Data Protection Archives

Why you must protect your data to protect your business?

by Craig Andrews July 31st 2023

As one of your most valuable assets, data has the potential to make or break your business. Threats like ransomware have the potential to fatally disrupt operations, while fines for GDPR breaches could be financially devastating.

Having a robust, reliable backup solution is therefore vital. And as cloud technologies continue to develop and mature, it is time to consider hosted alternatives to traditional backup technologies like tape.

Elastic storage grows as you do

Whatever your strategic goals, one thing is certain – your data estate will continue to grow exponentially. Planning, configuring and deploying storage – and the backup systems to protect it – is a never-ending task of best guesses and over- or under-provisioning.

Cloud-based backup systems have the advantage of infinite scalability, allowing your archive repository to grow as quickly (or slowly) as your estate. Importantly, the pay-as-you-use billing model ensures you are never charged for storage you don’t use and that your budget is never wasted on unused redundancy.

This flexibility ensures your systems can grow however you need without compromising your ability to protect data against loss.

More functionality, fewer overheads

Although absolutely essential, backup is not typically a line-of-business function. Every penny invested in archiving tools is money that cannot be spent on strategic projects.

This expenditure cannot be entirely avoided, but secondary costs like the time and people required to configure a backup system are – if you use a cloud backup system. How? Because the hosted backup provider is responsible for ensuring the platform is operating correctly – and properly secured. Being able to outsource infrastructure-related tasks is a significant resource saving, allowing your IT team to refocus on business objectives, not just keeping the lights on.

Other ways you win with cloud backup services

Sending backup to the cloud solves one of the most important considerations of disaster recovery planning – physical distance between your data centre and the backed-up data. By hosting backups offsite, you can be confident that data is unlikely to be affected by a local disaster, such as fire or flood.

Cloud backup systems also allow you to set granular compliance and retention policies. Using these automatic safeguards you can prevent data overwrites and ensure that archives are kept for as long as required – legally and operationally.

Cloud backup offers the perfect blend of reliability, speed and security – without creating new, costly operational overheads. To learn more about cloud backup services and how they can help your protect your data and secure your IT future, please give the WTL team a call.

Data Protection Trends and Strategies for Containers

by Craig Andrews October 31st 2021

The demands of DevOps and continuous development have helped to accelerate the update containers. Indeed, Kubernetes and other containers are set to become the preferred production deployment technology within the next two years.

Containers present a new challenge for developers – and the data protection team responsible for ensuring they are properly backed up. So as your business accelerates container adoption, what do you need to consider?

Existing strategies and technologies probably won’t work

Unsurprisingly, traditional data protection strategies are focused on corporate data. But there is a problem with this approach; container-based applications cannot be protected in the same way that individual applications are. Backing up data alone will not restore the containers in the event of a system outage.

Anecdotal evidence suggests that this misunderstanding is not uncommon. This means that some businesses are operating a data protection strategy that will probably not meet their RPO objectives. There is a significant risk of permanent data loss if the data protection strategy is not adjusted to the realities of the new containerised environment.

Orchestration is essential

Because we have been doing the same thing for many years, attitudes and approaches to backup have become ingrained. Research conducted by the Enterprise Strategy Group suggests that many businesses are ignoring orchestration as part of their data protection strategy because they deem it irrelevant.

But as the containerised environment becomes more complex, managing backup and recovery will become too resource-intensive to complete using current tools. Orchestration offers a way to automate many low-level operations during a data loss incident. You will be able to accelerate recovery options, maintain operations according to SLAs and reduce the risk of permanent data loss too.

Re-assess data protection provisions

The hybrid cloud model has already complicated data protection. Many IT professionals are still grappling with the challenge of properly backing up data held in cloud platforms and SaaS silos; containers will further complicate matters.

It is essential to realise that current tools and techniques are not properly aligned with the needs of the containerised cloud. An urgent review of the data protection strategy is required, along with a reappraisal of the tools that are currently in use.

This review should also investigate the various specialist tools available that are specifically designed for backup and recovery of containerised applications. For maximum protection and flexibility, you will need a toolset capable of operating at Kubernetes-level and lower – including cluster-level, pod-level, namespace-level and tag-level.

Speak to an expert

As an emerging technology space, data protection for containers is not well understood – the necessary skills are hard to come by. Rather than hoping for the best or trying to re-engineer your existing strategy with unsuitable tools, you should seek third party expertise.

To learn more about protecting your containerised data and applications, please give the WTL team a call and we will guide you through your options.

Digital transformation and Continuous Data Protection

by Craig Andrews September 27th 2021

Digital transformation efforts are seeing businesses re-engineer systems and processes to become ‘data-driven’. According to research conducted by IDC, 60% of organisations have already implemented tools and methods to use data more effectively.

The issue of availability

As the name implies, data driven operations are almost entirely reliant on data. Accurate, timely, contextual information must be available whenever required to assist with decision-making and automation. This makes the issue of data protection and data recovery an even higher priority.

Historically businesses may have been able to tolerate some degree of downtime – or potentially even loss. Now that information is mission critical, neither of these is excusable. Both RTO (recovery time objective) and RPO (recovery point objective) are expected to be zero – or as close as possible.

Traditional backup systems cannot deliver

Backup systems have become increasingly complex, employing several different technologies to offer both data protection and data recovery functionality. Backup and recovery software, snapshots, mirrors and replicas all play a role in protecting systems, but they are not bulletproof – there is still the potential for loss in between captures.

Introducing continuous data protection (CDP) into your data protection strategy solves two problems. First, it will help to reduce RPO and RTO to zero. Second, CDP solves many of the problems businesses face with protecting data in their hybrid cloud environments.

Cloud trends

The issue of data backup in the cloud is of particular importance. As part of their digital transformation efforts, businesses are ever more reliant on hosted platforms like Microsoft Azure and AWS.

Your data protection provisions will need to adapt to accommodate these hybrid systems, including containerised applications and any data held in SaaS services. In most cases, the best way to achieve this functionality without over-complicating your backup infrastructure is using CDP.

Unavoidable and urgent

The constant threat posed by malware, particularly ransomware, means that businesses need to act now to protect themselves. According to IDC, 91.5% of businesses have suffered a malicious attack in the past 12 months – and 36.6% have experienced more than 25 attacks over the same period.u

Clearly it is now a case of ‘when’ not ‘if’ as every business will experience a cyberattack in the near future – often repeatedly. Each attack can be expensive due to employee overtime, lost productivity, direct cost of recovery and any costs associated with data that is permanently lost.

CDP is particularly resilient to ransomware attacks, storing immutable backups that cannot be changed or overwritten. As such, it is an excellent addition to your data protection strategy – particularly as it can be deployed to provide backups of data stored in the cloud or on premise.

To learn more about Continuous Data Protection and its role in your digital transformation efforts, please give us a call.

Do you need to get physical with a cloud backup strategy?

by Craig Andrews January 15th 2021

Virtualising backup with the cloud is powerful, effective and extremely safe. But just because data is now being archived off-site does not mean that hardware can be completely removed from your backup strategy.

In fact, physical hardware may still have an extremely important role to play in your cloud backup strategy.

1. Export by hard drive

The initial speed of a cloud backup may take weeks to complete as you transfer terabytes of data offsite. The actual time taken will depend on network and broadband speeds. Without careful traffic management, the uploads may negatively impact day-to-day operations too.

The process can be accelerated by shipping physical drives to the backup provider so that the data can be copied locally. This will be exponentially quicker – and arguably more secure – than trying to upload over the internet.

2. Restore by hard drive

Restoring from cloud archives is just as important – and fraught with the same difficulties. Speed of recovery will be limited by available internet bandwidth and download speeds.

For downloads that can be sized in gigabytes, online recovery will probably be acceptable. But for a disaster recovery scenario which involves a large amount of data, the speed of transfer is critical.

In the same way that physical hard drives can accelerate seeding of backups, they can also be employed to speed up recovery. If you plan to make cloud backup your principal method of data recovery, check to see if your service has the option of shipping physical disks.

3. Cloud as backup

The issue of time to recovery is of critical importance. Knowing that a complete dataset may take days to recover from the internet, it may be that the cloud is best deployed as a secondary backup.

In this scenario, your existing systems provide real-time services for instant recovery, while periodic (daily / weekly / monthly) backups are replicated to the cloud. Maintaining physical backups on-site minimises time to recovery, while off-site backups help to maintain the integrity and ensure that data is always recoverable.

4. Local servers for recovery testing

You know that your data is always protected when using cloud backup services – but how do you go about recovering it? Keeping spare physical servers will allow you to test your recovery protocols and ensure that they deliver against business needs.

For best results, keep at least one example of each bare metal server to ensure everything works correctly.

5. Physical recovery documentation

Modern business is driven by digital data – but there will always be a place for hard copy records in certain circumstances. In the case of disaster recovery, you must maintain physical, off-line copies of the information required to brings systems back online.

Records must include the recovery action plan, applications and serial numbers. And don’t forget to include contact details for the individual who holds the administrative passwords required for recovery and reconfiguration.

The future is hybrid

Until available bandwidth increases exponentially, there will always be a place for physical assets in your backup regime. The trick is knowing where to divide the load between local and cloud.

WTL offer a range of cloud based solutions. that can extend the rigour of your on-premise backup without without compromising control, visibility, or auditability.

For more assistance in defining a cloud backup strategy that delivers the reliability, speed and security your business demands, please give us a call.

Office 365 – How Safe is Your Data in the Cloud?

by Craig Andrews November 30th 2020

Moving operations to the cloud can offer definite improvements in terms of data security and resilience. Hosted on enterprise-class hardware with automated fail-over and load balancing increases data availability. And because data is encrypted at rest and in transit, it is much harder to use in the event of a security breach.

However, no system is infallible – including Office 365. Despite these protective measures, your data may still be at risk.

Ransomware

Malware that encrypts critical files is enough to give the IT manager nightmares. And high-profile outbreaks like NotPetya and WannaCry have helped to emphasise just how serious a threat ransomware poses to corporate networks.

Offloading storage and email functions to the cloud does help to raise the overall security of your corporate data assets. However, once infected at source, encrypted files are replicated to the cloud, rendering the off-site copy of your data similarly useless.

User error

Despite the media attention given to hackers and malware, the number one threat to the company network remains your users. Around 50% of breaches are caused by internal users.

Office 365 has some of the finest enterprise-grade security provisions available – but they can’t always protect you against stupidity and carelessness. It’s incredibly easy to delete a file by accident – and it may take months before anyone realises. Similarly, a leaked password could cause havoc if it falls into the wrong hands.

Malicious users

Less common, but even more dangerous are malicious users. These individuals are actively looking for ways to undermine their employer. They will delete data, corrupt files and change configurations to cause disruption, loss and confusion.

Generally, these users simply abuse their own security permissions, pushing the limits of what they can do. Most don’t want to get caught, so they won’t draw attention to what they are doing – and their actions may take quite some time to be exposed.

Facing the inevitable

No matter how hard you try, completely blocking all of these threats is unlikely. Despite your best efforts, eventually, someone is going to “accidentally” click a link that triggers a ransomware download. Or deliberately delete some important information.

Your business needs to tighten defences to reduce incidents of data loss – but you have to be aware that Microsoft Office 365 isn’t going to do everything for you. Much of your preparations will focus on how to recover after a data loss incident.

Robust and reliable backup and recovery will be crucial to dealing with these issues. Microsoft provides some data recovery options for their cloud services, but they are very basic. Often this is little more than a recycle bin that empties automatically every 30 days.

In some cases, issues may be identified within 30 days which is great. But one extensive study suggests it takes 280 days to identify and contain a breach. Clearly, you need a more robust backup and recovery system is required.

Cloud-based backup to the rescue

Once your defences are in place, attention must turn to how you can recover data and operations as quickly as possible. This will require a new approach to backup that can address the hybrid nature of your operations.

Moving backup to the cloud creates several new opportunities. Capacity scales automatically as your data estate increases without the need for additional infrastructure spend in your data centre for instance.

Cloud-based services are often more resilient to cyberattacks and ransomware. Replicating files to a third location (outside the local network and the Office 365 ecosystem) adds another layer of protection. Importantly, recovering data from the cloud can be extremely fast, almost instantaneous – perfect for when you need to deal with a ransomware infection immediately.

Abstracting backups in this way makes it extremely difficult for every copy of your data to be lost permanently. A malicious employee may be able to delete files – and even the Office 365 backups – but they cannot access the versions backed up automatically into the external system. Even if the loss doesn’t become apparent for many months, the missing data can still be recovered from the third-party cloud backup.

Data loss is a very real possibility, even when using Office 365. But by adding a cloud-based backup service into your technology stack, you are well prepared to deal with any incident.

WTL offers Secure Backup for Office 365 providing a resilient business continuity solution in the event of data being lost corrupted, or accidentally deleted. To learn more read our Office 365 Secure Backup brochure.