Data Protection in a Post-COVID-19 World
Protecting data was already a top priority for organizations before COVID-19. But as the coronavirus pandemic upended operations across the globe, businesses have had to rethink their strategy for data backup and disaster recovery.
The rapid shift to remote work, for example, left many organizations exposed to new vulnerabilities that increased their risk of data loss.
Now, as businesses reckon with the possibility that remote work and other “temporary” changes may become a permanent “new normal,” they need to respond accordingly.
In this post, we identify some of the vulnerabilities that have been created by businesses’ response to COVID-19, along with solutions for strengthening data protection going forward.
Data Protection Post-COVID-19: What’s changed?
The core causes of data loss have not necessarily changed. Human error, accidental deletion, hardware failure, ransomware, viruses – these threats have been present all along. What has changed is the circumstances that make those threats more likely and/or more dangerous.
In response to the pandemic, businesses quickly altered their operations to keep employees safe and comply with the CDC’s social distancing guidelines.
But those operational changes are what led to new vulnerabilities:
- Remote workers using outdated or otherwise unsecure devices that may not be properly patched against known security issues.
- Employees storing data in locations that are not backed up, i.e. on their own devices instead of the company network.
- IT systems being overloaded due to the sudden increase in remote connections or increased usage of select applications and services.
- New applications and services being rapidly deployed without adequate testing or proper resource allocation.
- Remote workers being unfamiliar with new systems and making cybersecurity mistakes that put data at risk (particularly at a time when phishing emails and other cyberattacks are on the rise).
Sure, there are a number of “quick fixes” to each of these issues. But to stay competitive in a post-COVID-19 world, businesses need to adopt a more long-term strategy.
That means deploying more robust backup solutions and policies that ensure continuity and data protection, no matter how operations are carried out in the months ahead.
Protecting data wherever it lives
If your workforce is going to be decentralized with workers all over the globe, then you need to be sure their data is protected, no matter where they are.
In most cases, you’ll still want employees to connect to your network remotely, so they’re able to save their files on protected servers. But what about all the data they store locally on their laptops? What about the applications that are installed only on those devices, or the data stored within them?
Even the loss of a single device can cause a costly business disruption. This is why it’s crucial to back up data at every endpoint. So, whether the user has lost a single file, or their entire machine is infected with ransomware, their data can be restored.
Physical, virtual and cloud infrastructure
For many companies, remote workers are now leveraging a wide range of tools, like remote desktop virtualization and cloud services to perform their jobs more efficiently. And, in the process, they’re also using all kinds of devices and operating systems.
None of it should be left unprotected.
Now more than ever, businesses need a unified BC/DR solution that protects the whole infrastructure: physical, virtual and cloud. If any one piece is not being included in the backup process, then data is being put at risk.
Smarter backup storage
The location of your backups is important for two reasons: 1) It affects the overall reliability and security of the backup and whether it’s accessible, and 2) It affects the speed of the recovery when data needs to be restored.
Keeping your backups stored in a single on-premise server or data center isn’t going to cut it anymore. It creates too much risk that the backup will be destroyed if a catastrophic incident occurs on site. Protecting every endpoint on your network won’t matter if everything is stored on a single backup that gets destroyed in a fire.
Every business should be replicating their backups across multiple locations for added security. A hybrid-cloud approach solves this by diversifying the backup storage:
- On-site backups stored on a dedicated backup device
- Replicated backups stored in the cloud
- Cloud backups replicated to at least one additional data center for geographic redundancy
Speeding up the recovery process
In the new, uncertain terrain following COVID-19, operational disruptions are likely to be even more costly. So, when data loss occurs, recovery needs to be fast.
This is especially important for large-scale data-loss events, as in a ransomware attack or massive server failure. Businesses must be able to restore access to critical systems within minutes, not days.
Today’s best BC/DR solutions typically offer a wide range of recovery options that can be selected based on the specific circumstances of the data loss. For example, Datto’s backup solutions provide options like Rapid Rollback, which quickly restores large sets of recently changed data (i.e. from ransomware or a failed system update), without needing to touch any of the unaffected data. This significantly improves the efficiency of the recovery, making it much faster.
But there are other scenarios in which the recovery will need to be even more robust …
Getting back to business in seconds
Imagine a scenario in which ransomware has locked up your servers, effectively freezing your critical services. Every minute those systems stay down, the costs continue to mount.
For situations like these, backup virtualization is a must. By virtualizing the backup, you can regain access to all data and applications instantly, even if a full data restore will take much longer.
Additionally, backup systems like Datto’s enable you to virtualize locally or in the cloud, providing added peace of mind that recovery can happen from anywhere. This is exactly the kind of protection that businesses need to be leveraging for continuity.
Faster response to ransomware
Numerous cybersecurity tools and stronger web/email policies can help to ward off ransomware. But when a threat slips through, businesses need to respond even faster, before the entire network is infected.
Data backup itself provides a safeguard against ransomware by allowing you to restore encrypted data back to its earlier state. But the more widespread the infection, the more challenging (and time-consuming) that restore becomes. To prevent an extended disruption, organizations must respond even faster.
BC/DR providers like Datto are tackling this challenge head-on by adding ransomware detection within the backup process. As data is backed up, it’s automatically scanned for ransomware. When signs of an infection are present, admins are notified, so they can take action even faster.
Making backups more resilient
Too many businesses are still relying on old, inefficient backup processes that are prone to data corruption and failed restores. This just isn’t going to cut it in a post-pandemic world.
Businesses need to be able to depend on their backups. After a catastrophic event, a failure to restore a critical backup could spell doom for a company, especially smaller businesses.
Organizations need to transition to newer backup technology that can drastically reduce these risks. One example we often point to is Datto’s Inverse Chain Technology. Inverse Chain eliminates the dependency on backup chains, where problems commonly occur, and stores each backup in a fully constructed state. This not only improves the resilience of the backups, but also make them faster, more efficient and quicker to restore.
No company should be crossing their fingers with the hope that backups will work when they’re needed. That’s simply not how BC/DR is done anymore.
Most of today’s backup systems offer some form of backup verification, which automatically verifies that each new backup is viable. In the case of Datto’s systems, the image-based backup is fully test-booted as a virtual machine. Additionally, it employs local verification (including file system, volume, VSS and ransomware checks), application and service verification, plus support for custom verification scripts to confirm that every aspect of the system is properly backed up. Should anything look amiss, admins are alerted, so they can resolve the problem immediately.
This process is automated and happens around the clock, ensuring that backups are healthy and working. No surprises.
A safeguard for SaaS data too
Adapting to the new normal will mean relying more heavily on cloud applications and software-as-a-service (SaaS). But while this can bring efficiency to your operations, it also creates risk.
SaaS applications leverage the cloud to keep data synced and accessible to all users, wherever they are. But unless the SaaS app is hosted locally, the data is usually stored on the SaaS provider’s own servers. This means companies lose a bit of control, especially when it comes to data backups. When data loss occurs on the user end (from accidental deletion, migration errors, ransomware or other causes), there are typically limited restore options.
As companies transition to SaaS, they need to consider ways to safeguard that cloud data too. Third-party SaaS backup tools like Backupify, for example, run automatic backups at least once a day for common platforms such as G Suite and Office 365.
New normal, new approach
Nobody could have predicted the ways the business world would be upended by the coronavirus pandemic. But as we continue to gain more insight into what this new normal looks like, companies need to react accordingly.
Instead of merely tinkering with outdated systems, businesses must develop a completely new approach that ensures stronger data protection and continuity going forward.
Get help transitioning to stronger data protection
If you’re reevaluating your backup infrastructure, our business continuity experts can guide you to data-protection solutions that make sense for your needs. Request a free demo or contact Invenio IT to learn more about strengthening your data backup. Call us at (646) 395-1170 or email success@invenioIT.com.