Navigating The Complexities Of Data Backups In A Hybrid World

Uploaded on 2024-07-10 in TECHNOLOGY--Resilience, FREE TO VIEW, BUSINESS-Services-IT & Telecoms

With hybrid IT infrastructures and growing data volumes, data today is scattered across more locations than ever before, often moving between on-premises systems and the cloud. This shift has brought about complex and costly challenges for both the management and protection of an organisation’s data.

Not only is it exposed to growing cyber threats; employees, despite their best intentions, can also accidentally delete or alter it, adding to the risk.

Research from Forrester highlights the magnitude of the issue. Currently, over half of workloads in small and medium-sizes businesses (SMB) run in the public cloud. Despite this reliance on cloud services, nearly three-quarters of these businesses admit they lack the capability or capacity to train their employees on the growing complexities of cloud environments.

This skills gap leaves them vulnerable to a range of security threats. Ransomware is a significant concern: According to Statista, there were over 317 million ransomware attempts globally in 2023 alone. These attempts often target data backups, forcing organisations to pay ransoms or face severe consequences, such as data loss, reputational damage and financial losses.

The Importance Of Reliable Backups

Backups are essential in defending against ransomware and other attacks. Global compliance standards frequently mandate regular backups, and these requirements are becoming increasingly stringent. However, creating and maintaining effective backups is challenging, particularly for businesses relying on hybrid IT systems.

A robust data protection and disaster recovery strategy is crucial but can be difficult to maintain in a complex and fast changing environment. Businesses must safeguard their data wherever it resides, including physical servers, mobile devices, remote users, collaboration tools and the cloud. Backing up this multifaceted landscape often requires tools from numerous vendors, complicating the process and increasing costs.

The rapid implementation of new cloud services can exacerbate these issues. Often, performance is prioritised over security. Additionally, businesses may choose cheaper, less comprehensive backup solutions to cover each data environment. While this approach might seem cost-effective initially, it can lead to higher costs and complexity in the long run.

Many businesses mistakenly believe that cloud providers handle all backup needs, but this is usually not the case.

Cloud providers typically do not offer historical data storage or full data protection and recovery; instead, these responsibilities fall on the customer. Moreover, when cloud data is compromised, backups hosted in the same place as the original data will also be affected. Cloud customers must therefore implement additional data protection measures that meet their requirements in terms of recovery times and recovery points.

Effective Backup Strategies

To streamline backup processes and reduce the administrative burden, organisations should seek a single solution that allows for multiple backups across all data environments. The first step is to conduct a careful audit to understand where data resides and how it is currently backed up. Ideally, a comprehensive, one-stop backup platform should cover on-premises servers, end devices, SaaS solutions and the public cloud. This integrated approach makes backup processes more efficient and manageable, while providing better transparency across the entire organisation.

A solid backup and recovery strategy should address a range of possible scenarios, from file loss to system outages to ransomware attacks. This includes the ability to quickly set up a new production environment in case of a disaster to avoid costly downtime. Backups must be immutable, verified for integrity and tested for usability – and stored in separate locations to prevent infection with malware or ransomware.

Cost considerations are also crucial. Backup solutions which offer data protection no matter where the data lives can be more cost-effective and the spend more predictable. These solutions offer the flexibility to evolve with changing requirements as data moves from on-premises, to the cloud, SaaS and endpoints.

Ultimately, all businesses, regardless of size or industry, are at risk of ransomware and infected backups. Hackers do not discriminate, so organisations must assume they are at risk and prepare accordingly. With the constant threat of cyberattacks looming, a single backup strategy is no longer sufficient.

Only a flexible, multi-backup approach covering the entire IT environment can reliably protect businesses against the myriad risks they face.

Brent Torre is Product Executive, Backup & Disaster Recovery at Kaseya

Image: mesh cube

You Might Also Read:

What Is CloudSecOps?:

If you like this website and use the comprehensive 7,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« Breach Exposes Millions Of Mobile Numbers To Phishing Attacks
Webinar: Generative AI and Security »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

ThreatConnect

ThreatConnect

ThreatConnect is an enterprise threat intelligence platform by Cyber Squared bridging incident response, defense, and threat analysis for InfoSec & DFIR teams.

Bittium

Bittium

Bittium provides proven information security solutions for mobile devices and portable computers.

PROMIA

PROMIA

PROMIA is in the business of providing solutions that are designed to support highly secure, reliable, scalable and interoperable business applications.

Open Raven

Open Raven

Open Raven is the cloud native data security platform that prevents breaches driven by modern speed and sprawl. Restore full visibility and regain control within minutes, without agents.

Crown Sterling

Crown Sterling

Crown Sterling delivers next generation software-based, AI-driven cryptography in the form of random number generators and encryption products.

Infosequre

Infosequre

Infosequre builds up your security awareness culture and turns your employees into the first line of defense against cyber risks.

Ribbon Communications

Ribbon Communications

Ribbon Communications delivers global communications software and network solutions to service providers, enterprises, and critical infrastructure sectors.

ACSG Corp

ACSG Corp

ACSG Corp is a Critical Infrastructure Protection Company with a multi-disciplinary focus on building analytics software for various industry sectors.

IMQ Group

IMQ Group

IMQ is one of Europe’s top players in the field of conformity assessment. We offer certification services to support all the major sectors of the manufacturing and service industries.

Sevco Security

Sevco Security

Sevco Delivers Real-time Asset Intelligence to Identify and Close Unknown Security Gaps.

Pathlock

Pathlock

Pathlock (formerly Greenlight) help enterprises and organizations automate the enforcement of any process, access, or IT general control, for any business application.

CFTS

CFTS

CFTS 'Computer Facilities Technical Services' is a Ugandan ICT Support Company that specialises in infrastructure and support services including network security.

Nerds On Site

Nerds On Site

Nerds On Site provide on-site & in-home IT and technical support, managed IT services, and cyber security through our collaborative team of highly-trained IT and Security professionals.

Bearer

Bearer

Bearer helps modern teams ship trustworthy products with the help of our code security solution built for security, privacy and engineering teams.

CODA Intelligence

CODA Intelligence

CODA's AI-powered attack surface management platform helps you sort out the important remediations needed in order to avoid exploits on your systems.

Hudson Rock

Hudson Rock

Hudson Rock’s products — Cavalier & Bayonet — are powered by our cybercrime database, composed of millions of machines compromised by Infostealers in global malware spreading campaigns.