In the mid-1990s, today’s highly connected and interconnected world was just a glimmer on the horizon. But the rise of the internet, wearable technologies, smartphones and IoT-connected devices have all changed the rules of the game when it comes to obtaining and processing data.
In response, governments and regulators have spent the past decade struggling to adapt aging data protection laws to meet the challenges of technological advancements. This includes setting minimum standards for data protection and recovery from malware attacks.
To date, more than 130 countries around the world have enacted privacy laws, the GDPR and the California Consumer Privacy Act (CCPA) setting the standard for data protection and privacy. For organizations without valid protections in place, a data breach risks both severe fines and reputational damage.
At the heart of all this regulatory activity is one fundamental principle: the idea that data should always be kept secure. This is no easy task as organizations continue to digitize their operations in the wake of the pandemic crisis and become increasingly dependent on data for automated decision making or interaction with consumers and retail chains. hyper-connected supply of today.
Between a rock and a hard place – the growing data protection dilemma
At the very least, data breach regulations and penalties have helped inspire organizations to take their data protection responsibilities seriously. But the past 18 months have increased data protection risks as cybercriminals take advantage of recent digital changes to unleash a host of ransomware attacks that put data and application availability at risk.
Today, ransomware is the most serious threat facing organizations that need to protect critical data assets. And ransomware is increasing in both severity and scale. According to a recent IDC report, 95% of businesses have experienced a ransomware or malware attack in the past 12 months, and 43% have experienced unrecoverable data loss. Meanwhile, the Harvard Business Review reports that the attackers’ claims now amount to tens of millions of dollars. Indeed, the global cost of ransomware is estimated to exceed $ 265 billion by 2031.
As demand for ransomware skyrockets, insurance companies are now considering withdrawing – or making coverage more difficult and expensive to obtain – cyber insurance policies that previously provided a safety net when organizations were hit by a disaster. successful attack.
With so many challenges, today’s data-driven organizations must quickly rethink their data protection and resiliency strategies. Because it’s only a matter of time before they become a target for hackers.
Ransomware Mitigation: Why It’s Time to Modernize Backup and Restore
Recovering their systems and data quickly is the number one challenge facing businesses that experience a ransomware attack. With encrypted files and normal operations interrupted, remediation is often a long and expensive proposition, especially if existing backup processes mean that the last snapshot is from a day to a month or more ago. No wonder companies choose to pay ransom demands, especially if their data loss has been days or even weeks.
The crux of the matter is that many organizations are still using data backup and recovery strategies that were designed back in the days when ransomware wasn’t such a big deal. Moreover, they still depend on legacy data protection technologies which are only capable of recalling data from periodic snapshots.
For organizations operating in today’s economy 24/7, this is not acceptable. Modernizing data protection, including backup and disaster recovery, is a must for any business that needs to keep abreast of every changing detail in real time.
Having the ability to recover data at a granular level and at a recent point of consistency not only helps to minimize data loss. It also speeds up database recovery and application restart. To achieve this, organizations will need to implement a continuous data protection approach that makes it easy to achieve sub-minute recovery point (RPO) goals.
Continuous data protection: the benefits
Ransomware recovery has become the primary use case to initiate Continuous Data Protection (CDP) which allows data to be recovered just before an attack.
By continuously tracking and capturing every data change and storing every user-created data item locally or in a target repository, CDP is an incremental process that continuously replicates data to a log file. All of this allows IT teams to restore data to a point just before the disruption, rather than minutes or hours before. So users can pick up where they left off. There is no need to rely on snapshots or backup copies that can be up to 24 hours old.
Enabling Instant Recovery isn’t the only benefit. As more organizations invest in more multi-cloud infrastructure and applications, the need for a cloud-native data protection layer that ensures data and applications remain available even if cloud services are interrupted increases. It also means that data recovery is becoming an increasingly complex proposition. A solution that involves meeting multiple potential recovery needs: on-premises to cloud, cloud-to-cloud and even cloud-to-premises. Fortunately, today’s CDP technologies also simplify the protection, recovery, and mobility of applications across private, public, and hybrid clouds, enabling IT teams to fill potential data management gaps and recover data from anywhere and anywhere.
CDP is also used to modernize other backup tasks like long-term retention of data that needs to be stored for long periods in accordance with regulatory requirements.
The state of data protection in 2021
Today’s businesses are under constant threat from cybercriminals, and any loss of data can lead to regulatory fines and loss of consumer or customer confidence. While stricter laws and regulations have helped focus organizations’ attention on the need to be – and stay – compliant with respect to data protection responsibilities, non-compliance with regulations data protection isn’t the only business risk organizations face.
Rapidly evolving IT landscapes and digital transformation initiatives mean that legacy backup and recovery technologies are no longer up to the task of protecting data or enabling the âalways-on businessâ – and the consequences of doing so. data loss can have a devastating impact that goes far beyond paying regulatory fines.
In response, organizations need to modernize their data protection, backup and disaster recovery strategies. using the highly granular nature of CDP to reduce data loss and recover data faster in the most pragmatic and cost effective way possible.
Steve Blow, EMEA Sales Engineering Manager, Zerto, a Hewlett Packard Enterprise