Don’t Forget to Celebrate World Backup Day 2022 – Hear From Industry Experts
Today is Thursday, March 31, 2022, and that means it’s “World Backup Day”, the day we technology folks remind everyone how important it is to back up your data.
Whether personal or business, let this be a reminder for you to make sure you have a backup and recovery strategy in place — no matter how great or small.
What is World Backup Day?
World Backup Day is celebrated on March 31st – and it is a yearly reminder for both organizations and individuals to secure their files via backups and how to improve the security per device and solution. It’s the day to prevent data loss.
Even though backing up data should be common knowledge:
- 21% of people have never made a backup
- 113 phones are lost or stolen every minute
- 29% of data loss cases are caused by accident
- 30% of all computers are already infected by malware
Hopefully this day will make everyone think twice about their situation, and educate themselves on the various options available to them so that they can get things backed up. A backup is only as good as your ability to recover the data. As part of your backup strategy, make sure to have a recovery plan. Be prepared to recover an entire system, a folder or collection of folders, and a single file. World Backup Day should bring about awareness and create a reminder for all of us to backup things up. No matter how secure or safe you feel about your data, know that it’s important to backup your files.
Don’t take my word for it. Hear from some of the leading industry experts in the backup and disaster recovery industry for more commentary and expertise:
Daniel Hofmann, CEO at Hornetsecurity
“The first thing that typically comes to mind when thinking about backup is data loss prevention-and that is important. Yet, backup solutions are about much more than protecting our data: They are key to ensuring business continuity and keeping companies afloat when disaster strikes. And what’s more, they teach us to cherish what we have. This World Backup Day, we all thank the countless IT professionals working tirelessly to develop solutions that keep our data safe. It’s also the opportunity to stop and take stock. We therefore remind all companies and organizations to take a good look at where they are in terms of backup & DR strategy – you’ll thank yourself later.”
Sathya Sankaran, GM, CloudCasa by Catalogic
“Why is this day important, what does it mean, what should people/companies be thinking about, why is backup and disaster recovery important and what should people be doing about it?
From the last couple of years of Covid to the war in Ukraine and our heightened SHIELDS UP security posture, world events are again in the forefront of our minds for World Backup Day. Cyber-resilience continues to be a key focus for our customers and a key driver for our data protection products.
A backup solution touches every data asset that is critical to a business. Many vendors already provide useful alerts when irregular change rates are detected on backups, but that is already too late for businesses. Can modern backup solutions “stretch left” to make sure that the critical data is not misconfigured to be vulnerable or under an active cyber-attack? Active read/write scanning, tamper-proof and immutable backups, cloud and container security posture review, honey pots, and multi-factor authentication are all capabilities we’ve added to our backup solutions since the last World Backup Day. Cyber-attackers are constantly evolving, and we must have our shields up! A proactive and cyber-resilient backup service can both be a shield and a bunker in times of need.”
Indu Peddibhotla, Senior Director of Products & Strategy, Commvault
“Enterprise IT teams today are increasingly starting to realize that backup extends far beyond serving as their ‘last line of defense’ against cyberattacks. It can now help them take the offense against cybercriminals, by allowing them to discover and remediate cyberattacks before their data is compromised.
For example, data protection solutions now have the ability to detect anomalous behaviors indicating a threat to a company’s data. In addition, emerging technologies will soon allow enterprise IT teams to create deceptive environments that can trap cybercriminals. These features, coupled with other early warning capabilities, will allow companies to use their backups to detect, contain, and intercept cyberattacks before they can lock, alter, steal, or destroy their data.”
Simon Taylor, Founder and CEO, HYCU
“This World Backup Day, we are reminded of the global reality that backup and recovery and data protection are even more important than ever. The continued rise of cybersecurity and ransomware threats especially in light of events in Ukraine and with Russia are turning both backup and recovery into first class citizen status. Both have quickly become not just another important piece of the technology puzzle or check box on a compliance list, they have become an important last line of defense for businesses, employees and families. Use this year’s World Backup Day to further work to reduce your attack surface and make sure you are safe and protected in the inevitable event of an attack. Being best prepared is half the battle.”
Rick Vanover, Senior Director of Product Strategy at Veeam
“In today’s world of cyberattacks and ransomware threats, data backup is critical. Ransomware happens more often than people think and following an attack, organizations who haven’t prepared accordingly only recover about 64% of their data, losing 36% of their data, resulting in significant data loss. In honor of World Backup Day, organizations should evaluate their data systems to ensure proper and modern data backup and recovery systems are in place—it’s not if you get attacked, it’s when.”
Thomas LaRock, Head Geek, SolarWinds
“Data enables business leaders to make informed decisions and it’s also at the heart of applications that drive business success. In fact, SolarWinds® Database Priorities and Pitfalls 2021 Report found that seven out of 10 IT respondents say that 50% or more of their organization’s databases are considered critical to the success of their business.
World Backup Day serves as an opportunity for business and database leaders to think critically about their organization’s backup strategy, and ensure they are employing the best practices and tools to protect their business’ most important asset: data. With increasing ransomware and cyber-attacks, a robust database backup strategy is non-negotiable. A backup can save your business from losing the data that underpins your operations and, ultimately, the future success of your business.
Finally, consider where you store your data—in the cloud, on-premises, or across other systems —as location can have a major impact on cost and the overall effectiveness of your recovery process.”
Mark Chuang, Head of Product Marketing Cloud Storage and Data, VMware
“In today’s data landscape, backup, disaster recovery and ransomware protection have become key components of organizational resiliency. With one ransomware attack taking place every 11 seconds, it is now more important than ever for organizations to understand the threats this poses to their business and their reputation. It is no longer a matter of if, but when a malicious attack or unplanned disaster will occur—but the bright side is, there is a way to avoid paying the ransom or suffering extended business downtime. How? By having a holistic, unified backup and disaster recovery strategy with immutable storage support, air-gapped copies of data, granular recovery and a well-rehearsed set of DR plans that are easily executable when disaster strikes.
Organizations should be thinking about how to better unify solutions to deliver added resilience with minimal IT retraining and leverage DRaaS (Disaster Recovery as a Service) products such as VMware Cloud Disaster Recovery to benefit from cloud economics and preserve data availability in the face of these ever-growing threats. A good option for those looking to reduce DR costs while meeting stringent SLAs is on-demand DR, as it can offer up to a 60% lower TCO compared to traditional DR.
Data resilience, comprised of backup, disaster and ransomware recovery, is the need of the hour, and this is the perfect time for organizations to rethink their strategy and make it part of their long-term business objectives by reducing cost, complexity and driving increased reliability in their solution. The time to act is now.”
Rick McElroy, Principal Cybersecurity Strategist, VMware
“Testing the viability of backups is vital amid continued warnings from the Biden administration urging the private sector to immediately harden their cyber defenses. As geopolitical conflict spills over into cyberspace, organizations should test backup procedures to ensure that critical data can be rapidly restored if the organization is impacted by ransomware or a destructive cyberattack. Critical infrastructure providers, in particular, should operate under the assumption that they will be hit by targeted attacks. Prepare for the unexpected, test backups, and warm up incident response muscles.”
Nilay Patel, Co-Founder and VP of Sales at Backblaze
“Research we’ve done with the folks from Harris Poll shows that more than one in every two people (61%) have suffered data loss. That’s unacceptable, and why we believe that backup should be SO easy that everyone would think of it as common sense. But backups only work if they both exist and are useful.
That’s why, on our favorite holiday, we remind businesses everywhere to consider the following best practices: ensure backups are physically remote (in the cloud), virtually air gapped (protected by object lock wherever possible), instantly accessible (in hot storage), and configured to be put into action immediately during a disaster (with a rock solid disaster recovery setup that doesn’t rely on their on-premises infrastructure).
World Backup Day is March 31 to remind us what happens if we’re not adequately backed up: We end up feeling like April Fools. Nobody wants to realize the day after a disaster or attack that their backups are corrupted, ransomware’d, or otherwise inaccessible. So hopefully today’s celebration encourages everyone to revisit their backup plan and make sure their data is safe and ready for recovery from any April Foolishness. It’s easy.”
Peter Donnelly, Director of Products at ATTO Technology
“World Backup Day is a reminder for every organization that it’s not just unintentional disasters that can lead to data loss, bad actors’ threat vectors are becoming more sophisticated in finding entry into their targets. From on-prem to cloud, businesses will continue to use multiple options to effectively protect data. While backing up to the cloud has certain benefits, more organizations are looking at traditional tape backup as it remains a proven, ever-evolving, and cost-effective technology. The primary advantage of tape is its physical immutability: data on a tape drive is not physically connected to a network when at rest providing an ‘air gap’ that leaves backed up data untouched in the event of an attack.”
Clara Angotti, President, Next Pathway
“In a recent survey that we conducted with 1200 IT Leaders from large organizations in North America, 20% of respondents agreed that the biggest risk to a cloud migration is ensuring that a backup strategy is developed to help reduce the chance of data loss. A successful cloud migration plan will include a data migration analysis to ensure historical data extraction and ingestion of transferred data is done correctly.”
Peter Tsai, Head of Technology Insights at SWZD
“It’s often said that backups are the last line of defense against cyberattacks and ransomware – a last resort to turn to in the event of a catastrophic failure. Ideally, all businesses would create and test backups on a regular basis. However, many organizations lack the time or resources to follow best practices. The current elevated threat of cyberattack that has coincided with the invasion of Ukraine has served as a wakeup call that has prompted many businesses to take additional precautionary steps to protect corporate data.
A recent Spiceworks poll of 125 IT professionals found that 45% of businesses have taken additional backup measures due to the current elevated risk of cyberattack. These precautionary measures could include additional testing to ensure data can be fully and quickly restored, making sure backups exist in multiple locations to reduce the risk of the backups themselves being encrypted by ransomware, or expanding the scope of backup plans.”
Joe Noonan, Product Executive, Backup and Disaster Recovery for Unitrends and Spanning
“World Backup Day is a great reminder for businesses to take a closer look at their full business continuity and disaster recovery (BCDR) plans-which includes everything from the solutions they use to their disaster recovery run book.
The shift to remote working completely transformed the way organizations protect and store their data. Today, there is a greater focus on protecting data no matter where it lives – on-prem, on the laptops of remote employees, in clouds and in SaaS applications. Recovery time objectives (RTOs) are increasingly shrinking in today’s always-on world, with goals being set in hours-if not minutes. Cybercriminals have taken advantage of the remote and hybrid work environments to conduct increasingly sophisticated cyberattacks, and the data recovery process post-incident has become more complex due to new cyber insurance requirements. These new regulations include critical audits and tests that businesses must comply with in order to restore their data and receive a payout after an attack-which can slow down the recovery process.
With data protection becoming increasingly complex, more organizations are turning to vendors that provide Unified BCDR, which includes backup and disaster recovery, AI-based automation and ransomware safeguards as well as disaster
recovery as a service (DRaaS). Unified BCDR has become a necessity due to the growing amount of data organizations must protect and the increasing number of cyberattacks taking place against businesses of all sizes.
For those organizations taking a closer look at their BCDR strategies this World Backup Day, we recommend they consider the following questions:
- What data and applications are critical to ensure business productivity?
- How much downtime and data loss can be sustained?
- How will they test their solution for completeness and performance?
- What immutability safeguards are in place to eliminate ransomware risks?
- What is the process to failback to the production environment once the disaster is averted?”
Nagarajan Chandrasekaran, VP, Product Management and Marketing, BDRSuite, Vembu Technologies
“World Backup Day was started by a group of IT enthusiasts with the purpose of increasing awareness about the importance of Backup and Disaster Recovery. Vembu Technologies has been a strong supporter of this annual event, spreading awareness through various activities. Even after a decade since the first World Backup Day, we remind every business should revisit their data protection strategy and prepare for the modern-day data thread on this day.
Data becomes more vulnerable than ever as more organizations begin to rely on the cloud and SaaS after the pandemic. With today’s increasingly complicated IT infrastructure, implementing a fully functional backup strategy is no longer simple. We have always believed that backup solutions should address the data protection needs of a diverse IT environment without making it more complicated.
It is also the responsibility of IT professionals to choose the backup solution that meets their backup requirements while also allowing them to centrally manage backup activities of their diverse IT infrastructures, including virtual, physical, cloud, and SaaS.”
Deepak Mohan, executive vice president at Veritas
“It’s clear that multi-cloud adoption is delivering big benefits to organizations around the globe, including enhanced resiliency and agility. However, the shift to multi-cloud environments is also creating new data management challenges, such as unexpected costs, operational complexity and increased vulnerability to ransomware threats. Bad actors are successfully making their ransomware attacks even more impactful by targeting cloud services and data, and as the volume of enterprise cloud data continues to grow exponentially, we expect this trend to continue for the foreseeable future.
“World Backup Day 2022 is a powerful reminder that there has never been a more critical time for all organizations to prioritize robust data protection practices. Leaders must work with their IT teams to take the necessary steps now to implement the right tools and protocols that can autonomously self-provision, self-optimize and self-heal data management services to keep their critical data safe and available no matter where it is-from edge to core to cloud.”
Jesse Franklin, SVP of US & Canada, Incode
“When it comes to the security of identities at rest, there are two foundational requirements. First, the data or identity information must be secured so that even in the event of a breach, the underlying data isn’t revealed. Second, a strong authentication mechanism like biometric security is in place to control who has access to underlying data. These controls make it possible to reduce fraud and limit the exposure of sensitive data.”
Jeff Costlow, CISO, ExtraHop
“Ransomware is a shadow that hangs over all organizations today. This World Backup Day should be a call for all organizations to examine how their backup and recovery plan weaves into their overall security strategy to ensure they are protected in the event of a ransomware attack.
Sadly, organizations must take further precautions and cannot rely solely on their data backups. Today’s ransomware has become an advanced threat with the “hat trick” of exfiltration, encryption, and software exploitation. It used to be that the sole endgame of ransomware was encryption. Deploy the ransomware, encrypt the files, and demand payment in exchange for the keys. Today, ransomware criminals have introduced payment incentives at multiple steps in the killchain, from exfiltration of data to exploitation of software. While it is key for organizations to ensure a strong backup and recovery strategy is in place for business continuity, they can no longer guarantee that their private data won’t be released.
A backup plan is just the beginning. Other points to consider in a ransomware response plan include:
- Initial access: This is where cybercriminals gain a foothold through a wide range of techniques proven effective over time, including phishing emails. Ensure you have user training in place and strong preventative measures including VPNs and firewalls.
- The midgame: This is where the attacker pivots through an organization’s infrastructure, accumulating assets and compromising data. Organizations need strong visibility into East-West traffic to spot ransomware, including lateral movements, domain escalations, command and control actions and data staging.
- The extortion cycle: Cybercriminals have compromised your systems and your data. A strong backup and recovery process is a critical piece of the puzzle that will keep your business up and running.
For organizations with a strong plan for ransomware and backups, use World Backup Day as a reminder to test those plans and make sure you can restore your information as expected.”
Mike Potter, CEO and co-founder of Rewind
“World Backup Day is a great reminder of the rising importance of data backup and recovery advancements in the business landscape. As more companies move daily operations to the cloud, the risks of an inevitable disruption dramatically increase. This means educating businesses on the risks of data loss becomes even more essential, which is why we believe this day is so important.
SaaS tools are now the default tool for modern businesses. Regardless of whether industries return to in-office or remain in some form of hybrid work environment for the long haul, companies will be reliant on SaaS and SaaS data for years to come. Businesses of all sizes need to realize that a significant amount of their indispensable business data sits in SaaS applications and take proactive steps to protect it.
Today, the majority of cloud backups focus on corporate-wide, legacy systems. However, all the SaaS tools employees rely on every day should be secure and protected with automated backup and recovery solutions. It’s the only way businesses can avoid operational downtime – whether it be a minor user misstep that deletes some info or a massive breach that jeopardizes the entire team or company profile.
On World Backup Day, Rewind is expanding its solutions footprint to include Jira – furthering our mission to protect every vital SaaS tool. In addition, we’re adding a little bit of fun to the mix with a simple game on Rewind.com that builds awareness of the different threats businesses face called Cover Your SaaS.”
Steve Costigan, Field CTO, Zadara
“Data is the lifeblood of an organization, becoming more so as we develop strategies around AI/ML and deploy containerized applications on platforms like Kubernetes. This needs a change in the way we think about data protection, platforms are more fluid, scaling up and down, in and out. However the threats to data, especially from cyberattacks, are increasing so the normal rules of multiple copies in different locations with immutability or air gap still persist. If you don’t have the skills in-house, find a good partner to help.”
Paul Speciale, chief product officer, Scality
“The major transition to remote work we’ve all experienced over the last two years consequently changed the demands for data protection and how organizations do storage and backup. It’s important to understand how the appropriate storage solution is the make-or-break element in a company’s backup and disaster recovery plan – particularly in the current hybrid and remote work landscape.
If organizations don’t have strong backup and recovery infrastructure, they are in jeopardy of losing their most valuable assets – their data.
An object storage system creates a platform that eliminates many problems present with legacy solutions: unlimited scale, a global pool of data for deduplication, single system management and cloud-like pay-as-you-go costs. In conjunction with the right backup management engine it also offers the possibility of providing your employees with the kind of self-service backup and recovery they need in a remote world where speed is of the essence and efficiency is front and center, and allows for a more fine-grained authentication and security system.”
Aron Brand, CTO of CTERA
“It’s important for organizations to be proactive in securing their vital data. And having a day to remind them about best practices is certainly important. But, rather than World Backup Day, I prefer to think of this day as World Disaster Recovery Day because, in my opinion, most organizations place too much emphasis on backup and too little on their data recovery plan.
Simply, a plan for recovering data and systems in the event of a disaster is a must have for enterprises, and far too many don’t have a formal plan in place. They may have some basic procedures to follow, but a great deal of organizations haven’t really thought through all of the needed steps to cover after a data loss, and that includes a run through of the disaster recovery plan. An enterprise must test its DR plan regularly to make sure it works.
Next generation cloud-attached storage solutions are available that provide near instant recovery from disasters, including capabilities such as detection and instant recovery from a ransomware attacks and they do this while being more robust and easier to manage than traditional backup solutions. These new solutions should be a key part of any organization’s disaster recovery plan.”
Adrian Moir, Technology Evangelist and Principal Engineer at Quest Software
“As another World Backup Day rolls around, organizations need to focus on three different areas in relation to backup: proactivity acquired through immutability and access control, shared cloud security responsibilities, and cost optimization as data volumes skyrocket.
Recovering data from a backup after a ransomware attack is the cure to the problem, but prevention will always be better than a cure. Data must be secured from both a data and an access point of view, which can be done through MFA, obfuscating data sets, encryption of data sets, immutable data, and more. With plenty of solution options out there, organizations should choose to provide the level of immutability and access control needed to proactively stop ransomware attacks before they happen.
Most businesses assume their data security is totally in the hands of their cloud providers, which can lead to unfortunate situations when data is not backed up. This is why organizations must follow the shared responsibility model, which discourages the “out of sight, out of mind” attitude and reduces the risk of lost data. Unfortunately, those following the model struggle with backups from the cloud, because data is stored in slow object Blob storage and the system is designed for the endpoint user—not the IT admin’s backup experience. Going forward, we expect to see new approaches to API’s that provide faster data restoration and give cloud customers more control and speed over their backups.
Data is growing at a rapid, exponential pace, so much so that some businesses can’t afford to protect everything. To reduce a negative impact on revenue and reputation, organizations must make informed decisions about which data systems are essential for running backups. Understanding your data set and then intelligently planning for when things go wrong allows organizations to recover prioritized data faster and optimize how and where money is being spent. By focusing on these three areas, organizations can ensure that they have an effective backup process to improve their data resilience across the organization.”
W. Curtis Preston, Chief Technical Evangelist, Druva
“From smartphones, autonomous vehicles and streaming services, to even the local Mom and Pop shop down the road, the connectivity powered by digital transformation is driving an explosion of data. This exponential growth presents a vast opportunity for businesses to turn data into knowledge and insights that can ultimately shape products, services, and our lives. Yet the complexity and criticality of our information is immense. And protecting it has never been more challenging than the present day as cyber attacks, fueled by the current geopolitical landscape, continue to surge.
As governments around the world urge companies to raise their defenses, there is no better time than on World Backup Day to pose the question: is backup enough?
Is identifying data loss after an attack the best approach? Or should systems actively identify, alert, and respond to potential threats before they arise? Manually shifting through dozens of backups for untampered files is no longer a sufficient approach to restore data. With the pace of business and increasing lack of specialization, we need systems which actively recommend the best restore options to minimize data loss without business disruption.
As organizations seek to move their business forward and safeguard critical data against today’s threats, solely relying on backup is no longer a sufficient strategy. Businesses must adopt a modern approach to data resiliency – one that is grounded in the cloud, positions teams to recover data rather than just trying to make a backup, stops ransomware attacks before they spread, and protects data and applications against emerging threats. This World Backup Day, instead of solemnly swearing to just back up your most important data – reevaluate your protection strategies and take the pledge of resiliency.”
Ahmed Datoo, CMO of Alkira
“As more data is stored in the cloud, it becomes essential for organizations to back it up so that in the event of an outage, it can be restored easily and quickly. Organizations are now backing this data up to multiple cloud providers for disaster recovery purposes. The most critical element of such a backup strategy is a secure, reliable, and performant connection. If end-users can’t reach their backup resources via the network, it is effectively unusable. An agile, flexible cloud networking solution is an appealing way to ensure mission-critical resources are prioritized and supported.”
Steve Petryschuk, product strategy director at Auvik
“Here are a few tips on backups in the spirit of world backup day 2021!
- Tip number 1 – Automate your backups! Don’t spend your precious time manually backing up your workstations and network devices.
- Tip number 2 – Check regularly to make sure your automated backups are running regularly.
- Tip number 3 – Make an off site copy of your backup. That could be to the cloud, or to another physical location. You just don’t want all your data in one location.
- Tip number 4 – Test your backups! You don’t want to find out your backups are corrupted when you’re in need of them. Test restoring them often and to ensure you have a solid recovery plan.
- And my last bonus tip – Make sure you’re backing up as much as you can! We often think about workstations and servers to back up…
But don’t forget about other data types, like data hosted in your cloud services. And of course, Auvik can help you automatically back up your network device configurations.
Good luck and let’s all take the pledge: I solemnly swear to backup my important documents and precious memories on March 31st.”
Ben Gitenstein, VP of Products and Solutions, Qumulo
“Your data’s growth isn’t slowing down. And the amount of data growing in your system can outpace your IT or security team’s ability to back up and protect it. You need a backup solution that can keep up.
Rather than focusing on just external threats, organizations need a comprehensive security solution that takes both internal and external vulnerabilities into account. These solutions should understand applications in today’s file data environment aren’t siloed and the only way to protect an organization from dangerous and sophisticated security threats is by implementing a holistic, always-on defense strategy.
Data blindness prevents you from seeing an accurate picture of what’s happening in your file system or the details about how your data is being transformed and manipulated in real time. One way to decrease data blindness is to require viewing access across management systems, so you can always see what’s happening within your internal applications. By gaining greater visibility into our data, we can get a handle on who is accessing our data and where to decrease the likelihood of losing data to a malicious malware or ransomware attack.
If your data is compromised, start by undoing the damage. Try reverting to the last good version of your data. Snapshots, data retention policies, consistent or tertiary sites, like the cloud, will all add layers of defense.
A disaster recovery plan will help you get back on your feet and keep your business running after a worst-case scenario. But ideally, you won’t have to revert to DR because you protected your data in the first place.”
Don Boxley, CEO and Co-Founder, DH2i
“Few would argue that an always-on and always available IT infrastructure is critical for the success of virtually any organization in today’s data-driven world. Likewise, few would disagree that backing up data is one of the most critical protections that an organization can implement to help ensure the ability to recover and maintain operations in the event of a failure, disaster or malware attack – such as ransomware. Yet, research has shown that while almost 90% of organizations are backing up, only about 41% backup daily, leading to a high number of companies admitting that they have had data loss events that have resulted in downtime.
On World Backup Day, I would encourage organizations to take a hard look at backup as well as all policies, procedures and technology they have in place to ensure high availability (HA) and disaster resilience. And then, I would recommend they evaluate if they were to experience a failure, disaster or cyber-attack, how quickly could they recover, and would be able to weather that downtime from a business, legal and/or regulations compliance standpoint. an ounce of prevention is worth a pound of cure.”
Surya Varanasi, CTO, StorCentric
“On World Backup Day, we are reminded that ransomware and other types of malicious malware can disrupt any environment. And further, while hundreds of thousands if not millions might be at stake for the actual ransom payment, the gravest consequences of ransomware is data loss and downtime. Both present almost incalculable expense, with significant downtime resulting in potentially millions in lost revenue, as well as costly legal fees and regulations compliance cost, in addition to a rise in insurance premiums and decreased customer trust.
Today, the process of backing up has become highly automated. But now, as ransomware and other malware attacks continue to increase in severity and sophistication, we understand the need to protect backed up data by making it immutable and by eliminating any way that data can be deleted or corrupted.
An Unbreakable Backup does exactly that by creating an immutable, object-locked format, and then takes it a step further by storing the admin keys in another location entirely for added protection. Other key capabilities users should look for include policy-driven data integrity checks that can scrub the data for faults, and auto-heals without any user intervention. In addition, the solution should deliver high availability with dual controllers and RAID-based protection that can provide data access in the event of component failure. Recovery of data will also be faster because RAID-protected disk arrays are able to read faster than they can write. With an Unbreakable Backup solution that encompasses these capabilities, users can ease their worry about their ability to recover — and redirect their time and attention to activities that more directly impact the organization’s bottom-line objectives.”
JG Heithcock, GM, Retrospect, a StorCentric Company
“On World Backup Day we are reminded of the myriad reasons a sound data backup strategy and proven solutions are critical to the success of virtually all organizations, as it is a given that at some point most will suffer a failure, disaster or cyber-attack. However, given the world’s economic and political climate, the customers I speak with are most concerned about their ability to detect and recover from a malicious ransomware attack.
My advice to these customers is that beyond protection, organizations must be able to detect ransomware as early as possible to stop the threat and ensure their ability to remediate and recover. A backup solution that includes anomaly detection to identify changes in an environment that warrants the attention of IT is a must. Administrators must be able to tailor anomaly detection to their business’s specific systems and workflows, with capabilities such as customizable filtering and thresholds for each of their backup policies. And, those anomalies must be immediately reported to management, as well as aggregated for future ML/analyzing purposes.
Of course, the next step after detecting the anomaly is providing the ability to recover in the event of a successful ransomware attack. This is best accomplished with an immutable backup copy of data (a.k.a., object locking) which makes certain that the data backup cannot be altered or changed in any way.”
John Collins, VP marketing and business development, Western Digital
“We all know that backup is important (whether we do it or not is another thing), but what about getting your data back quickly? We’re seeing a shift in emphasis from backup to the ‘speed of restore.’ That’s why we’re seeing flash more frequently being deployed as a backup repository for mission-critical data because of its low-latency restore and recovery.
For businesses, data can be compromised or lost due to a natural or man-made disaster, and increasingly, through criminal activity through insider attack or external ransomware threat. Having a high-performance recovery solution can save a business from becoming just a memory.”
Ric Longenecker, CISO at Open Systems
“Similar to every Patch Tuesday, World Backup Day is a key reminder to people everywhere about safeguarding data as the world becomes increasingly technologically driven. With employees working from anywhere, and more companies selecting cloud-first strategies, we’re seeing an accelerated decentralization of apps, data, and users. This type of asset proliferation fundamentally changes the way corporate resources require connectivity and protection. On-prem Data backup, basic site-to-site connectivity, and perimeter security are no longer enough.
This evolution is especially relevant in light of continued uncertainty resulting from impacts of global conflict. While continued education of employees, partners, and stakeholders is critical, business leaders must work assiduously to boost their overall security maturity. They must go beyond simple threat detection and response to reduction of the attack surface. Otherwise, an insider threat or mistake by a well-intentioned employee could cause severe damage.”
Jon Check, Executive Director of Cyber Protection Solutions at Raytheon Intelligence & Space
“The Great Resignation has, subsequently, also turned into the Great Exfiltration – the people leaving their jobs en masse may also be taking company data with them. In light of the Great Exfiltration, it is vital for organizations to create and implement a robust data loss prevention
(DLP) strategy to prevent any exfiltration or destruction of data, whether intentional or accidental.
This year on World Backup Day, we are reminded that while there are many facets to a successful DLP strategy, one key component is ensuring that backups are performed frequently and stored in a secure location, which can help speed up the recovery time. It is also helpful to store backups offsite or at a secure network location – in the event of data loss spurred by ransomware or another malicious attack, which may also target a backup system or prevent the recovery of a system. These practices can help to further protect such sensitive information detrimental to a business’s success and competitiveness.”
David Friend, co-founder and CEO of Wasabi Technologies
“One underutilized way to protect and backup your data against cyber threats and ransomware is through object-level immutability in your cloud storage, which means certain files and stored objects cannot be modified or deleted by anyone, even a systems administrator. If you store your backups in immutable buckets, ransomware hackers can’t delete or encrypt your backups. Ransomware hackers know that if you can restore your systems from backups, they are unlikely to be able to extort ransom from you. So they try to destroy backups at the same time they are encrypting your primary data. But if you have done your backups properly, when you get attacked by ransomware, you should be able to start fresh and restore your entire system from backups.
No amount of high-tech prevention will stop ransomware attacks because most of the time the vulnerability is with the humans, not the machines. So my advice is to do the best you can on the prevention side, but more importantly do complete backups, store them in immutable object stores, and test that you can successfully do a full restore before you get hit.”
Florindo Gallicchio, Managing Director, Head of Strategic Solutions at NetSPI
“This World Backup Day, it’s time to acknowledge how critical data backup has become, especially since many ransomware strains attempt to delete backup files, as we witnessed with Ryuk. Most businesses are faced with two significant risks when it comes to backups: the theft and public disclosure of sensitive data, and the disruption of critical business functions. If either of these risks occur, organizations could endure devastating consequences. To make sure that doesn’t happen, organizations need to proactively put strategies in place to bolster protection against these threat actors.
One way to do this is by ensuring that backups with all of the organization’s critical data are routinely, completely, and securely assessed –– as this is a necessary step in recovering from a possible ransomware attack. These backups should be encrypted so that sensitive data is not disclosed and stored in such a way that an organization can recover its data in a timely manner, as this is necessary to minimize disruption to business operations. Additionally, organizations should regularly revisit and test disaster recovery and business continuity plans to validate that ransomware and other threats won’t impact the integrity of any backups.
Finally, any highly important, sensitive data should be stored on an entirely separate network from the internal network. That way, if ransomware targets the desktop network, it cannot spread to the critical systems and cause complete chaos. While this is a long-term, and challenging strategy, it’s well worth the time and investment for organizations to counter the continuous risk of critical data loss.”
Stephen Cavey, co-founder, Ground Labs
“Digitization, and the overall uptick in large-scale cyberattacks over the past year, have ushered in greater awareness of the need for data backup. However, since backups typically contain duplications of sensitive data, such as invoice numbers or credit card information, there is still some educating to do on the need to protect an organization’s data backup; not just its original data set.
This World Backup Day, it’s important for an organization to re-assess its data backup strategy. If a system does not exist, now is the time to implement one based on your organization’s operations, internal policies and industry rules and regulations. For example, establishing device ownership if you have remote or hybrid employees, setting a security standard and understanding your data, regardless of its location, is critical when safeguarding your assets. Don’t overlook proper storage and protection of data backups, as it’s just as essential to ensure your business doesn’t suffer financial loss or reputation damage.”
Michael DePalma, Senior Channel Development Manager, Datto
“Backups are clearly a necessary piece of any company’s cyber resiliency plan. But the conversation is shifting from traditional backups to business continuity. Backups are critical, but they are only as good as the speed in which a business can recover that data and get back up to a true production environment.
At a minimum, companies need to follow the 3-2-1 rule when addressing their backups. Three copies of your data, on two different media, with (at least) one copy off-site. Businesses need to also ensure they are vetting the security of the backup vendors they are working with. The cyber threats are evolving rapidly and we know the criminals are looking to target backups to make the restoration process as painful as possible. Proactively addressing any security gaps will save companies a lot of headaches when a breach occurs.”
Ben Gitenenstein, VP of Product, Qumulo
“Your data’s growth isn’t slowing down. And the amount of data growing in your system can outpace your IT or security team’s ability to back up and protect it. You need a backup solution that can keep up.
What if you didn’t back up your data and disaster strikes? It’s not the end of the world – if you have disaster recovery. If your data is compromised, start by undoing the damage. Try reverting to the last good version of your data. Snapshots, data retention policies, consistent or tertiary sites, like the cloud, will all add layers of defense.
A disaster recovery plan will help you get back on your feet and keep your business running after a worst-case scenario. But ideally, you won’t have to revert to DR because you protected your data in the first place.”
Jason Stirland, CTO at DeltaNet International
“If the events of the world have taught us anything over the past couple of years, it’s that the future is unexpected. Having a business continuity plan is essential for organizations of all sizes. The time-old phrase from Benjamin Franklin works well for organizations, “if you fail to plan, you are planning to fail!”. Organizations must create rigorous backup and disaster recovery plans; that is tested and refreshed regularly – this will be key for survival. As much as IT teams can put high-security infrastructure in place to protect the organization, it only takes one individual to click on a phishing scam to open it up to a cyber-attack such as ransomware. Having a solid backup and disaster recovery plan prepared allows the organization to minimize downtime and continue functioning.”
Andrew Kahl, CEO of BackBox
“World Backup Day serves as an important reminder for organizations to evaluate backup best practices and how critical they are to business continuity and security. For most organizations, security has never been more top of mind than it is today. Network Engineers, Network Administrators, CIOs, CISOs and IT leaders all understand the importance of regular backups, but human error, complex multi-vendor environments and competing priorities often result in missed or only partial backups that introduce unnecessary risk.
In the event of a cyberattack or other security incident that results in network outage, organizations must be prepared with proper backup and recovery efforts. A solid backup and recovery plan must include collecting a complete inventory of all applications, software and hardware; outlining specific individual responsibilities in the event of a disaster and ensuring those individuals understand their responsibilities; having alternative communication methods in place; and carrying out regular reviews of this plan as a whole. Multi-faceted network automation platforms that streamline backup verification and automated disaster recovery into a single process without the chance of human error significantly assists organizations in protecting valuable data stored within their IT environments. Automating these processes helps IT teams ensure high availability resilience by creating a central backup of network device configurations with one-click recovery. Scheduling regular backups through a network automation platform, as well as knowing exactly what is being backed up and when, are key components to ensuring overall business continuity in the case of downtime.
According to Gartner, network downtime causes an average loss of $300,000 per hour, but companies that prioritize best practices for backup and unplanned network downtime will experience far fewer outages and radically decrease time spent offline.”
Stephen McNulty, President of Micro Focus‘ APJ
“When disasters occur, organisations suffer. That is why they see backups, recovery, and security of data and systems as crucial for business continuity.
Backups are an essential practice to safeguard data, but they are not the most important step. While they do indeed ensure availability and integrity of data, I believe recovery strategies should take precedence. Here’s why – it is the ability to restore data and systems to a workable state, and within a reasonable timeframe, that makes backups valuable. Without this ability, there is no point in performing the backup in the first place.
Furthermore, backups must also be complemented with adequate security controls. To that end, business leaders should consider the Zero Trust model, which implements a collection of solutions covering a range of needs – from access control and privilege management to the monitoring and detection of threats. This will ultimately provide the best protection possible as information travels across devices, apps, and locations.”
Diana Salazar, Product Marketing Manager at Quantum
“Data will continue its hyper-growth trend with most of the data being unstructured and ransomware will continue to be a destructive threat. The understanding (analysis), security, and housing (storing) of data and moving it seamlessly across the infrastructure will be a top priority for many organizations. Data is what is driving cyber criminals to increase their relentless attacks they understand its value. Organizations must understand their data lifecycle and gain insight to effectively manage and utilize technology including secondary storage tier technology that can protect it from cyber-threats to preserve it for many years, decades, maybe even centuries.”
Tim Sherbak, of Enterprise Products and Solutions Marketing at Quantum
“As IT budgets lag data growth rates, pressure builds for creative ways to cost-effectively store, manage, and extract value from more of this data. Emerging cold storage architectures and services will blur the lines between cold and warm data, with high performance access and simpler cost models allowing for more effective storage and use of cold data sets. Modern cold storage archives were pioneered by some of the world’s largest cloud solution providers, but with emerging architectures and services, cold storage solutions will be deployed within an organization’s own data center, colocation facility or hosted IT environment, whereby data can now be maintained within in-house security perimeters to meet data sovereignty and data residency requirements. New erasure coding algorithms optimized specifically for cold storage will enhance data protection and durability for long term retention while reducing storage costs significantly versus multi-copy and cloud-based solutions.”
Brian Spanswick, CISO and Head of IT at Cohesity
“While all eyes are on backup today, organizations must strive for holistic cyber resilience — and recognize that backup is just one component of a much larger equation. Achieving true cyber resilience means developing a comprehensive strategy to safeguard digital assets, including integrated defensive and recovery measures that give organizations the very best chance of weathering the storm of a cyber attack. Organizations should embrace a next-gen data management platform that enables customers to adopt a 3-2-1 rule to data backups, ensure data is encrypted both at transit and at rest, enable multi-factor authentication, and employ zero trust principles. Only then can organizations address mass data fragmentation challenges while also reducing data proliferation. Further, backups that can be restored to a precise point in time deliver the business continuity required for organizations to not only survive attacks but continue to thrive despite them.”
Anneka Gupta, chief product officer of Rubrik
“The rapid rise in ransomware is underscoring the reality that legacy backup and recovery solutions are not sufficient to adequately protect your businesses’ data. A proactive approach with more intelligent tools that provide data resilience, data observability, and data recovery are required to truly secure an organization’s data from cyber criminals. For example, having end-to-end immutability in place ensures backup data is not compromised, corrupted, or maliciously deleted. Blast radius detection is also critical to be able to easily identify how far and wide a cyber attack has potentially spread within your system(s) and know exactly where to focus your recovery efforts. With an approach like this in mind, IT and security leaders can more quickly and effectively recover from these attacks–critically, without paying a ransom.”
Colm Keegan, senior product expert, Data Protection Solution, Dell Technologies
“The shortage of IT skill sets will continue to drive the need for simplified data protection solutions with more automation. With the growth of multi-cloud and hyper distributed workloads making it difficult for humans to catch up, we’ll see more organizations increase their reliance on automation to mitigate human error as a major cause for cyber breaches.
We’ll see an increased adoption of multi-cloud with developers and by extension DevOps being a key IT constituency with a focus on innovation verses infrastructure.
Cyber threats will remain a top IT concern. The growing proliferation of devices, multi-cloud, 5G and the continuing reliance on edge computing will drive the need for embedded intrinsic security throughout the infrastructure. The new paradigm shift towards data decentralization should give organizations reason to take a proactive security posture in their digital transformation with a focus on proactively detecting threats before they become kinetic.
Increasing concerns around cloud costs and the need to drive operational efficiencies in cloud (compute, storage, networking) will continue to be paramount.”