Most cyberattacks have one objective: corrupting, exposing or stealing valuable data. Malicious actors recognize that data is critical to every organization’s operations. By attacking data, they can extort money, commit fraud or simply sell the data on the dark web.
Clearly, cybersecurity and data protection go hand in hand. However, both are subsets of a larger strategy of data resilience. To ensure data resilience, organizations need the ability to restore data quickly to minimize the damage of a security breach.
All too often, however, organizations treat cybersecurity and data protection as distinct processes and pay scant attention to data recovery. In one recent study, 99 percent of IT decision-makers said they had a backup strategy, but 26 percent admitted that they would not be able to restore all data if needed.
An effective data resilience strategy starts with the following steps:
Make Data Restoration the Foundation of the Backup Plan
The ability to restore data quickly if needed is the objective of any backup plan. It makes sense, therefore, to start with that end in mind. Organizations should recognize that critical data may be stored in the data center, the cloud, remote locations and on user devices. All this data should be classified and backed up based on the organization’s business requirements.
To define those requirements, organizations should consider what’s at stake if data cannot be recovered. This could include business disruption, loss of revenue, regulatory fines and penalties, and other risks. Organizations need to understand the requirements of stakeholders, insurance companies and applicable regulations. They can then develop recovery time objective (RTO) and recovery point objective (RPO) requirements for each class of data.
Ensure That Data Is Backed Up in the Right Way
Many organizations have a fragmented data backup environment that does not adequately protect critical data. Few organizations protect their SaaS data, often assuming that the cloud provider will handle that for them. These gaps can spell disaster in a ransomware attack.
Organizations should consider all data in play and remember that a true backup strategy follows the 3-2-1 rule. They should keep three copies of their data on two different types of storage media with at least one copy offsite. The backup process should be kept simple, with as few steps as possible. Wherever possible, organizations should transfer data directly from the source to the backup target without relying on the system’s backup capabilities. Direct backup minimizes hardware and software dependencies that could cause problems as the environment changes.
Finally, organizations should ensure that their backups are protected. Almost all (93 percent) of ransomware attacks target backups first. Organizations should implement malware protection, multifactor authentication and other controls, and use immutable storage to prevent data corruption.
Follow Data Recovery Best Practices
Defining RTOs and RPOs is a good start, but can the recovery strategy meet those objectives? The only way to know is by testing data restoration processes regularly.
The first step to effective recovery is to invest in an enterprise-class backup and recovery platform. The platform should enable rapid, highly automated data restoration, eliminating the need for application-specific expertise.
Organizations should thoroughly document the restoration process so that IT teams know exactly what to do in an emergency. They should also simplify the process as much as possible by using a centralized console that enables restoration from various backups, snapshots and replicas, including those stored offsite. Encryption keys and authentication tools should be kept where they can be accessed quickly.
How Technologent Can Help
Technologent’s data management practice has specific expertise in backup and recovery. Let us help you develop an effective data resilience strategy and implement the right solutions to protect your most valuable IT asset.
Comments