Ad Image

Best Backup Strategies in an Era of Consolidation

Object First’s Eric Schott offers insights on the best backup strategies to consider in an era of consolidation. This article originally appeared on Solutions Review’s Insight Jam, an enterprise IT community enabling the human conversation on AI.

Dealing with understaffed IT teams and an abundance of vendor solutions on the market, IT leaders are re-evaluating their tech stacks to see where reprioritization may be able to improve efficiency and retain staff. 76 percent of IT companies report difficulty filling roles, indicating a continued talent shortage. On top of that, IT teams are overwhelmed with the volume of vendor solutions, resulting in an often confusing tech stack that requires specialized skill sets to manage. Increasing complexity is one of the biggest concerns facing IT leaders in 2024.

Therefore, it’s no surprise that IT leaders are moving toward consolidation of applications and infrastructure, a process that involves an audit of existing technology to identify redundancies and unload or combine technologies into a more integrated ecosystem. Backup environments require unique decisions when considering consolidation. Backup environments have close connections with production and also need separation to survive issues in production that must be restored from the backup environment. Backups are a unique part of a company’s infrastructure and should be treated as such. Outlined here are best practices to consider for backup strategy when undergoing IT consolidation.

Is Tech Consolidation Compromising Security?

In today’s threat landscape, companies can’t ignore the unintended consequences of tech consolidation. Given the frequency of cyberattacks – 58 percent of organizations reported experiencing six or more ransomware incidents in 2023 – it’s a matter of when, not if, and how often an organization is breached. Additionally, backups are now a primary target for cyberattacks, with cybercriminals attempting to compromise backups environments in 94% of ransomware attacks. They also demand more ransom when they successfully compromise backups as they have more leverage: $2.3 million on average compared to $1 million on average for companies whose backups remain untouched.

Due to this concerning trend, companies should think carefully about what consolidation means, and how they go about it for their backup infrastructure. Bringing backup into the production environment opens the door for attackers to steal/corrupt sensitive data either from production or the backup environment. The best way to prevent cybercriminals from infiltrating backups is to segment backup data away from the primary production environment and apply unique protections for the backup data.

Production storage infrastructure requires read-and-write access across enterprise applications and data sources, creating an inherently large attack surface. Separating backup infrastructure into a separate security domain – such as segmenting backup software from backup storage – minimizes the attack surface and reduces risks. While it may be tempting to bring all copies of data into one provider, this creates an easy journey for cyber attackers who infiltrate your network.

If they breach a consolidated backup environment, the attackers gain access to both the backup software and backup data and can corrupt, modify, and delete an organization’s data at will. But with the segmentation of backup environments from production, and backup software from backup storage, production and backup software environments can be recreated if the backup data survives the event.

Prioritizing Proper Data Hygiene Among Consolidation 

Even without consolidating backup infrastructure, IT teams can still simplify their backup without compromising security. Start by following the 3-2-1 rule. This methodology states companies should have three copies of their data on two different types of storage media, one being offsite. For most organizations, this will look like a hybrid cloud environment, where some copies of data are kept offsite, perhaps in the cloud, and other copies are kept on-premises.

More organizations are becoming familiar with the Zero Trust model, but it has not been substantively applied to data backup and recovery. A new framework called Zero Trust Data Resilience (ZTDR) builds on CISA’s Zero Trust Maturity Model to extend its principles to data resilience. Preventative strategies are important, but one reason why Zero Trust is so effective is because it operates under the assumption that breaches will occur. With that mindset, the solution becomes about survival, detecting, and recovering from the intrusion.

In addition to segmentation and following the 3-2-1 rule as discussed above, ZTDR recommends:

  • Verification of identity using Identity and Access Management (IAM) and Multi-Factor Authentication (MFA)
  • Following the concept of least-privilege access, wherein employees are only given the minimum levels of access permissions required for their role
  • Utilizing immutable backup storage, which protects backup data from being modified or deleted once it has been uploaded to the storage device. Immutability definition is more than a protocol claim, it means unable to modify or delete the data, regardless of the breach scenario. Zero access to root and OS is an essential part of achieving immutability as it protects against insider threats and compromised accounts wreaking havoc on backed up data
  • Encryption of backup data by the segmented backup software minimizes data exfiltration via the backup storage environment, even if all credentials for storage access are known by the attackers

Following these best practices means company data will always be recoverable in the event of an attack and enable faster restoration than if data was stored just in the cloud. True immutability inherently means that there is little administrator security expertise. The administrator can focus on required Recovery Point Objective (RPO) – production data is automatically backed up on a set schedule and no one is able to alter it.

Creating this kind of a structure simplifies back storage for data administrators and creates peace of mind that valuable company data remains safe and available. When considering where to consolidate, keep backup best practices top of mind.

Share This

Related Posts