A Multi-layered Approach To Data Resilience

What is data resilience? In a nutshell, it’s a mindset that all organisations should adopt to meet their business-continuity plans and keep their operations up and running. There are many moving parts, but overall, it’s as simple as that.

The good news is that 83% of IT decision-makers are now including data resilience in their business strategies, according to a global survey by Arcserve. The bad news is that only 23% have a mature approach to data resilience.

It is not enough because a solid data resilience plan is essential as organisations move to hybrid IT environments. When performance needs arise or a catastrophic failure occurs, organisations must have a well-thought-out and battle-tested plan for recovering their data.

The reality is that data is the fuel that modern businesses run on. When companies lose access to their data, they lose the ability to go forward. Data resilience prevents this from happening. It allows every organisation to quickly recover from a data-threatening event and flourish in the digital economy.

Here are three key steps to help your business develop a robust data resilience strategy.

Create A Plan And Test It Often

The strength of any data resilience strategy depends on the regular testing and adjustment of all its parts. To be reactive is not good enough. You can’t wait for a disaster or attack to occur, then scramble to implement your strategy and find out if it’s good enough or not. Planning and testing are indispensable to success. Indeed, a well-devised and continuously tested data resilience strategy can mean the difference between having a business and having no business.

Numerous studies have shown that organisations that suffer a ransomware attack or other type of data-loss event have a lot of difficulties winning back their customers. One study showed that 88% of customers would stop using the services or products of a business they no longer trust and that 39% lose trust in a company that misuses data or suffers a data compromise. You get the idea. A data-loss event or hack of any kind can be fatal.

Get Executive Buy-in 

Data resilience should be the responsibility of top executives and business owners, not just the IT department. And yet data resilience is still not a priority in the C-suite of many organisations. It must be, especially with the introduction of new cybersecurity measures such as the NIS 2 Directive in the EU. A successful data resilience initiative starts at the top, with buy-in from C-level executives and the board of directors. When this happens, the rest of the organisation will recognise the importance of the effort, keep it top of mind and rise to the occasion when necessary.

Data resilience initiatives face slow adoption in many organisations precisely because they lack champions at the top. Like any investment, a data resilience initiative needs support from the whole company, from the corner office to the cubicles, across every department.

It also requires buy-in from external partners and service providers. For an initiative to work, all participants must know their role in everyday operations and in the time of a disruptive event. Without buy-in from all parties, there will be some who don’t perform when the chips are down.

Take A Multi-layered Approach 

The key to achieving data resilience is a “multi-layered approach” and deploying an infrastructure that supports all your data resilience requirements. One vital layer is doing frequent backups and creating copies that can be stored in a digital immutable vault. During this process, storage snapshots should be taken and secured in a vault. When a disaster or attack happens, and data is compromised, you have these snapshots available for instant recovery. 

Automation and orchestration are two other important parts of a multi-layered approach, which help streamline data recovery. These parts should include processes and automated workflows that instil consistency and minimise complexity when time is of the essence and quick thinking is required. That way, you can bring back your data fast and get back to business as usual without critical damage to your business.

Another critical element of a multi-layered approach is 3-2-1-1 data protection. It means maintaining three backup copies of your data on two different media - tape and disk, with one of the copies placed offsite to enable quick recovery. Further, you should have one immutable object storage copy.

Immutable object storage continuously protects data by taking a snapshot at 90-second intervals. Even if disaster strikes, those data snapshots enable you to return to a recent file state.

Conclusion

A good data resilience strategy does a lot for your business. It enables you to manage rapid data growth and handle various workloads, unify data recovery and quickly get back up and running after any event that compromises your data. It brings many benefits to your organisation, including enhanced performance, reduced costs, reliable and efficient business operations, minimised risk, and strong protection in every part of your company.

Florian Malecki is Executive Vice President Marketing at Arcserve

You Might Also Read: 

Why Companies Need A Next-Gen Approach To Business Continuity:

 

« Proactive Cyber Security Is A Must Have
The Challenges Of Moving To Zero Trust »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

NCX Group

NCX Group

NCX Group is committed to helping customers identify and mitigate the risks inherent in today’s interconnected environments and business processes.

Government Communications Headquarters (GCHQ)

Government Communications Headquarters (GCHQ)

GCHQ defends Government systems from cyber threat, provide support to the Armed Forces and strive to keep the public safe, in real life and online.

Hogan Lovells

Hogan Lovells

Hogan Lovells is an international business law firm with offices across Europe, Asia and the USA. Practice areas include Privacy & Cybersecurity.

Sopra Steria

Sopra Steria

Sopra Steria is a leading European information technology consultancy.

Advisen

Advisen

Advisen is the leading provider of data, media, and technology solutions for the commercial property and casualty insurance market including cyber risk.

OmniNet

OmniNet

OmniNet delivers the next generation of cybersecurity and is the only provider in the market to move the edge of small businesses to a virtual, omnipresent perimeter.

Cybersecurity Professionals

Cybersecurity Professionals

Search vacancies from top cyber security jobs worldwide on CyberSecurity Professionals. View IT security jobs or upload your CV to be seen by recruiters from industry leading firms.

Cyber Security & Cloud Expo

Cyber Security & Cloud Expo

The Cyber Security & Cloud Expo is an international event series in London, Amsterdam and Silicon Valley.

Netlawgic Legal Services

Netlawgic Legal Services

Netlawgic is exclusively focused on delivering cyber law solutions to the industry. We provide our clients with specialized attention and problem solving in all aspects of cyber law.

SecureThings

SecureThings

SecureThings focus is to provide guidance and technology to secure connected vehicles in order to build end-to-end security for the automotive industry.

Raqmiyat

Raqmiyat

Raqmiyat provides end-to-end IT Services and business solutions including consultancy, digital transformation, infrastructure and cybersecurity.

Valency Networks

Valency Networks

Valency Networks provide cutting edge results in the areas of Vulnerability Assessment and Penetration Testing services for webapps, cloud apps, mobile apps and IT networks.

Purple Knight

Purple Knight

Purple Knight is a free Active Directory security assessment tool built and managed by an elite group of Microsoft identity experts.

Plex IT

Plex IT

Plex IT provides managed IT services to organisations along with managed security services.

Ampsight

Ampsight

Ampsight specializes in enabling cloud integration, securing data, and navigating complications that drive critical-mission success.

Panasonic Automotive Systems

Panasonic Automotive Systems

Panasonic Automotive Systems brings together security technologies and human resources cultivated across an extensive range of businesses into the automotive field.