Data resiliency is much more than backup

25 April 2023
| Ein Kommentar
Data resiliency is much more than backup
Advertising

Share post

Data resiliency isn't a technology, it's not a solution, it's a mindset that all organizations should embrace. Its primary purpose is to fulfill business continuity and to create business continuity plans. A comment by Florian Malecki, Arcserve.

The good news: According to a global study by Arcserve, 83 percent of IT decision makers include data resiliency in their business continuity strategies. On the downside, only 23 percent have a mature approach to data resiliency. This is by no means enough, even from a benevolent perspective, because a solid plan is essential for data security, especially as organizations move to hybrid IT environments. When high performance is required and a catastrophic failure occurs, organizations need to have a well thought out and tested data recovery plan in place.

Advertising

No data, no company

An old adage: Data is the fuel of modern companies. So when a company loses access to its data, it is unable to move forward. Data resiliency solves this challenge. It enables any business to quickly recover from a data-threatening event and continue to thrive in the digital economy.

There are three key steps for organizations to develop a robust data resiliency strategy:

Advertising

Subscribe to our newsletter now

Read the best news from B2B CYBER SECURITY once a month



By clicking on "Register" I agree to the processing and use of my data in accordance with the declaration of consent (please open for details). I can find more information in our Privacy Policy. After registering, you will first receive a confirmation email so that no other person can order something you don't want.
Expand for details on your consent
It goes without saying that we handle your personal data responsibly. If we collect personal data from you, we process it in compliance with the applicable data protection regulations. Detailed information can be found in our Privacy Policy. You can unsubscribe from the newsletter at any time. You will find a corresponding link in the newsletter. After you have unsubscribed, your data will be deleted as soon as possible. Recovery is not possible. If you would like to receive the newsletter again, simply order it again. Do the same if you want to use a different email address for your newsletter. If you would like to receive the newsletter offered on the website, we need an e-mail address from you as well as information that allows us to verify that you are the owner of the e-mail address provided and that you agree to receive the newsletter. Further data is not collected or only collected on a voluntary basis. We use newsletter service providers, which are described below, to process the newsletter.

CleverReach

This website uses CleverReach to send newsletters. The provider is CleverReach GmbH & Co. KG, Schafjückenweg 2, 26180 Rastede, Germany (hereinafter “CleverReach”). CleverReach is a service that can be used to organize and analyze the sending of newsletters. The data you enter for the purpose of subscribing to the newsletter (e.g. email address) will be stored on the CleverReach servers in Germany or Ireland. Our newsletters sent with CleverReach enable us to analyze the behavior of the newsletter recipients. This can include It is analyzed how many recipients have opened the newsletter message and how often which link in the newsletter was clicked. With the help of so-called conversion tracking, it can also be analyzed whether a previously defined action (e.g. purchase of a product on this website) took place after clicking on the link in the newsletter. Further information on data analysis by CleverReach newsletter is available at: https://www.cleverreach.com/de/funktionen/reporting-und-tracking/. The data processing takes place on the basis of your consent (Art. 6 Para. 1 lit. a DSGVO). You can revoke this consent at any time by unsubscribing from the newsletter. The legality of the data processing operations that have already taken place remains unaffected by the revocation. If you do not want an analysis by CleverReach, you must unsubscribe from the newsletter. For this purpose, we provide a corresponding link in every newsletter message. The data you have stored with us for the purpose of subscribing to the newsletter will be stored by us or the newsletter service provider until you unsubscribe from the newsletter and deleted from the newsletter distribution list after you have canceled the newsletter. Data stored by us for other purposes remain unaffected. After you have been removed from the newsletter distribution list, your e-mail address may be stored by us or the newsletter service provider in a blacklist if this is necessary to prevent future mailings. The data from the blacklist is only used for this purpose and is not merged with other data. This serves both your interest and our interest in complying with the legal requirements when sending newsletters (legitimate interest within the meaning of Art. 6 Para. 1 lit. f GDPR). Storage in the blacklist is not limited in time. You may object to the storage if your interests outweigh our legitimate interest. For more information, see the privacy policy of CleverReach at: https://www.cleverreach.com/de/datenschutz/.

Data processing

We have concluded a data processing agreement (DPA) for the use of the above-mentioned service. This is a contract mandated by data privacy laws that guarantees that they process personal data of our website visitors only based on our instructions and in compliance with the GDPR.

1. Create a plan and test it regularly

The strength of any data resiliency strategy depends on the extent to which all components are regularly tested and adjusted. Being reactive is not enough. Businesses can't wait for a disaster or attack to strike and then rush to implement what they think is a good strategy and then figure out if it's good enough or not. Planning and testing are essential for success. A well thought out and continuously tested data resiliency strategy can mean the difference between working and not working businesses.

In addition to data loss, for example due to a cyber attack, there is a risk of further adversity: numerous studies show that companies affected by a ransomware attack or another type of data loss have great difficulty winning back their customers. A study found that 88 percent of clients use the services or products from a company they don't trust. Additionally, 39 percent of customers lose trust in a company that misuses data or suffers a data breach.

2. Management involvement

Data resiliency should not only be the responsibility of the IT department, but also of senior executives and business owners. However, in many companies, data resiliency is still not a top management priority. But it should, especially with the introduction of new cybersecurity measures like the NIS 2 directive in the EU. A successful data resiliency initiative begins at the top of the organization with executive and board approval. When this is the case, the rest of the company will also recognize the importance, keep an eye on it and address the situation if necessary.

In many organizations, initiatives to improve data resiliency are slow to be adopted because of a lack of top-level ownership. Like any investment, a data resiliency initiative needs broad support across the organization. In addition, it should also be supported by external partners and service providers. For an initiative to work, everyone involved must know their role in day-to-day operations and in the event of a disruption.

3. Layered approach

The key to establishing data resiliency is taking a layered approach and providing an infrastructure that supports all data resiliency requirements. One important layer is to perform regular backups and make copies that are stored in a digital, immutable “vault”. In this context, storage snapshots should also be created and saved in an unchangeable place in a safe place. In the event of a disaster or attack that corrupts data, these snapshots are available for instant recovery. This is how the Italian city of Palermo recently recovered its data after a cyber attack.

Automation and orchestration are two other key components of a layered approach that contribute to orderly and rapid data recovery. This should include processes and automated workflows that ensure consistency and minimize complexity - especially when time is of the essence and quick action is required. In this way, data can be recovered quickly and the business can get back to business as usual without damage.

Three backup copies on two different media types

Another key element of a layered approach is 3-2-1-1 backup. Three backup copies of data are kept on two different types of media - tape and disk - with one of the copies offloaded to allow for quick recovery. There should also be an immutable copy in an object store. Immutable object storage continuously protects data by taking a snapshot every 90 seconds. The advantage: Even in the event of a disaster, these data snapshots can be used to return to the current data status.

Conclusion on data resilience

A good data resiliency strategy is highly beneficial to organizations. It enables them to handle rapid data growth and diverse workloads, unify data recovery, and quickly recover from an event that compromises data. Companies benefit from advantages such as improved performance, lower costs, reliable and efficient business processes, minimized risk and strong protection in all areas of the company.

More at Arcserve.com

 

About Arcserve

Arcserve offers exceptional solutions to protect the valuable digital assets of companies that require complete and comprehensive data protection. Arcserve was founded in 1983 and is the world's most experienced provider of business continuity solutions for securing multigenerational IT infrastructures with applications and systems in any environment, on site and in the cloud. Companies in over 150 countries around the world rely on Arcserve's highly efficient, integrated technologies and expertise to reduce the risk of data loss and prolonged downtime while reducing the cost and complexity of data backup and recovery by up to 50 Reduce percent. Arcserve is headquartered in Minneapolis, Minnesota with numerous locations around the world.

 

Matching articles on the topic

Sophisticated Phishing-as-a-Service (PhaaS) platform

Security researchers have uncovered a sophisticated Phishing-as-a-Service (PhaaS) platform that poses a serious threat to organizations around the world. The threat actor ➡ Read more

PDFs: The Trojan Horses of Hackers

Cybercriminals are increasingly using the popular PDF file format to hide malicious code. Recent IT forensics findings underscore this: 68 ➡ Read more

Maximum IT security for OT systems

OT systems are rarely attacked directly. However, gaps and vulnerabilities in traditional IT make OT systems more vulnerable to attacks. ➡ Read more

IT resilience: cybersecurity at the storage level

More data security features for greater IT resilience at the storage level: Cyber ​​security managers can pursue a proactive data security approach at the storage level with highly secure NetApp storage and thus ➡ Read more

Algorithms for post-quantum cryptography

A provider of IT security solutions introduces Quantum Protect, a post-quantum cryptography application suite for its u.trust General Purpose Hardware Security Modules (HSMs) ➡ Read more

Power grid threat: security gaps in solar systems

A cybersecurity solutions provider published its research report “SUN:DOWN – Destabilizing the Grid via Orchestrated Exploitation of Solar Power Systems”, which ➡ Read more

Cloud and SaaS security is inadequate

A recent study shows that companies' security strategies are failing to keep pace with the rapid adoption of cloud-native technologies. 28 ➡ Read more

Vishing: Criminals rely on voice phishing attacks

Using AI-generated deepfakes, cybercriminals imitate trusted voices. Vishing exploded in the second half of 2024, according to the results of a ➡ Read more

Arcserve, PR News
, , , , ,