Ransomware attacks have been hitting hard lately, with over half of organizations experiencing at least one this year, according to a recent study. Recovering data often means negoitating with cybercriminals, but why put an organization in such position when there are ways of preventing it?
To select a suitable data recovery solution for your business, you need to think about a variety of factors. We’ve talked to several industry professionals to get their insight on the topic.
Steve Blow, Systems Engineering Manager EMEA, Zerto
Recovery has become one of the most challenging issues, particularly where organizations rely on day-old or even week-old backups. The inevitable gaps and data loss that results from this are costly and highly disruptive. And while having appropriate role based access controls and an extensive tiered security model will help minimise the risk of an attack, without adequate recovery tools, any outage that does occur presents an ongoing risk of data loss and reputational damage.
When choosing a data recovery solution, three key considerations should be front of mind:
Local journaling technology – rather than traditional periodic snapshots or nightly backups – enables recovery from checkpoints only seconds apart. This supports day-to-day backup restores across any application and recovery without the data loss, downtime or production impact of traditional backup solutions.
Backup and disaster recovery
Continuous data protection unlocks the fastest recovery time objectives and recovery point objectives to easily recover anything, from single files or applications to entire sites, in any chosen infrastructure.
Security and compliance
A granular recovery experience enables rapid recovery from cyberattacks and should include visibility and indexing capabilities to ensure the lowest possible RTOs, so you can remain proactive and alert. This also enables archiving, storage and monitoring of data for as long as needed. Solutions should deliver automated reporting for disaster recovery testing to meet compliance and regulatory mandates.
Peter Groucutt, Managing Director, Databarracks
Choosing a data protection solution can be a bit of an adventure. Do you need a “Next gen, scale-out backup appliance”, a “Recovery orchestration tool” or “Copy data management”? These are all genuine product categories but we find them to be incredibly confusing.
We prefer to categorise solutions as “Backup”, “Replication” or “All-in-one appliances”. In an ideal world, you would only need one product for backup and disaster recovery. Combined solutions keep things simple, but tend to make compromises, so you may need both.
Backup solutions are efficient at storing a lot of historic versions of your data. That’s vital for long-term retention, for GRC and for ransomware recovery. The downside of backups is that they take a long time to recover all your data at once.
Replication on the other hand lets you fail-over from one site to another without any downtime. The downside is that it copies problems from your production site to your DR site. For example, your DR site is useless if you replicate ransomware to it.
Before you assess vendors, define your Recovery Point and Time Objectives (RPO & RTO) and set your data retention policy. Then, you can go out to market and find a solution (or solutions) that meets those needs.
Stacy Hayes, Managing Director, Assured Data Protection
Today’s world of malicious threats, rising cases of ransomware, hyper-convergence, and hybrid cloud make disaster recovery infinitely more complex. Combine that with the time pressure of the business grinding to a halt whilst waiting on IT staff to mitigate any data breach, it’s quickly apparent that there is a real risk to any business to continue without a robust DR solution.
Firstly, before planning anything new, ensure you research the vendors and the technology that’s available to give you insight into some of the customers who chose each vendor. For best results, it’s important to find a technology that encompasses backup, instant recovery, replication, search, analytics, archival, compliance, and copy data management securely in the data centre and cloud.
Secondly, consider if your business can manage everything in-house or if you need to engage with an outsourced partner who provides a platform upon which you can recover your data to. Ensure they can provide a recovery environment that is comparable to that in the original workplace to allow your business to continue to function and proactively manage threats
Thirdly, find customer case studies from the providers you’ve been researching to see if any are applicable to you. Focus on companies who can share examples that illustrate in real, practical terms how a data security provider switch will look.
Alexander Ivanyuk, Technology Director, Acronis
Start by asking yourself, how do I build my security posture in a way where I’ll never or very rarely have to recover data? If your security product can effectively block threats to data, you only may need to restore it in case of natural disasters which are uncommon.
That is why it is important that security and data recovery solutions are integrated because otherwise, data recovery will also always be lengthier than it could be. Look for a product which can restore the configuration to dissimilar hardware, support hybrid environments, cloud-physical-virtual migrations.
Backup and restore should support all the types of workloads you need. If we talk about a serious approach, you should consider disaster recovery options and pay attention to such things as Instant off-site failover to the cloud recovery site, support of run books, customer configuration, and so on.
It’s important that your data protection solution supports real continuous data protection and is flexible on what changes to track with transparent automatic backup options, otherwise, you will always be restoring an outdated copy of your data.
Last but not least, be sure to actually test data recovery in the field: while on paper vendors can claim fast restoration, in reality it can be quite the opposite.
Russ Kennedy, Chief Product Officer, Nasuni
Investing in security will go a long way toward protecting your business. Eventually, you should expect that an issue will occur, and to recover as quickly as possible without disrupting your business, you need a partner that can give IT the power to restore files and volumes accessed by many different users in minutes.
This technology partner should leverage the cloud with secure backup and provide the most flexibility in meeting recovery time and recovery point objectives. From a business continuity standpoint, file backup in the cloud can offer the instant recovery that is needed in times of crisis – making it an essential component of a successful crisis management or contingency plan.
The core features of a data recovery solution needs to factor in speed, data recovery and testability, enabling business continuity. An immutable file system that can be leveraged cross-teams and across countries is the key – this means that files are stored in the cloud as immutable WORM (write once, read many) data and previous versions cannot be corrupted.
Above all, work closely with your cloud provider to come up with recovery plans and execution and run frequent tests on small data sets. That way, if your business is under risk or attack, you’ll be able to follow clear steps to recover as quickly as possible.
Stephen Manley, CTO, Druva
Data recovery is no longer just about speeds and feeds. With application data expanding, cybersecurity threats on the rise, and compliance regulations continuously evolving, a modern approach is needed to meet today’s requirements.
To choose a modern data recovery solution, organizations should weigh four criteria:
Ransomware resiliency – Ransomware first targets backups because you cannot recover backups that have been corrupted or deleted. You need a solution that automatically stores copies offsite in a separate account, so they are protected against ransomware.
Protect all data in all locations – Edge, SaaS applications, public cloud, and data centers all run business critical applications that depend on data. Your recovery solution should work across your entire environment – today and in the future.
Automatically scale – If you are recovering data, speed matters. Of course, you don’t want to pay to overprovision your protection infrastructure for the rare restore event. Therefore, you need a recovery solution that can scale up when you need to recover a data center, cloud VPC, or SaaS applications, but then scales down when everything is working.
Recover applications, not just data – Businesses run on applications, not just data. The recovery solution should help reliably recover your applications. From Salesforce and Microsoft to virtualized and cloud-native applications – recover what matters.
Rajiv Mirani, CTO, Nutanix
Whether an IT team is looking to secure a hybrid work environment or strengthen protection against ransomware attacks, it is now even more crucial for employees to have secure access to applications, services and data. When selecting a BCDR solution, advanced but easy-to-use data recovery is paramount. DR should be native and simple, it should not add to existing complexity. This solution should also allow for regular DR testing to improve disaster readiness and the reliability of the solution.
Additionally, IT teams should ensure their solution can support a zero-trust approach to security. This is important in helping businesses weather the current hybrid work model now and in the future. But making sure your primary datacenter is fully secure is not enough. When selecting a BCDR solution, it is important to be able to implement the same policies across sites, to ensure data is fully protected.
Last but not least, teams should look for an integrated solution that provides multiple tiers of protection and recovery based on RPO and RTO needs. This solution should also provide policy-based, automated failback and failover on different targets, whether it is from on-premises to on-premises or on-premises to the public cloud, to adapt to specific needs.
David Ngo, CTO, Metallic
As threats to business data, such as ransomware attacks and malicious insiders, grow in both number and sophistication, selecting a solution able to recover this data from a secure backup is more important than ever.
CISOs and other IT professionals need to ensure that, if a cyberattack penetrates their defenses and locks, alters or destroys their data, they have a solution in place that allows them to rapidly recover from the attack.
As these professionals select a solution that will help them do this, they should consider whether the solution will ensure the security of their backups with virtual airgaps, encryption, and good operational processes that are validated with SOC2 and ISO certifications.
Also, protecting only a subset of their data is not enough. It’s important to select a solution that supports a broad set of workloads (files, apps, databases, virtual, containers, cloud) from a single extensible platform and user interface. It should also support hybrid environments with flexible storage for on-premises as well as cloud workloads. This will allow them to recover all their data with a single solution from a single pane of glass.
Finally, they will likely want a recovery solution delivered how they want it — be this as a software subscription, in an integrated appliance, via SaaS or as a partner-managed service.
Sergei Serdyuk, VP of Product Management, NAKIVO
As with any strategic decision, the first thing to do is formulate your goals and expectations. In the case of selecting a backup solution, a good place to start would be to understand what you need to back up and why. Setting the expectations will help you navigate the extensive functionality of data recovery solutions and find the one that excels at what you need.
If you already have your RTO and RPO defined, you can test whether a given solution is up to the task. If the solution is expected to be a part of the disaster recovery plan, check whether its disaster recovery functionality is built-in or requires additional components.
Another thing to be on the lookout for is whether the solution provides sufficient automation capabilities. Performing backups of all your workloads manually is the least efficient way, not to mention that this approach invites human error. Selecting advanced automation and orchestration functionality is key.
Security is another important aspect of data recovery. Look beyond the essentials of unauthorized access. With the evolving challenge of ransomware, check whether the solution allows you to protect your backup data from deletion or corruption by malware. The main thing to look out for is immutable backups for different types of storage, like local repositories and, most importantly, in the cloud.
Gil Vega, CISO, Veeam
Selecting the best data recovery solution for your business is not a one-size-fits-all situation. The most important point in the process is establishing your requirements. For example, some companies may have customer expectations and requirements driving certain strategies, while others face pressure to focus on “restore time objectives” that drive their backup and recovery strategies.
Look for solutions that are platform and hardware agnostic and focus on speedy and complete backup and restoration capabilities. In today’s dangerous cyber threat environment, solutions should also have capabilities to provide deep analysis of your backups for threat detection that also allow you to analyze and change the rates of those backups to determine if any data has been compromised. Being able to quickly and successfully recover from a ransomware attack could ensure the survival of your business.
It’s also a good idea to follow Veeam’s golden rule of backups (3-2-1-1-0): 3 copies of your data on 2 two types of media, with 1 off-site. Ensure one of your backups are air-gapped or immutable and you should have no errors when testing file restoration.
Ryan Weeks, CISO, Datto
The strength or lack of data recovery solutions within an organization can have a significant impact on a business’s future. Whether it is a natural disaster or a ransomware attack that causes downtime, organizations need to be prepared for when they are forced offline – not if. They need to select technology that will enable them to quickly get back up and running in the event of an unexpected business disruption.
Given the hybrid nature of many organizations today, an effective data recovery solution is required to support a dual environment and address the unique challenges associated with both on-prem and cloud platforms. Unlike simple data recovery, a business continuity solution addresses processes, policies, and procedures related to preparing for recovery or continuation of business infrastructure and proactively protects clients’ systems and data against disasters of all types.
The solution should offer hybrid cloud backup, fast recovery time, and image-based backup to ensure it captures images of all data and systems, rather than simply copying the files. In addition, given the narrow recovery windows often required, confirmation of the correctness of a virtual machine by automatically verifying VM startup is critical. Lastly, an immutable cloud infrastructure – or one that can’t be changed or modified after its creation – offers multiple layers of security to provide maximum protection for MSPs.