Backup and disaster recovery (BDR) planning should provide peace of mind that, if the worst occurs, your organization can continue to function. Unfortunately, your peace of mind has an expiration date.
The threat landscape has been shifting rapidly due to increases in virtualization, evolving cybersecurity risks exacerbated by the abrupt shift to work for home, and more. These changes have driven the need for your IT infrastructure to evolve, and BDR initiatives must be updated accordingly.
It’s important to act now to rectify any existing shortcomings or gaps in your DR to ensure you’re currently prepared for disasters. Additionally, once you’ve righted the ship (or confirmed it’s fully upright) in the present, be sure you’re steering ahead and ready for the future.
Cybersecurity risk is higher than it’s ever been, yet lower than it ever will be. This is especially concerning because according to an Infrascale survey, “More than 1 in 5 SMBs lack proper data protection.” If disaster strikes and destroys your cloud native security capabilities, the result is a substantial increase in risk. To retain the appropriate risk posture, you must not only back up your data, but back up the systems that protect your IT infrastructure.
Blockchain Verifies the Integrity of Data
According to Investopedia, “Decentralized blockchains are immutable, which means that the data entered is irreversible. For Bitcoin, this means that transactions are permanently recorded and viewable to anyone.” The cryptographic relationship between connected ledger entries prevents them from being tampered with.
“The goal of blockchain is to allow digital information to be recorded and distributed, but not edited…. but blockchain can, in theory, be used to immutably record any number of data points.” However, blockchain wasn’t designed to accommodate very large ledger entries, making it impractical to treat storage block contents as ledger entries. As published in TechTarget, “While a high-capacity blockchain ledger could be created, replicating the ledger entries across low-bandwidth connections would likely become problematic… a better approach to using blockchain for disaster recovery might be as a tool for verifying the integrity of data that has been backed up or replicated to a DR site.” (emphasis mine.)
This approach could be used to detect data tampering or data corruption, but it is incapable of fixing data that is found to have been altered.
What Was Overlooked in the Hasty Shift to Remote Work?
An article on trends in DR wouldn’t be complete without a mention of the COVID-19 pandemic. Early in the pandemic, I encountered this amusing and insightful tweet:
Lockdowns, quarantines, and isolation have pushed millions around the world to work from home. With workforces becoming more mobile and users connecting to corporate networks from virtually anywhere, data is everywhere. Companies need to protect this data, even when it resides outside the four walls of an office building. To protect this data backup and disaster recovery solutions should be core to any digital transformation strategy.
Cyber attackers have been creative and industrious for many years now, and the global pandemic has brought additional challenges. An April 8, 2020 joint alert from the US Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) and the United Kingdom’s National Cyber Security Centre (NCSC), stated, “…groups and cybercriminals are targeting individuals, small and medium enterprises, and large organizations with COVID-19-related scams and phishing emails.” In the same month, the World Health Organization reported a fivefold increase in cyberattacks. The average ransomware demand increased 47% from Q1 to Q2 2020. In this environment, a highly effective backup and disaster recovery solution is imperative to protect your critical data.
There is No ‘Get Out of [Ransomware] Jail Free’ Card
Cyber insurance has been viewed as a ‘get out of [ransomware] jail free’ card, but that’s not the intention. With insurance companies making more frequent payouts, the requirements for coverage of MSPs and other organizations should grow increasingly strict. Failure to implement and maintain basic cybersecurity and backup and disaster recovery best practices are considered negligence, and breaches resulting from negligence are generally not covered.
Tackling the Complexity of Growing Multi-Cloud Use
Multi-cloud is the norm and cloud complexity continues to increase. A Gartner survey of public cloud users found that 81% of respondents are working with two or more providers. Large organizations, in particular, pursue this approach to avoid vendor lock-in and take advantage of best-of-breed solutions.
DR planning impacted by hybrid complexity was listed among Gartner’s “Top 10 Trends Impacting Infrastructure and Operations for 2020.”
With all the changes organizations are facing, distributed workforces, and workloads of varying importance, organizations can’t accept a one-size-fits- all approach to DR. Instead, ask the right questions to determine:
- What’s necessary?
- Will this achieve our goals?
- Is it effective?
- Does this account for our biggest vulnerabilities?
DR solutions increasingly need to be customized to meet the ever-changing and specific needs of customers and the challenges they face. Some organizations have processes and practices that are bound to their physical service locations, and recovery must be locally optimized to maintain business operations. Additionally, regulatory compliance can require backing up servers offsite, or in the cloud too. You may need a hybrid approach with backup both locally and in the cloud.
Continuity Central further recommends, “It is worth differentiating between data backup and disaster recovery. DR must include backup, but backup alone is not disaster recovery.”
Granular Application of DR
It’s rational to make the most important data the most quickly and easily accessible. But doing so requires first determining what data is “most important” and what data is of moderate and low importance. Few business unit owners will readily declare their systems “unimportant.”
Similarly, organizations are increasingly taking a granular approach to technology selection. As Tess Hanna writes in Solutions Review, “Businesses are implementing multiple backup solutions in order to best protect their vital data, manage product costs, or deploy a solution that will be intuitive for users. As a result, larger vendors are not necessarily the safest choice, making emerging providers an intriguing option.”
Flexibility and Scalability
SaaS and IaaS offerings, such as Microsoft Office 365, make enterprise technology accessible to small and mid-sized organizations for an achievable, accessible price. With per-user, per-month license fees, there’s no need to make commitments with big, upfront costs, and you have the freedom to adjust monthly based on staffing requirements and other emerging needs.
DR should be no different. Moving forward DR solutions should offer scalability while providing the scalable, usage-based pricing structure organizations have come to expect.
Emerging technologies such as blockchain and AI have fascinating and far-reaching potential. If businesses are leveraging such innovations, that functionality will require backup. Additionally, the technologies themselves can be used in the process of backing up your data and preparing to recover from disaster. Whether server crash, human error, malicious activity, or natural disaster, a localized or site-wide incident means unanticipated costs or unplanned downtime With Infrascale Backup & Disaster Recovery (IBDR) your data is always protected and available…when you need it.