data backup

(Source – Shutterstock)

Modern data backup can help IT leaders keep businesses running

Whenever any business experiences a cyberattack, it will check its data backup. For most organizations, if they have a strong data backup and recovery plan in place, the priority would be to get the system back up and running again to ensure business continuity and avoid increasing financial losses.

Even before a report of a cyberattack is made, businesses will ensure their backup system is running. In fact, businesses having a well-planned data backup and recovery process on the cloud can keep the business running despite a cyberattack. While some legacy backup systems, like tape backup, are considered more secure by a few, these systems could take some time to get online and recover the system.

According to Veeam’s Data Protection Trends Report, companies today are challenged with more complex hybrid IT environments and are raising budgets to fend off cyberattacks as well as keep up as production environments continue to diversify across various clouds. The result is that IT leaders feel they aren’t sufficiently protected. The top priority of organizations this year is improving the reliability and success of backups, followed by ensuring that Infrastructure as a Service (IaaS) and Software as a Service (SaaS) protection is equitable to the protection they rely on for datacenter-centric workloads.

Highlights from Veeam’s report show that businesses needed modern data protection to keep their business running. According to the survey, organizations are looking for a modern data protection solution that can integrate data protection within a cyber preparedness strategy.

The report showed that in the Southeast Asia and Korea region, only 22% of businesses experienced no ransomware attacks in 2022 with 16% experiencing four or more attacks in 2022. In fact, 39% of organizations stated that ransomware (including prevention and remediation) was the biggest hindrance to Digital Transformation or IT modernization initiatives, due to its burden on budgets and manpower. As startling as those statistics are, the global results of the attacks are even worse.

When organizations were asked about their most significant attacks in 2022:
• 39% of their entire production data set was successfully encrypted or destroyed
• Only 55% of the encrypted/destroyed data was recoverable

The need for modern data backup and recovery

Thus, it is no surprise that when asked what organizations were looking for in a modern data protection solution, their most common response of a modern data protection solution is the “integration of data protection within a cyber preparedness strategy.”

Yet, the report stated that four out of five organizations believe that they have a gap, or a sense of dissatisfaction or anxiety, between what their business units expect and what IT services can deliver. 82% have an ‘Availability Gap’ between how quickly they need systems to be recoverable and how quickly IT can bring them back. 79% cite a ‘Protection Gap’ between how much data they can lose and how frequently IT protects their data. These gaps are one reason that 57% of organizations expect to change their primary data protection in 2023, as well as the justification for increased data protection budgets.

However, increasing budgets should not mean businesses reduce their data protection. While organizations are expected to raise their data protection budget by 6.5% in 2023 in other areas of IT. Of the 85% of organizations planning on increasing their data protection budgets, their average planned increase is 8.3% and often alongside increased investments in cybersecurity tools.

Due to its burden on budgets and manpower, ransomware and the current volatile cybersecurity landscape are taking priority for IT teams. This is causing IT resources and budgets originally allocated toward Digital Transformation initiatives to pivot to cyber prevention. Not only do cyberattacks drain operational budgets from ransoms to recovery efforts, but they also reduce organizations’ ability to modernize for their future success; instead, they must pay for prevention and mitigation of the status quo.

At the same time, with containers becoming mainstream, the approach to data protection needs to change. 52% of respondents are currently running containers, while 40% of organizations are planning to deploy containers – and yet, most organizations are merely protecting the underlying storage, instead of holistically protecting the workloads themselves. This is typical as new production platforms enter the mainstream, followed by the recognition that legacy methods are insufficient, thereby creating an opportunity for third-party backup tools to ensure comprehensive protection.

Danny Allen, CTO and Senior Vice President of Product Strategy at Veeam states that IT leaders are facing a dual challenge, especially since they are building and supporting increasingly complex hybrid environments, while the volume and sophistication of cyberattacks increase.

“This is a major concern as leaders think through how they mitigate and recover business operations from any type of disruption. Legacy backup approaches won’t address modern workloads – from IaaS and SaaS to containers – and result in an unreliable and slow recovery for the business when it’s needed most. This is what’s focusing the minds of IT leaders as they consider their cyber resiliency plan. They need Modern Data Protection,” commented Allen.

As such, the report indicates that reliability and consistency (protecting IaaS and SaaS alongside data center servers) are the key drivers for improving data protection in 2023. For organizations that are struggling to protect cloud-hosted data with legacy backup solutions, they will likely supplement their data center backup solution with IaaS/PaaS and/or SaaS capabilities.

As ransomware is both the most common and most impactful cause of outages, alongside natural disasters, organizations should implement backup and recovery solutions that support a holistic approach to data protection, that can integrate with other cyber detection and remediation technologies to ensure comprehensive cyber resilience.

Cloud-based services seem nearly inevitable for organizations of all sizes. But similar to how there isn’t just one type of production cloud, there isn’t just one protection cloud scenario. Organizations should consider cloud tiers for retention, Backup as a Service and ultimately, Disaster Recovery as a Service.