment once the disaster is averted?"
++
Nagarajan Chandrasekaran, VP, Product Management and Marketing, BDRSuite, Vembu Technologies
"World
Backup Day was started by a group of IT enthusiasts with the purpose of
increasing awareness about the importance of Backup and Disaster
Recovery. Vembu Technologies has been a strong supporter of this annual
event, spreading awareness through various activities. Even after a
decade since the first World Backup Day, we remind every business should
revisit their data protection strategy and prepare for the modern-day
data thread on this day.
Data becomes more vulnerable than ever
as more organizations begin to rely on the cloud and SaaS after the
pandemic. With today's increasingly complicated IT infrastructure,
implementing a fully functional backup strategy is no longer simple. We
have always believed that backup solutions should address the data
protection needs of a diverse IT environment without making it more
complicated.
It is also the responsibility of IT professionals to
choose the backup solution that meets their backup requirements while
also allowing them to centrally manage backup activities of their
diverse IT infrastructures, including virtual, physical, cloud, and
SaaS."
++
Deepak Mohan, executive vice president at Veritas
"It's
clear that multi-cloud adoption is delivering big benefits to
organizations around the globe, including enhanced resiliency and
agility. However, the shift to multi-cloud environments is also creating
new data management challenges, such as unexpected costs, operational
complexity and increased vulnerability to ransomware threats. Bad actors
are successfully making their ransomware attacks even more impactful by
targeting cloud services and data,
and as the volume of enterprise cloud data continues to grow
exponentially, we expect this trend to continue for the foreseeable
future.
"World Backup Day 2022 is a powerful reminder that
there has never been a more critical time for all organizations to
prioritize robust data protection practices. Leaders must work with
their IT teams to take the necessary steps now to implement the right
tools and protocols that can autonomously self-provision, self-optimize
and self-heal data management services to keep their critical data safe
and available no matter where it is-from edge to core to cloud."
++
Jesse Franklin, SVP of US & Canada, Incode
"When
it comes to the security of identities at rest, there are two
foundational requirements. First, the data or identity information must
be secured so that even in the event of a breach, the underlying data
isn't revealed. Second, a strong authentication mechanism like biometric
security is in place to control who has access to underlying data.
These controls make it possible to reduce fraud and limit the exposure
of sensitive data."
++
Jeff Costlow, CISO, ExtraHop
"Ransomware
is a shadow that hangs over all organizations today. This World Backup
Day should be a call for all organizations to examine how their backup
and recovery plan weaves into their overall security strategy to ensure
they are protected in the event of a ransomware attack.
Sadly,
organizations must take further precautions and cannot rely solely on
their data backups. Today's ransomware has become an advanced threat
with the "hat trick" of exfiltration, encryption, and software
exploitation. It used to be that the sole endgame of ransomware was
encryption. Deploy the ransomware, encrypt the files, and demand payment
in exchange for the keys. Today, ransomware criminals have introduced
payment incentives at multiple steps in the killchain, from exfiltration
of data to exploitation of software. While it is key for organizations
to ensure a strong backup and recovery strategy is in place for business
continuity, they can no longer guarantee that their private data won't
be released.
A backup plan is just the beginning. Other points to consider in a ransomware response plan include:
- Initial access:
This is where cybercriminals gain a foothold through a wide range of
techniques proven effective over time, including phishing emails. Ensure
you have user training in place and strong preventative measures
including VPNs and firewalls.
- The midgame: This is
where the attacker pivots through an organization's infrastructure,
accumulating assets and compromising data. Organizations need strong
visibility into East-West traffic to spot ransomware, including lateral
movements, domain escalations, command and control actions and data
staging.
- The extortion cycle: Cybercriminals have
compromised your systems and your data. A strong backup and recovery
process is a critical piece of the puzzle that will keep your business
up and running.
For organizations with a strong
plan for ransomware and backups, use World Backup Day as a reminder to
test those plans and make sure you can restore your information as
expected."
++
Mike Potter, CEO and co-founder of Rewind
"World
Backup Day is a great reminder of the rising importance of data backup
and recovery advancements in the business landscape. As more companies
move daily operations to the cloud, the risks of an inevitable
disruption dramatically increase. This means educating businesses on the
risks of data loss becomes even more essential, which is why we believe
this day is so important.
SaaS tools are now the default tool
for modern businesses. Regardless of whether industries return to
in-office or remain in some form of hybrid work environment for the long
haul, companies will be reliant on SaaS and SaaS data for years to
come. Businesses of all sizes need to realize that a significant amount
of their indispensable business data sits in SaaS applications and take
proactive steps to protect it.
Today, the majority of cloud
backups focus on corporate-wide, legacy systems. However, all the SaaS
tools employees rely on every day should be secure and protected with
automated backup and recovery solutions. It's the only way businesses
can avoid operational downtime - whether it be a minor user misstep that
deletes some info or a massive breach that jeopardizes the entire team
or company profile.
On World Backup Day, Rewind is expanding
its solutions footprint to include Jira - furthering our mission to
protect every vital SaaS tool. In addition, we're adding a little bit of
fun to the mix with a simple game on Rewind.com that builds awareness
of the different threats businesses face called Cover Your SaaS."
++
Steve Costigan, Field CTO, Zadara
"Data is the lifeblood of an organization, becoming more so as we develop strategies around AI/ML and deploy containerized applications on platforms like Kubernetes. This needs a change in the way we think about data protection, platforms are more fluid, scaling up and down, in and out. However the threats to data, especially from cyberattacks, are increasing so the normal rules of multiple copies in different locations with immutability or air gap still persist. If you don't have the skills in-house, find a good partner to help."
++
Paul Speciale, chief product officer, Scality
"The major transition to remote work we’ve all experienced over the last two years consequently changed the demands for data protection and how organizations do storage and backup. It’s important to understand how the appropriate storage solution is the make-or-break element in a company’s backup and disaster recovery plan – particularly in the current hybrid and remote work landscape.
If organizations don’t have strong backup and recovery infrastructure, they are in jeopardy of losing their most valuable assets – their data.
An object storage system creates a platform that eliminates many problems present with legacy solutions: unlimited scale, a global pool of data for deduplication, single system management and cloud-like pay-as-you-go costs. In conjunction with the right backup management engine it also offers the possibility of providing your employees with the kind of self-service backup and recovery they need in a remote world where speed is of the essence and efficiency is front and center, and allows for a more fine-grained authentication and security system."
++
Aron Brand, CTO of CTERA
"It’s important for organizations to be proactive in securing their vital data. And having a day to remind them about best practices is certainly important. But, rather than World Backup Day, I prefer to think of this day as World Disaster Recovery Day because, in my opinion, most organizations place too much emphasis on backup and too little on their data recovery plan.
Simply, a plan for recovering data and systems in the event of a disaster is a must have for enterprises, and far too many don't have a formal plan in place. They may have some basic procedures to follow, but a great deal of organizations haven't really thought through all of the needed steps to cover after a data loss, and that includes a run through of the disaster recovery plan. An enterprise must test its DR plan regularly to make sure it works.
Next generation cloud-attached storage solutions are available that provide near instant recovery from disasters, including capabilities such as detection and instant recovery from a ransomware attacks and they do this while being more robust and easier to manage than traditional backup solutions. These new solutions should be a key part of any organization's disaster recovery plan."
++
Adrian Moir, Technology Evangelist and Principal Engineer at Quest Software
"As another World Backup Day rolls around, organizations need to focus on three different areas in relation to backup: proactivity acquired through immutability and access control, shared cloud security responsibilities, and cost optimization as data volumes skyrocket.
Recovering data from a backup after a ransomware attack is the cure to the problem, but prevention will always be better than a cure. Data must be secured from both a data and an access point of view, which can be done through MFA, obfuscating data sets, encryption of data sets, immutable data, and more. With plenty of solution options out there, organizations should choose to provide the level of immutability and access control needed to proactively stop ransomware attacks before they happen.
Most businesses assume their data security is totally in the hands of their cloud providers, which can lead to unfortunate situations when data is not backed up. This is why organizations must follow the shared responsibility model, which discourages the “out of sight, out of mind” attitude and reduces the risk of lost data. Unfortunately, those following the model struggle with backups from the cloud, because data is stored in slow object Blob storage and the system is designed for the endpoint user—not the IT admin’s backup experience. Going forward, we expect to see new approaches to API's that provide faster data restoration and give cloud customers more control and speed over their backups.
Data is growing at a rapid, exponential pace, so much so that some businesses can’t afford to protect everything. To reduce a negative impact on revenue and reputation, organizations must make informed decisions about which data systems are essential for running backups. Understanding your data set and then intelligently planning for when things go wrong allows organizations to recover prioritized data faster and optimize how and where money is being spent. By focusing on these three areas, organizations can ensure that they have an effective backup process to improve their data resilience across the organization."
++
W. Curtis Preston, Chief Technical Evangelist, Druva
"From smartphones, autonomous vehicles and streaming services, to even the local Mom and Pop shop down the road, the connectivity powered by digital transformation is driving an explosion of data. This exponential growth presents a vast opportunity for businesses to turn data into knowledge and insights that can ultimately shape products, services, and our lives. Yet the complexity and criticality of our information is immense. And protecting it has never been more challenging than the present day as cyber attacks, fueled by the current geopolitical landscape, continue to surge.
As governments around the world urge companies to raise their defenses, there is no better time than on World Backup Day to pose the question: is backup enough?
Is identifying data loss after an attack the best approach? Or should systems actively identify, alert, and respond to potential threats before they arise? Manually shifting through dozens of backups for untampered files is no longer a sufficient approach to restore data. With the pace of business and increasing lack of specialization, we need systems which actively recommend the best restore options to minimize data loss without business disruption.
As organizations seek to move their business forward and safeguard critical data against today’s threats, solely relying on backup is no longer a sufficient strategy. Businesses must adopt a modern approach to data resiliency - one that is grounded in the cloud, positions teams to recover data rather than just trying to make a backup, stops ransomware attacks before they spread, and protects data and applications against emerging threats. This World Backup Day, instead of solemnly swearing to just back up your most important data - reevaluate your protection strategies and take the pledge of resiliency."
++
Ahmed Datoo, CMO of Alkira
"As more data is stored in the cloud, it becomes essential for organizations to back it up so that in the event of an outage, it can be restored easily and quickly. Organizations are now backing this data up to multiple cloud providers for disaster recovery purposes. The most critical element of such a backup strategy is a secure, reliable, and performant connection. If end-users can’t reach their backup resources via the network, it is effectively unusable. An agile, flexible cloud networking solution is an appealing way to ensure mission-critical resources are prioritized and supported."
++
Steve Petryschuk, product strategy director at Auvik
"Here are a few tips on backups in the spirit of world backup day 2022!
- Tip number 1 - Automate your backups! Don’t spend your precious time manually backing up your workstations and network devices.
- Tip number 2 - Check regularly to make sure your automated backups are running regularly.
- Tip number 3 - Make an off site copy of your backup. That could be to the cloud, or to another physical location. You just don’t want all your data in one location.
- Tip number 4 - Test your backups! You don’t want to find out your backups are corrupted when you’re in need of them. Test restoring them often and to ensure you have a solid recovery plan.
- And my last bonus tip - Make sure you’re backing up as much as you can! We often think about workstations and servers to back up…
But don’t forget about other data types, like data hosted in your cloud services. And of course, Auvik can help you automatically back up your network device configurations.
Good luck and let’s all take the pledge: I solemnly swear to backup my important documents and precious memories on March 31st."
++
Ben Gitenstein, VP of Products and Solutions, Qumulo
"Your data’s growth isn’t slowing down. And the amount of data growing in your system can outpace your IT or security team’s ability to back up and protect it. You need a backup solution that can keep up.
Rather than focusing on just external threats, organizations need a comprehensive security solution that takes both internal and external vulnerabilities into account. These solutions should understand applications in today’s file data environment aren’t siloed and the only way to protect an organization from dangerous and sophisticated security threats is by implementing a holistic, always-on defense strategy.
Data blindness prevents you from seeing an accurate picture of what’s happening in your file system or the details about how your data is being transformed and manipulated in real time. One way to decrease data blindness is to require viewing access across management systems, so you can always see what’s happening within your internal applications. By gaining greater visibility into our data, we can get a handle on who is accessing our data and where to decrease the likelihood of losing data to a malicious malware or ransomware attack.
If your data is compromised, start by undoing the damage. Try reverting to the last good version of your data. Snapshots, data retention policies, consistent or tertiary sites, like the cloud, will all add layers of defense.
A disaster recovery plan will help you get back on your feet and keep your business running after a worst-case scenario. But ideally, you won’t have to revert to DR because you protected your data in the first place."
++
Don Boxley, CEO and Co-Founder, DH2i
“Few would argue that an always-on and always available IT infrastructure is critical for the success of virtually any organization in today’s data-driven world. Likewise, few would disagree that backing up data is one of the most critical protections that an organization can implement to help ensure the ability to recover and maintain operations in the event of a failure, disaster or malware attack - such as ransomware. Yet, research has shown that while almost 90% of organizations are backing up, only about 41% backup daily, leading to a high number of companies admitting that they have had data loss events that have resulted in downtime.
On World Backup Day, I would encourage organizations to take a hard look at backup as well as all policies, procedures and technology they have in place to ensure high availability (HA) and disaster resilience. And then, I would recommend they evaluate if they were to experience a failure, disaster or cyber-attack, how quickly could they recover, and would be able to weather that downtime from a business, legal and/or regulations compliance standpoint. an ounce of prevention is worth a pound of cure."
++
Surya Varanasi, CTO, StorCentric
"On World Backup Day, we are reminded that ransomware and other types of malicious malware can disrupt any environment. And further, while hundreds of thousands if not millions might be at stake for the actual ransom payment, the gravest consequences of ransomware is data loss and downtime. Both present almost incalculable expense, with significant downtime resulting in potentially millions in lost revenue, as well as costly legal fees and regulations compliance cost, in addition to a rise in insurance premiums and decreased customer trust.
Today, the process of backing up has become highly automated. But now, as ransomware and other malware attacks continue to increase in severity and sophistication, we understand the need to protect backed up data by making it immutable and by eliminating any way that data can be deleted or corrupted.
An Unbreakable Backup does exactly that by creating an immutable, object-locked format, and then takes it a step further by storing the admin keys in another location entirely for added protection. Other key capabilities users should look for include policy-driven data integrity checks that can scrub the data for faults, and auto-heals without any user intervention. In addition, the solution should deliver high availability with dual controllers and RAID-based protection that can provide data access in the event of component failure. Recovery of data will also be faster because RAID-protected disk arrays are able to read faster than they can write. With an Unbreakable Backup solution that encompasses these capabilities, users can ease their worry about their ability to recover — and redirect their time and attention to activities that more directly impact the organization’s bottom-line objectives."
++
JG Heithcock, GM, Retrospect, a StorCentric Company
"On World Backup Day we are reminded of the myriad reasons a sound data backup strategy and proven solutions are critical to the success of virtually all organizations, as it is a given that at some point most will suffer a failure, disaster or cyber-attack. However, given the world’s economic and political climate, the customers I speak with are most concerned about their ability to detect and recover from a malicious ransomware attack.
My advice to these customers is that beyond protection, organizations must be able to detect ransomware as early as possible to stop the threat and ensure their ability to remediate and recover. A backup solution that includes anomaly detection to identify changes in an environment that warrants the attention of IT is a must. Administrators must be able to tailor anomaly detection to their business’s specific systems and workflows, with capabilities such as customizable filtering and thresholds for each of their backup policies. And, those anomalies must be immediately reported to management, as well as aggregated for future ML/analyzing purposes.
Of course, the next step after detecting the anomaly is providing the ability to recover in the event of a successful ransomware attack. This is best accomplished with an immutable backup copy of data (a.k.a., object locking) which makes certain that the data backup cannot be altered or changed in any way."
++
John Collins, VP marketing and business development, Western Digital
“We all know that backup is important (whether we do it or not is another thing), but what about getting your data back quickly? We’re seeing a shift in emphasis from backup to the ‘speed of restore.’ That’s why we’re seeing flash more frequently being deployed as a backup repository for mission-critical data because of its low-latency restore and recovery.
For businesses, data can be compromised or lost due to a natural or man-made disaster, and increasingly, through criminal activity through insider attack or external ransomware threat. Having a high-performance recovery solution can save a business from becoming just a memory.”
++
Ric Longenecker, CISO at Open Systems
"Similar to every Patch Tuesday, World Backup Day is a key reminder to people everywhere about safeguarding data as the world becomes increasingly technologically driven. With employees working from anywhere, and more companies selecting cloud-first strategies, we’re seeing an accelerated decentralization of apps, data, and users. This type of asset proliferation fundamentally changes the way corporate resources require connectivity and protection. On-prem Data backup, basic site-to-site connectivity, and perimeter security are no longer enough.
This evolution is especially relevant in light of continued uncertainty resulting from impacts of global conflict. While continued education of employees, partners, and stakeholders is critical, business leaders must work assiduously to boost their overall security maturity. They must go beyond simple threat detection and response to reduction of the attack surface. Otherwise, an insider threat or mistake by a well-intentioned employee could cause severe damage."
++
Jon Check, Executive Director of Cyber Protection Solutions at Raytheon Intelligence & Space
"The Great Resignation has, subsequently, also turned into the Great Exfiltration - the people leaving their jobs en masse may also be taking company data with them. In light of the Great Exfiltration, it is vital for organizations to create and implement a robust data loss prevention
(DLP) strategy to prevent any exfiltration or destruction of data, whether intentional or accidental.
This year on World Backup Day, we are reminded that while there are many facets to a successful DLP strategy, one key component is ensuring that backups are performed frequently and stored in a secure location, which can help speed up the recovery time. It is also helpful to store backups offsite or at a secure network location – in the event of data loss spurred by ransomware or another malicious attack, which may also target a backup system or prevent the recovery of a system. These practices can help to further protect such sensitive information detrimental to a business’s success and competitiveness."
++
David Friend, co-founder and CEO of Wasabi Technologies
"One underutilized way to protect and backup your data against cyber threats and ransomware is through object-level immutability in your cloud storage, which means certain files and stored objects cannot be modified or deleted by anyone, even a systems administrator. If you store your backups in immutable buckets, ransomware hackers can’t delete or encrypt your backups. Ransomware hackers know that if you can restore your systems from backups, they are unlikely to be able to extort ransom from you. So they try to destroy backups at the same time they are encrypting your primary data. But if you have done your backups properly, when you get attacked by ransomware, you should be able to start fresh and restore your entire system from backups.
No amount of high-tech prevention will stop ransomware attacks because most of the time the vulnerability is with the humans, not the machines. So my advice is to do the best you can on the prevention side, but more importantly do complete backups, store them in immutable object stores, and test that you can successfully do a full restore before you get hit."
++
Florindo Gallicchio, Managing Director, Head of Strategic Solutions at NetSPI
"This World Backup Day, it’s time to acknowledge how critical data backup has become, especially since many ransomware strains attempt to delete backup files, as we witnessed with Ryuk. Most businesses are faced with two significant risks when it comes to backups: the theft and public disclosure of sensitive data, and the disruption of critical business functions. If either of these risks occur, organizations could endure devastating consequences. To make sure that doesn’t happen, organizations need to proactively put strategies in place to bolster protection against these threat actors.
One way to do this is by ensuring that backups with all of the organization’s critical data are routinely, completely, and securely assessed –– as this is a necessary step in recovering from a possible ransomware attack. These backups should be encrypted so that sensitive data is not disclosed and stored in such a way that an organization can recover its data in a timely manner, as this is necessary to minimize disruption to business operations. Additionally, organizations should regularly revisit and test disaster recovery and business continuity plans to validate that ransomware and other threats won't impact the integrity of any backups.
Finally, any highly important, sensitive data should be stored on an entirely separate network from the internal network. That way, if ransomware targets the desktop network, it cannot spread to the critical systems and cause complete chaos. While this is a long-term, and challenging strategy, it’s well worth the time and investment for organizations to counter the continuous risk of critical data loss."
++
Stephen Cavey, co-founder, Ground Labs
"Digitization, and the overall uptick in large-scale cyberattacks over the past year, have ushered in greater awareness of the need for data backup. However, since backups typically contain duplications of sensitive data, such as invoice numbers or credit card information, there is still some educating to do on the need to protect an organization’s data backup; not just its original data set.
This World Backup Day, it’s important for an organization to re-assess its data backup strategy. If a system does not exist, now is the time to implement one based on your organization's operations, internal policies and industry rules and regulations. For example, establishing device ownership if you have remote or hybrid employees, setting a security standard and understanding your data, regardless of its location, is critical when safeguarding your assets. Don’t overlook proper storage and protection of data backups, as it’s just as essential to ensure your business doesn’t suffer financial loss or reputation damage."
++
Michael DePalma, Senior Channel Development Manager, Datto
"Backups are clearly a necessary piece of any company's cyber resiliency plan. But the conversation is shifting from traditional backups to business continuity. Backups are critical, but they are only as good as the speed in which a business can recover that data and get back up to a true production environment.
At a minimum, companies need to follow the 3-2-1 rule when addressing their backups. Three copies of your data, on two different media, with (at least) one copy off-site. Businesses need to also ensure they are vetting the security of the backup vendors they are working with. The cyber threats are evolving rapidly and we know the criminals are looking to target backups to make the restoration process as painful as possible. Proactively addressing any security gaps will save companies a lot of headaches when a breach occurs."
++
Jason Stirland, CTO at DeltaNet International"If the events of the world have taught us anything over the past couple of years, it’s that the future is unexpected. Having a business continuity plan is essential for organizations of all sizes. The time-old phrase from Benjamin Franklin works well for organizations, “if you fail to plan, you are planning to fail!”. Organizations must create rigorous backup and disaster recovery plans; that is tested and refreshed regularly - this will be key for survival. As much as IT teams can put high-security infrastructure in place to protect the organization, it only takes one individual to click on a phishing scam to open it up to a cyber-attack such as ransomware. Having a solid backup and disaster recovery plan prepared allows the organization to minimize downtime and continue functioning."
++
Andrew Kahl, CEO of BackBox
"World Backup Day serves as an important reminder for organizations to evaluate backup best practices and how critical they are to business continuity and security. For most organizations, security has never been more top of mind than it is today. Network Engineers, Network Administrators, CIOs, CISOs and IT leaders all understand the importance of regular backups, but human error, complex multi-vendor environments and competing priorities often result in missed or only partial backups that introduce unnecessary risk.
In the event of a cyberattack or other security incident that results in network outage, organizations must be prepared with proper backup and recovery efforts. A solid backup and recovery plan must include collecting a complete inventory of all applications, software and hardware; outlining specific individual responsibilities in the event of a disaster and ensuring those individuals understand their responsibilities; having alternative communication methods in place; and carrying out regular reviews of this plan as a whole. Multi-faceted network automation platforms that streamline backup verification and automated disaster recovery into a single process without the chance of human error significantly assists organizations in protecting valuable data stored within their IT environments. Automating these processes helps IT teams ensure high availability resilience by creating a central backup of network device configurations with one-click recovery. Scheduling regular backups through a network automation platform, as well as knowing exactly what is being backed up and when, are key components to ensuring overall business continuity in the case of downtime.
According to Gartner, network downtime causes an average loss of $300,000 per hour, but companies that prioritize best practices for backup and unplanned network downtime will experience far fewer outages and radically decrease time spent offline."
++
Stephen McNulty, President of Micro Focus' APJ
"When disasters occur, organisations suffer. That is why they see backups, recovery, and security of data and systems as crucial for business continuity.
Backups are an essential practice to safeguard data, but they are not the most important step. While they do indeed ensure availability and integrity of data, I believe recovery strategies should take precedence. Here’s why – it is the ability to restore data and systems to a workable state, and within a reasonable timeframe, that makes backups valuable. Without this ability, there is no point in performing the backup in the first place.
Furthermore, backups must also be complemented with adequate security controls. To that end, business leaders should consider the Zero Trust model, which implements a collection of solutions covering a range of needs – from access control and privilege management to the monitoring and detection of threats. This will ultimately provide the best protection possible as information travels across devices, apps, and locations."
++
Diana Salazar, Product Marketing Manager at Quantum
"Data will continue its hyper-growth trend with most of the data being unstructured and ransomware will continue to be a destructive threat. The understanding (analysis), security, and housing (storing) of data and moving it seamlessly across the infrastructure will be a top priority for many organizations. Data is what is driving cyber criminals to increase their relentless attacks they understand its value. Organizations must understand their data lifecycle and gain insight to effectively manage and utilize technology including secondary storage tier technology that can protect it from cyber-threats to preserve it for many years, decades, maybe even centuries."
Tim Sherbak, of Enterprise Products and Solutions Marketing at Quantum
"As IT budgets lag data growth rates, pressure builds for creative ways to cost-effectively store, manage, and extract value from more of this data. Emerging cold storage architectures and services will blur the lines between cold and warm data, with high performance access and simpler cost models allowing for more effective storage and use of cold data sets. Modern cold storage archives were pioneered by some of the world’s largest cloud solution providers, but with emerging architectures and services, cold storage solutions will be deployed within an organization’s own data center, colocation facility or hosted IT environment, whereby data can now be maintained within in-house security perimeters to meet data sovereignty and data residency requirements. New erasure coding algorithms optimized specifically for cold storage will enhance data protection and durability for long term retention while reducing storage costs significantly versus multi-copy and cloud-based solutions."
++
Brian Spanswick, CISO and Head of IT at Cohesity
"While all eyes are on backup today, organizations must strive for holistic cyber resilience — and recognize that backup is just one component of a much larger equation. Achieving true cyber resilience means developing a comprehensive strategy to safeguard digital assets, including integrated defensive and recovery measures that give organizations the very best chance of weathering the storm of a cyber attack. Organizations should embrace a next-gen data management platform that enables customers to adopt a 3-2-1 rule to data backups, ensure data is encrypted both at transit and at rest, enable multi-factor authentication, and employ zero trust principles. Only then can organizations address mass data fragmentation challenges while also reducing data proliferation. Further, backups that can be restored to a precise point in time deliver the business continuity required for organizations to not only survive attacks but continue to thrive despite them."
++
Anneka Gupta, chief product officer of Rubrik
"The rapid rise in ransomware is underscoring the reality that legacy backup and recovery solutions are not sufficient to adequately protect your businesses’ data. A proactive approach with more intelligent tools that provide data resilience, data observability, and data recovery are required to truly secure an organization's data from cyber criminals. For example, having end-to-end immutability in place ensures backup data is not compromised, corrupted, or maliciously deleted. Blast radius detection is also critical to be able to easily identify how far and wide a cyber attack has potentially spread within your system(s) and know exactly where to focus your recovery efforts. With an approach like this in mind, IT and security leaders can more quickly and effectively recover from these attacks–critically, without paying a ransom."
++
Colm Keegan, senior product expert, Data Protection Solution, Dell Technologies
"The shortage of IT skill sets will continue to drive the need for simplified data protection solutions with more automation. With the growth of multi-cloud and hyper distributed workloads making it difficult for humans to catch up, we’ll see more organizations increase their reliance on automation to mitigate human error as a major cause for cyber breaches.
We'll see an increased adoption of multi-cloud with developers and by extension DevOps being a key IT constituency with a focus on innovation verses infrastructure.
Cyber threats will remain a top IT concern. The growing proliferation of devices, multi-cloud, 5G and the continuing reliance on edge computing will drive the need for embedded intrinsic security throughout the infrastructure. The new paradigm shift towards data decentralization should give organizations reason to take a proactive security posture in their digital transformation with a focus on proactively detecting threats before they become kinetic.
Increasing concerns around cloud costs and the need to drive operational efficiencies in cloud (compute, storage, networking) will continue to be paramount."
++
Chris Hallenbeck, CISO for the Americas, Tanium
"World Backup Day is an initiative that should be taken seriously because I see many cases where backups are not being carried out effectively, if at all. From my experience, around 80% of organizations either haven’t backed up their data or don’t do it regularly enough. This is alarming because if these companies experience a data breach, the impact could be hugely damaging. Backups are often the last line of defense against cyber attacks, if you can’t recover systems then backups offer a crucial lifeline.
The main reason I see for backup programs being neglected is cost. Financial and staff resources are required in order for regular, comprehensive backups to be completed and sometimes IT leaders will choose to focus these resources on other areas. The crucial tasks that need this investment include identifying where the most critical data is stored and making sure it is always included in backups. It’s also important that backed up data is regularly tested to check that it can be fully accessed without any problems. I rarely see this testing being carried out, so it’s definitely an area for improvement.
Another reason that backing up can be overlooked is a misconception that it’s purely a data center issue, but it must also be treated as a part of a well-rounded security strategy. Every organization should have an initiative to improve and maintain cyber hygiene, in my view backing up should be part of this. The vast majority of data breaches that I see start with an avoidable incident that an improved level of cyber hygiene could help prevent. Even if a network does still become compromised, a good level of cyber hygiene can help minimize the impact. For example, if a ransomware attack encrypts an organization’s data, it is in a much stronger position if data has been backed up.
My advice is to use World Backup Day as an opportunity to ask important questions such as; in the event of a breach, is all of your critical data backed up and have you checked if it can be easily accessed? Are we including backing up as part of our cyber hygiene efforts and security strategy? If IT teams understand the importance of these areas and take ownership of them then they may prevent the organization’s reputation from being severely damaged and a large sum of money being lost."
++
Geoff Bibby, senior vice president of small-to-medium-sized business and consumer (SMB/C) at OpenText
"World Backup Day serves as an excellent reminder for organizations to ensure they have a backup and recovery strategy in place to remain resilient against accidental data loss, threat actors, broken systems workflows, and natural disasters. Cloud breaches are becoming bigger, faster, and more disruptive to a company’s bottom line. Backing up regularly is a critical first step to empowering your team to take control of their data by giving them the proper tools.
Each organization’s data is a living system that constantly changes during day-to-day operations. That is why daily, automated backups for all software platforms is critical. You want a simple process for managing your data: Set it (archive location, backup time, frequency, etc.), Manage It (reports, backup exports, etc.) and Access It (search and locate data).
The rise of cyberattacks, theft from disgruntled contractors or malicious employees, natural disasters, and plain old human error can interrupt business, but with automated, cloud-to-cloud backups, companies of all sizes can know their data is secure and recoverable. World Backup Day is a perfect time to review your current system, educate yourself and your employees on the importance of good backup hygiene and ensure you are setting your business up for success."
++
Adrian Knapp, CEO and Founder, Aparavi
"Backing up your files is extremely important, and World Backup Day is a great reminder to do so. As your data, especially unstructured data, footprint grows, so too does your data risk. It is important to understand that redundant, outdated, and trivial data, also known as ROT data, puts you at increased risk and can cost you millions.
One of my top tips for backing up data is to know what data you have. By doing a data assessment and knowing your data, you are in control to mitigate risk, reduce costs, and create value for your organization with confidence.
Another helpful tip is to think about World Backup Day as a spring cleaning opportunity for your data. Take a moment to remove data that does not need to be backed up. This will improve your security as you can avoid a backlog in data management and limit the unstructured data that could be subjected to a ransomware attack, providing a more efficient and secure data environment.
My final tip is to implement an intelligent data automation tool so you can locate all of your data no matter where it lives.This will allow you to organize and uncover hidden files and dark data that you or your organization may be unaware of, putting you in control to make better informed decisions to assist in reducing your data footprint, and know what you are backing up."
++
Terry Storrar, Managing Director, Leaseweb UK
"Business continuity is an essential part of today’s ‘always-on’ operations, but this isn’t an easy level of service to maintain consistently. From human error, to cyber attacks, or even extreme weather, there are many circumstances that can place an organisation’s operations and data at risk.
Even with the most robust infrastructure and cybersecurity measures in place, businesses can never guarantee that unforeseen disaster won’t strike. So, to maintain business continuity and prevent downtime, an integrated approach to backup and disaster recovery is a necessity.
With businesses increasingly migrating to the cloud, more emphasis needs to be placed on protecting mission critical data wherever it is located. Thankfully, modern cloud backup solutions have the benefit of being suitable for businesses of any size. They allow for data backup from any server or device, anywhere with an internet connection. Cloud backup solutions are easy to manage, and their providers offer reliable, hands-on customer support.
Data centre providers need to take every necessary precaution to ensure that customers’ data is available around the clock, along with comprehensive backup. This includes the availability of emergency backup services, such as batteries and generators, in case of power outages. Agreements should also be in place with energy suppliers for redundant energy connections that enter the data centre from different locations, redundant internet connections, and an agreement with local authorities for evacuation work to reduce possible damage to any important cables. In the event of a disaster, it’s important to keep in mind that a proactive plan for backing up data to ensure business continuity always has multiple moving parts to consider; having the right providers and products in place helps ensure these parts work in concert if disaster strikes."
++
Steve Cochran, Chief Technology Officer, ConnectWise
"Data sits at the heart of the organization's IT systems, powering every essential business process. Unplanned downtime, as a result of a cyber attack or system failure, can have a significant impact: Shutting down the businesses’ organs for hours, days, even weeks at a time. In 2021, one in three mid-market organizations suffered a 24 hour outage as a result of cyber attacks, highlighting that having a backup and disaster recovery (BDR) plan in place is critical for resuming normal business operations as quickly as possible, while minimizing the impact or damage associated with such an event.
But, how does an organization go about backing up its data securely?
Organizations need to ensure they are keeping a current inventory of its data and where it is stored, critically prioritizing the data and adjusting the backup strategy to align to the 3-2-1 model. This means having three copies, on two devices/media, and one off-line for the backup. Having a backup service storage that is disconnected from the network or system and securely placed in a different, yet accessible location, is hugely important in case all online locations are impacted. As is testing the backups to ensure that, if needed, data can be retrieved, and systems up and running instantly.
This World Backup Day, organizations need to be prepared to tackle challenges head on and minimize any impact to the end customers. While backup is not a silver bullet to costly cyber attacks and downtime, it is a critical component to good cyber hygiene and all-around best business practice. It’s important to take backup seriously, before it’s too late."
++
Neil Jones, director of cybersecurity evangelism, Egnyte
"On World Backup Day, we need to take a moment to reflect on the exploding volume of mission-critical digital data that’s being generated today (and every day), and consider how to encourage our employees, contractors and business partners to protect that data more effectively. Unfortunately, many organizational stakeholders are unaware of how to properly protect their companies' valuable data, so it’s up to the company to educate them on best practices. As an IT leader, you should consistently update your data backup strategies and implement measures that protect you from accidental data loss, potential theft of information by malicious insiders, and corruption of stored files.
With proper training and by focusing on the importance of proactive data backup procedures, organizations can protect themselves from becoming victims of the next big data breach. Limiting access to mission-critical internal data on a "business need to know" basis also enables you to minimize the potential cyber-threat attack surface and prioritize threats more effectively. The best way to thwart potential data loss is to have a proactive data backup program in place that accounts for worst-case scenarios and can be adapted to rapidly-evolving technological changes. Today and every day, encourage your employees to take proactive steps to back up the critical data that they generate and reinforce the importance of personal accountability."
++
Gary Ogasawara, CTO of Cloudian
"Today, on World Backup Day, we ask organizations to ensure their data is protected from loss or theft. Cyberattackers know that data is power, and organizations are being targeted daily - at times causing significant financial and reputational damage. In a 2021 survey of businesses that experienced an attack, almost 50% had perimeter defenses in place at the time of the attack. While perimeter defenses are important, they are clearly failing, and organizations must do more.
To protect themselves and their customers, organizations should assume bad actors will find a way to gain access to their systems. To reduce damage and recover faster, they must have processes and systems in place that enable them to maintain operations in the event of a cyberattack. The best way to do so is by having an immutable data backup. Immutability prevents cybercriminals from encrypting or deleting data, enabling recovery of the unchanged backup without having to pay ransom. Organizations should also encrypt sensitive data in flight and at rest, which ensures criminals can’t read or expose it in any intelligible form, thereby eliminating the other method of ransomware extortion."
##