Backups are for life, not just World Backup Day
Backups have been an essential part of IT since the days of paper tape and punched cards, but nobody ever said they were exciting.
Of all the things that now have a day devoted to them, backups probably deserve one more than most for being the unsung savior of many an information professional's career. On today's World Backup Day we've asked some experts to tell us their views on backups and why they are still vital.
"Businesses today cannot afford downtime or data loss and data production isn't slowing down, which can make it difficult for IT and security teams to ensure data security. Organizations require a complete security strategy that considers both internal and external weaknesses rather than only focusing on external threats. In order to mitigate data loss, enterprises should take proactive steps to create a backup and disaster recovery plan," Ryan Farris, VP of products at Qumulo, says. "In the event that your primary data center becomes compromised, a best practice is to have a secure secondary cloud site with data that can replicate over. By doing this, you can protect your data and information from data loss, cyberattacks, theft, and environmental disasters, and gain the assurance that, in the case of a data disaster, your company can quickly recover and carry on business as usual."
Cohesity's CISO Brian Spanswick says, "For organizations and businesses, frequent data backups are critical but it is only the first step in the process. The next step is to have frequent scheduled backups that store the data required to efficiently continue business operations in the event of a disruption and to store the backed up data in an immutable file so it can only be accessed by those with specific roles and privileges. Lastly organizations should be able to recover from these back-ups quickly to minimize the business impact of disruptions."
Colm Keegan, senior consultant, product marketing at Dell Technologies, points out that you have to know where all your data is. "Remember, you can't protect what you can't see. 72 percent of organizations reported in the GDPI research that they are unable to locate and protect dynamic data resulting from DevOps and cloud development activities. With developers rapidly adopting containers to deploy workloads across on-premises and public cloud environments, consider solutions that can discover any workload type wherever it's deployed so that you can automatically protect and secure data in real-time."
Glenn Gray, director of product marketing at Auvik, points out the importance of backing up configurations as well as data. "Backing up data and the network is not the most exciting task, but it is critical for business continuity, productivity and profitability of a company. Changes and updates to network configurations happen regularly, but documentation and backups of those configurations typically lags behind, leaving organizations vulnerable to network outages. Our recent report found 41.5 percent of IT teams are only updating network documentation monthly or less often, despite 53 percent reporting that configuration changes are happening daily or weekly. What's more, 45 percent of IT teams do not fully know the configuration of their networks. These gaps make it far more challenging for IT teams and network managers to pinpoint and correct issues when the network goes down, and in these moments, speed is crucial."
Having a backup is one thing but you also need to be able to recover quickly, says George Axberg III, VP, data protection division at VAST Data. "Data protection operations has always focused on moving data via a backup quickly, while restores were seen as a secondary, but necessary chore. Instant Recovery is nothing new -- restoring ten to twenty virtual machines (VMs) instantly has been supported for years. But with the massive inflection in data accumulation/sprawl over the last few years -- how can organizations instantly restore thousands of VMs, unstructured file systems, and 20+ terabyte databases? Organizations today must be prepared not just for backup and recovery, but for instant access and instant operations at enterprise scale. To adapt and survive in today's data intensive, AI-driven world, an organization's business critical applications require the right infrastructure and restore capabilities to provide immediate access to their data in order to reinstitute the IT operations necessary to run their business and deliver value to customers."
Backups are of course important to cybercriminals too because for them anything that helps an organization recover quickly from an attack is bad news.
Joseph Carson, chief security scientist and advisory CISO at Delinea says:
World Backup Day is a reminder for all organizations to review their backup strategy and ensure it is resilient against cyber-attacks.
Companies tend to increasingly rely on online backups, but if they use the same credentials as their production systems for a speedy recovery, that makes it very easy for cybercriminals to access, exfiltrate or encrypt sensitive data with ransomware. Keeping a copy offline is only half of what’s needed to protect digital assets, and organizations should also implement privileged access security to restrict and closely monitor access to backups.
A secure backup rather than a speedy back is what will bring your business back after a cybersecurity incident, use World Backup Day to check your strategy is top-notch.
Mark Stockley, senior threat researcher at Malwarebytes, echoes this. "Organizations today must adapt or die. While the old rules of cybersecurity are still table stakes, organizations need to look beyond basic best practices if they want to survive. Backup is a perfect example. An organization's last line of defense against ransomware is their backup solution, and attackers know it. Ransomware gangs treat backups as a priority target because destroying them can make restoration and recovery impossible. Organizations should ask themselves three questions on World Backup Day: Are we backing up the right things, are our backups beyond the reach of an attacker, and have we tested our backups to ensure they can do what we need?"
Corey Nachreiner, chief security officer at WatchGuard Technologies, shares a strategy for ensuring backups are secure. "Attackers often target backup services and disable them before an attack. Therefore, organizations should practice what’s called 3-2-2 backup, which maintains multiple backup sources off and online. Simply put, 3-2-2 means three copies of data -- two stored locally on different devices, and two offsite (e.g., a copy in a remote location, plus another copy in the cloud). Furthermore, companies need to be sure to test and prove their backups actually provide fast recovery -- in addition to backing up regularly and implementing strong protections around the multiple copies of those backups -- to avoid the 'real-death' of their data in the event of a successful ransomware attack."
Tyler Moffitt, senior security analyst at OpenText Cybersecurity, stresses the need to implement a backup monitoring system. "A backup monitoring system helps you keep track of your backups and ensures they're running correctly. It alerts you if there are any issues, such as failed backups or insufficient storage space. Having snapshots and a running history of versions of files is crucial as well. In case any of the most recent versions were to become compromised, you can have copies that you know will restore correctly."