Essential elements of a strong data protection strategy

In this Help Net Security interview, Matt Waxman, SVP and GM for data protection at Veritas Technologies, discusses the components of a robust data protection strategy, emphasizing the escalating threat of ransomware.

He highlights the importance of backup and recovery protocols following the 3-2-1 rule, along with measures like role-based access control and AI-powered monitoring. Additionally, Waxman discusses cloud backup strategies, optimization practices, and integrating data protection with security and governance to increase overall cyber resilience.

What essential components should be incorporated into every data protection strategy?

Before outlining the most basic components of a data protection strategy, it may help to first explain why a data protection strategy is essential to begin with.

Mass disruption by compromising data is the greatest risk organizations face right now, with ransomware being the leading cause. Defenses such as firewalls and malware detection are crucial, but they’re not enough. In fact, recent Veritas data suggests that 65% of organizations experienced a successful ransomware attack over the past two years in which an attacker gained access to their systems. These attacks can result in monthslong and even permanent business disruption.

To combat this reality, organizations need to evolve from a cyber security mentality to a cyber resilience mentality. Comprehensive cyber resilience includes not only ways to try to keep attackers out, but also ways to recover and restore business operations as quickly as possible when, not if, they slip past permitter defenses. Enter data protection.

The most basic component of a data protection strategy is backup and recovery. Backups should follow the 3-2-1 rule: maintain at least three up-to-date copies of data on at least two different types of media with at least one of them offsite and on immutable storage. A tertiary vaulted copy of data—the “1” in 3-2-1—is the data of last resort in an attack.

The second half of the equation, recovery, is just as, if not more important, and is the ability to restore data and the business operations that depend on it from those backups. Because data protection infrastructure and administrators are often targeted as part of ransomware attacks, things like role-based access control and multi-factor authentication are also fundamental. In addition, AI-powered monitoring for suspicious activity is important.

How can cloud backup strategies enhance data protection, and what are the best practices for optimizing cloud object storage for backup and disaster recovery?

Consider again the “1” in the 3-2-1 backup rule: at least one copy of data should be stored offsite. Backing up your data to with a reliable cloud service provider (CSP) is the easiest way to do that. It also offers enhanced scalability and accessibility.

However, organizations often incorrectly assume backing up data to the cloud is buying an outcome when they’re really buying infrastructure. There’s a shared responsibility model between CSPs and their customers around data protection that far too many fail to understand. CSPs are responsible for the resilience of the cloud, but customers are responsible for the resilience in the cloud. Customers are still responsible for protecting their data.

Another fallacy is that backing up data to the cloud is inherently more cost-effective. While there are cost benefits, costs can quickly balloon out of control without optimization. Optimization best practices include data classification, tagging, deduplication and movement management to make sure organizations are saving only what they need and at the right cloud storage tiers. Considering the vast amount of data today’s organizations produce, this is best accomplished with the help of tools that automate these processes.

What key components should be included in a data protection strategy, and how do they contribute to overall data security?

Beyond the basics of data protection outlined above, it’s important to move toward a unification of data protection with data security and data governance to improve overall cyber resilience. Ransomware attacks affect the entirety of IT.

Multiple teams typically manage the response using disparate tools. Hackers love patchwork defenses because the interaction points can become potential vulnerabilities. In the face of threats that combine data exfiltration and encryption to up the ante with double extortion schemes, this integrated ecosystem of data security, data protection and data governance is the only way to achieve gap-free cyber resilience that is both proactive and reactive.

Also, today’s complex, heterogeneous, multi-cloud environments require autonomous data protection. The proliferation of applications and data from edge to core to clouds is unprecedented. Real-time manual protection is no longer possible. Reducing operational complexity through data protection that responsibly harnesses AI and hyper-automation to continually self-provision and self-optimize should be every organization’s goal.

How can organizations align their data backup practices with their overall data protection requirements, and what steps are involved in this alignment?

Instead of starting data protection strategies by planning backups, organizations should flip their mindset and start by planning recovery. After all, backups are only as good as the ability to recover from them. To do this, organizations need to understand and carefully plan for:

• What data needs to be recovered first.
• What systems need to be back online fastest.
• How they will make that happen.

Knowing these things and implementing associated plans and policies will help organizations align their data backup practices with their overall data protection strategies.