Cybersecurity Threats Need Fresh Data Recovery Strategies

The information age is a double-edged sword. Advanced technologies are accelerating incredible achievements for businesses and consumers. We are more connected than ever, and those connections are faster and increasingly more immediate. But technology has also made it easier for those who seek to gain an advantage by exploiting others. Hidden in the digital web of interconnections are people intent on stealing your content or holding it to a hefty ransom for its return.

I was once told that “The only really secure way to keep your data safe is to put it into a box with no electronic connections and guarded by sentries.” Well, that’s not perfect because humans are fallible. But today’s organizations need digital sentries and multiple lines of defense against cybercrime, which can devastate a business when it hits and impacts can linger for years after the initial attack.

Ransomware has been steadily growing in prominence and impact since the WannaCry ransomware outbreak that infiltrated systems around the world in 2017. While criminals develop more advanced techniques, the fundamentals of ransomware remain the same. Attackers penetrate a network, find and encrypt data, and demand payment for a decryption key.

The threat of ransomware is increasing quickly, and the impact of an attack is enormous. It’s not a question of “if” but of “when” you will face this challenge. Choosing between ransom payments or suffering data loss is costly and risky.

The costs associated with cyberattacks, including lost business, insurance rate hikes, lawsuits, criminal investigations and bad press, can even put a company out of business – and fast! Here are just a few of the many data breaches that occurred during the past 18 months and their costly toll:

• The New York Times reported that T-Mobile reached a $500 million settlement after a huge 2021 data breach. The company, which said the attack had affected 76.6 million people, agreed to pay $350 million to settle claims and spend $150 million to bolster security.
• Insider reported that global insurance provider CNA Financial forked over a reported $40 million post-cyberattack last year.
• The Washington Post reported that the ransomware attack on U.S. software provider Kaseya in 2021 that targeted the firm’s remote computer management tool endangered as many as 2,000 companies globally.

There are many strategies for preparing for and mitigating the risk associated with cybersecurity threats such as ransomware, but each comes with its own set of challenges. Backup is a critical means of recovery and yet, decades-old legacy enterprise backup solutions were not designed to handle the scale and complexity of today’s data. And this problem continues to grow. As SearchDataManagement noted earlier this year, the world’s collective data is anticipated to reach 175 zettabytes—the number 175 followed by 21 zeros—by 2025.

Backup is Broken

Traditional backup as we know it is broken. Here’s why:

• Backups are periodically done in batches – When data recovery is needed, the last available copy could be more than 24 hours old, resulting in permanently lost data and/or recent changes.
• Backup is outdated – Snapshot-based legacy backup soft­ware, developed decades ago, still uses agents to protect and recover virtual machines, resulting in high maintenance costs, time wasted on administration, or even failed recoveries.
• It’s expensive – Aside from costs associated with impacts on production and resources, legacy backup requires multiple licenses, additional agent purchases and increased IT infrastructure costs.
• Legacy backup tools are complex – They use distributed systems for data transfer, requiring dedicated hardware, extensive configuration and a lot of IT time and resources.
• It’s disruptive – Legacy backup jobs often don’t complete in time, disrupt production environments with unplanned downtime and heavily burden already constrained IT resources.
• And it’s slow – Legacy backup copying processes place an enormous load on your production environment, causing network lag and downtime.

A New Backup Paradigm to Recover Data in Near-Instant Time

What’s needed is continuous, real-time backup. This capability would provide a strong first line of defense against cybersecurity threats, enabling organizations to recover compromised data easily and almost instantly.

Traditionally, backup sits outside the operating system data path. As data continues to increase exponentially–both in the number of files and the amount of data generated–backup systems that scan file systems are no longer feasible, particularly as we enter the realms of billions of files and petabytes or more data.

A new approach would intertwine backup with the data system itself rather than existing outside of it, allowing all file scans and saves to be recorded immediately without the risk of loss while communicating between the two systems. Furthermore, saves and scans would occur constantly–not just when a user makes changes to a file, but at every point throughout its lifespan.

This model would combine the file system and backup into one entity, enabling organizations to recover compromised data easily and at lightning speed–giving them access to all of the data as it existed the instant just before a malicious attack or system compromise. It would enable organizations to quickly recover their data and avoid the huge time and cost impacts of data loss or corruption.

Current backup and recovery solutions are not where the world needs them to be, but that doesn’t mean we should settle for less. In 2023, there will be an increased focus on the “first line of defense,” where cyberattacks are stopped altogether or can be swiftly unwound without recourse to backups. Instead of taking hours, days and sometimes weeks or more, recovery would take place almost immediately.

A metadata-based approach that sits within the operating system data path could enable continuous data access. This method could provide unprecedented data protection, making it possible to approach the ideal of zero recovery time objective (RTO), giving users control of searching and recovering data immediately without IT assistance, and a recovery point objective (RPO) of zero, eliminating the significant cost and impact of interrupted data access.

Anything more is a compromise that exposes organizations to increased risk of data and financial loss. Companies should push vendors to achieve RPO and RTO that is zero–or as close to zero as possible—and seek out solutions that achieve those objectives.

Comments are closed.