45 World Backup Day Quotes from 32 Experts for 2023
Solutions Review’s Tim King compiled this roundup of 45 World Backup Day quotes from 32 experts for 2023, part of our ongoing coverage of the enterprise storage and data protection market.
As part of Solutions Review’s ongoing coverage of the enterprise storage, data protection, and backup and disaster recovery markets, lead editor Tim King offers this nearly 7,000-word resource. The World Backup Day quotes listed below come from the most on-trend executives in the industry, and its Solutions Review’s aim to connect enterprise technologists with Expert Insights, best practices, and buying resources to enhance your work life. World Backup Day quotes have been vetted for relevance and ability to add business value.
These are the most actionable of the hundreds of World Backup Day quotes we received, and Solutions Review editors believe these are actionable and may impact a number of verticals, regions, and organization sizes.
Note: World Backup Day quotes are listed in the order we received them.
World Backup Day Quotes: Expert Insights for 2023
Paul Speciale, CMO at Scality
“Uptime is everything in today’s 7×24 business cycle, where operations hinge on organizations’ ready access to data. Surging ransomware threats elevate the importance of data privacy and protection through capabilities such as encryption and data immutability in object storage – capabilities that protect sensitive data and enable teams to get back to business fast in the event of such an attack. This makes backup the key part of an overall data protection strategy and one of the most business-critical services that IT teams provide. To ensure protection against these threats, mandatory strategies now include offsite or air-gapped copies, which can be a headache to manage, or become obsolete over time.
World Backup Day in 2023 is more than an annual reminder to do the basics. It’s a siren call to invest in a scalable and immutable system that provides quick restores, such as those offered by modern object storage solutions. Organizations that implement a backup strategy with cyber resilience at the core can enable restores that are fast, predictable, reliable and cost-effective – at scale. The value of effective backups goes beyond data protection, to delivering genuinely transformational benefits for the entire business.”
Jonathan Halstuch, Chief Technology Officer and co-founder of RackTop Systems
If you are protecting data with backups, you also need to secure it
“Organizations have been using backups as a strategy to recover data and prevent total data loss in the instances of a critical system failure or natural disaster. However, their role and effectiveness in delivering protection against cyberattacks has been exaggerated.
Backups are an essential component of several functions in the NIST Cybersecurity Framework. Specifically, backups relate to the Recover function, which involves restoring any services that were compromised in a cybersecurity incident. However, backups fail to provide protection from data theft with no chance of recovery. Any data that has been identified as valuable and essential to the organization should also be protected with proactive security measures such as Cyberstorage that can actively defend both primary and backup copies from theft.”
Backups aren’t a protection from ransomware
“Many backup vendors have added ransomware protection to their marketing language which can give customers and prospects a false sense of security. Why? Their technology protects the backup copies of data from destruction or manipulation in order to ensure eventual recovery but does not defend the primary copies of data from theft or destruction.”
Ben McLaughlin, Vice President of Lyve Cloud at Seagate Technology
Amid an evolving malware landscape, data backup continues to be the best line of defense against cyber-criminals
“A rise in ransomware as a service and extortion tactics means that organizations need to be more vigilant than ever and ensure their data is backed up and protected. Organizations should consider solutions like immutable storage, which cannot be edited or deleted, and decentralized storage, which lowers the risk of a cyberattack because data is distributed, helping them stay ahead of emerging threats.”
Efficient data backup drives innovation
“Companies most adept at managing their multi-cloud storage are 5.3x more likely than their peers to beat revenue goals by 10 percent. As generative AI applications like chatbots become more pervasive, companies will train them on their troves of internal data, unlocking even more value from previously untapped information. To make the most of chatbots and AI innovation, organizations should develop comprehensive data classification strategies and adopt technology that seamlessly moves data where it can provide the most value.”
Data classification is essential to remain compliant as data regulations increase in complexity
“Various data categories (PII, healthcare, financial, etc.) are regulated differently based on their industry and location and require unique data storage solutions. As part of their backup strategy, organizations need a unified data classification system to ensure that data is stored securely and in compliance with regulations, to help avoid regulatory fines and long-term reputation damage.”
SaaS enterprise data risk
“Many enterprises have transitioned their critical workloads to the cloud. The result is that large sections of corporate datasets are now created by SaaS applications. Many SaaS vendors do not include backups as part of their service. Organizations should recognize the existence and importance of enterprise data created by their SaaS workloads and implement appropriate data backup and protection measures.”
Lisa Erickson, Head of Data Protection Product Management at Veritas
78 percent said they’re concerned that the governments and businesses that have their personal information will be victims of ransomware or other attacks targeting sensitive data (In a recent Veritas survey of 2,000 US consumers)
“Adding to their stress, nearly half (48 percent) also said they don’t trust these governments and businesses to adequately back up their digital information so it can be recovered after an attack. Consumer concern is high, and the threat landscape continues to evolve with faster and more complex threats targeting on-premises and multi-cloud environments. It’s more important than ever for organizations to make secure data backup from edge to core to cloud a top priority.”
Start the backup process with comprehensive data classification and implement deduplication
“IT departments can’t afford to save their data indiscriminately as they face tight budgets and scrutiny over cloud spend ROI — 94 percent of organizations globally already overspend on cloud. Organizations should implement comprehensive classification systems to understand the kinds of data they have and therefore where and how it should be stored and for how long. Implementing identification, categorization and retention policies will help organizations organize their data and ensure that the critical and sensitive data is retained appropriately. Also, they can reduce their attack surfaces by establishing policies, technologies and auditing that reduces their data footprint through methodologies like deduplication.”
Double down on backup at the edge
“Organizations often don’t apply the same level of protection to the edge as they do in the data center, often due to skills and staffing shortages. Each edge device needs to be protected and backed up and the resulting edge data needs to be assessed, categorized and protected accordingly.”
Your data isn’t inherently safer in the cloud
“As part of their standard service, most CSPs only provide an uptime guarantee of their service, not comprehensive cloud data protection with guarantees. In fact, many include a shared responsibility model in their terms and conditions that a customer’s data is their responsibility to protect. The same rules apply to your cloud data that apply to all your other data: you must assess, categorize, protect and recover it. Never just assume someone else is doing that for you. The easiest way to accomplish this is to ensure that the enterprise data protection capabilities you expect and use today can be extended to hybrid cloud and cloud native.”
Automation is key to secure and cost-effective backup and recovery
“Enterprises are dealing with an unprecedented quantity and variety of workloads and data that they need to manage. AI-based methodologies and technologies that automate provisioning, lifecycle optimization and smart usage of resources like storage are necessary to keep up with these challenges, and they free up IT staff to focus on more strategic and transformational activity.”
Steve Watt, SVP and CIO at Hyland
“The key in most cases [data protection, backups and disaster recovery] is having a program that includes a 360-degree view of all the systems you need to protect, a properly prioritized continuity recovery plan, and an effective testing and audit strategy. It’s also important to develop a strategic risk program and make smart decisions on the type of recovery scenarios you’re most likely to face.
Getting a copy of your data is often the easy part, but building an effective program to address all the other aspects of data continuity is where a lot of the work happens. Regarding precautions, I would advise in relation to test plans to always be wary of simulated recovery scenarios. It’s important to do full failover and recovery whenever possible so that you truly can understand the nuances you may face in a real situation.
Ensure your business units understand the dependencies that exist on those cloud systems and how they interact with processes and on-premises infrastructure in the case of hybrid [cloud storage]. It’s also important that you have an accurate inventory and understanding of any secondary systems that functional groups use in their processes. Many times in testing, we have run into situations where you think all the right apps are being protected – only to find out a SaaS tool has been integrated into a process but not well documented. That is why it is so important to test your plans and recovery and make the business a large part of that effort to ensure something small doesn’t become an issue.“
Rob Price, Director, Field Security Office at Snow Software
“Banking collapse, volatile economies, pandemics and cybercrime don’t change the fundamentals – data is the lifeblood of every organization and needs to be protected as such. Companies need to adhere to the law, govern data accordingly and have a recovery plan in place. Backups represent the last line of defense for everything from fat fingers to state-sponsored attacks. The key, as ever, is to treat information assets according to their importance to your business and manage risk accordingly.”
Jason Konzak, SVP, Professional Services at Flexential
“Ransomware thieves are swarming the internet – and their success reflects the industry’s continued inability to implement appropriate preventative and recovery measures. Without proper backups and incident response plans, businesses are unable to recover data effectively and efficiently, putting long term business success on the line. In 2023, I urge leaders to make robust data protection a priority for their IT organizations.
Given IT admin work can quickly fall to the bottom of to-do lists, I suggest directly assigning responsibility to employees for maintaining and testing the backup strategy. On a daily basis, an assigned employee should manually review backup and DR job successes, and failures. Failed jobs need to be tracked as incidents and corrected so they do not become persistent gaps in protected data. Similarly, designated team members should test backups and DR solutions, document the results not only of success and failure, but also document the expected recovery time and recovery points (RTO and RPO). The results of these tests must be shared with organizational leadership so everyone can be on the same page about the ability of IT to protect critical data and keep business operations running.”
George Axberg III, VP, Data Protection Division at VAST Data
“Data protection operations has always focused on moving data via a backup quickly, while restores were seen as a secondary, but necessary chore. Instant Recovery is nothing new – restoring ten to twenty virtual machines (VMs) instantly has been supported for years. But with the massive inflection in data accumulation/sprawl over the last few years – how can organizations instantly restore thousands of VMs, unstructured file systems, and 20+ terabyte databases? Organizations today must be prepared not just for backup and recovery, but for instant access and instant operations at enterprise scale. To adapt and survive in today’s data intensive, AI-driven world, an organization’s business critical applications require the right infrastructure and restore capabilities to provide immediate access to their data in order to reinstitute the IT operations necessary to run their business and deliver value to customers.”
Kevin Cole, Global Director, Zerto, a Hewlett Packard Enterprise Company
“World Backup Day is a timely reminder to be proactive about protecting your data and applications from disasters, ransomware, and other disruptions. It’s easier than ever to implement scalable software solutions to ensure you have multiple copies of your data, stored in multiple locations, and in multiple formats. Securing your data is just the start: once you have a data protection strategy in place, it’s critical to consider recovery of that data should any disruption, outage, or cyber-attack occur. Especially with ransomware, speed of recovery is the key: how quickly can you resume operations and do so without losing data nor paying the ransom? Rapid recovery with no downtime and no data loss helps businesses of all sizes achieve true resilience and bounce back no matter what comes along.”
Neil Jones, Director of Cybersecurity Evangelism, Egnyte
“World Backup Day reminds us why data protection should be prioritized by all organizations on an everyday basis. Data backups have become mission-critical as organizations struggle to manage the vast amounts of data they generate in today’s hybrid work environment while navigating rising cyberattack volume and rapidly-evolving data privacy regulations.
The most significant evolution I’ve seen over the past several years is that most companies can no longer view data backup strategy monolithically. Rather, they need to balance a mature Business Continuity and Disaster Recovery (BCDR) program with lighter, more nimble backup approaches such as snapshot recovery. Here’s why: In the event of a significant, just-in-time cyber-incident like a ransomware attack, users cannot remain productive without immediate access to their data, and even minutes or hours of data interruption can have a major impact on productivity.
On World Backup Day, and every day, organizations like yours should implement effective data protection strategies like reducing data sprawl, restricting users’ access to information on a ‘business need to know’ basis, and incorporating data backup into your incident response plan. It’s also important to encourage your employees to take proactive steps to back up their data, as data protection needs to be a way of life rather than waiting for potential crises to serve as teachable moments.”
Terry Storrar, Managing Director, Leaseweb UK
“The way organizations use and store data has changed drastically in the last few years; gone are the days of clunky external hard drives and floppy disks. Now, it’s all about the cloud. In fact, recent industry research found that the majority (66 percent) of respondents suspect that the industry will see the end of on-premises infrastructure over the next two years.
With this change in storage must come a change in protection. More emphasis needs to be placed on protecting mission critical data wherever it is located and ensuring business continuity. Thankfully, modern cloud backup solutions have the benefit of being suitable for businesses of any size. They allow for data backup from any server or device, anywhere with an internet connection. Cloud backup solutions are easy to manage, and their providers offer reliable, hands-on customer support.
However, not every cloud backup solution is created equal. Organizations need to ensure that they are choosing a trusted cloud hosting provider that offers comprehensive expertise, 24/7 support and robust disaster recovery solutions. From the data center providers’ point of view, they need to take every necessary precaution to ensure that customers’ data is available around the clock, along with comprehensive backup. This includes the availability of emergency backup services, such as batteries and generators, in case of power outages. Agreements should also be in place with energy suppliers for redundant energy connections that enter the data center from different locations, redundant internet connections, and an agreement with local authorities for evacuation work to reduce possible damage to any important cables. In the event of a disaster, it’s important to keep in mind that a proactive backup plan to ensure business continuity always has multiple moving parts to consider; having the right providers and products in place helps ensure these parts work in concert if disaster strikes.”
Andy Stone, CTO – Americas, Pure Storage
“As the rate and sophistication of cyberattacks accelerates even faster than the value of enterprise data, it’s clear that data recoverability has never been more important for business resiliency. In light of this, World Backup Day provides a welcome reminder for organizations to re-evaluate their security approach, and invest in the right mix of reliable technologies and effective processes to safeguard valuable application data in a constantly changing threat environment. Both CISOs and organizations alike have the opportunity to develop meaningful data protection and backup approaches that are embedded in their infrastructure and culture. With that said, it’s critical for today’s leaders to understand and recognize the need to move away from legacy backup solutions, and instead focus on building proactive resiliency architectures supported by modernized backup strategies in order to expedite data recovery and mitigate the full impact of a cyberattack. The bottom line – when it comes to data protection, proactivity and resiliency are key.”
Rick Vanover, Senior Director of Product Strategy at Veeam
“Backup is only important when a company needs to recover data. This lesson gets learned again and again as the risk of not being able to recover data puts everything at risk. I’d challenge that organizations are generally now digitally transformed and the risk of not being able to recover data puts the entire organization in jeopardy with downtime, costs, loss of business reputation and more. This scenario would be incredibly unfortunate as one can’t recover what hasn’t been backed up. Organizations should prioritize data protection strategies to be complete in what they protect but also reliable in the ability to drive recovery when it is needed most.
Multi-modal behavior will be a trend moving forward – a ransomware threat that started with a phishing email, leveraged by a remote access implementation that was not fully secured, and then exploited a known (or unknown) vulnerability as part of an organization’s technology stack. Another trend with ransomware still exists on the people side of the equation with businesses that still don’t have a solid plan in place to address a ransomware response when it happens – because it will happen. A third trend with ransomware is actually encouraging – more ultra-resilient media types than ever. In the end, what we want data backup to do is get a business out of a problem. Ransomware will put a data backup strategy to the test and having a copy on an ultra-resilient media is the best way to get out of that problem. Ultra-resilient media types include technologies that are air-gapped, offline, immutable or require 4-eyes recovery (2 humans). There are more ultra-resilient media options than ever and advise businesses to implement the 3-2-1 Rule and refresh it with the 2 non-production copies to *both* be ultra-resilient media types.”
Dave Russell, VP of Enterprise Strategy at Veeam
“Unfortunately, we have all lost data, in our personal and professional lives. We’ve researched the causes for unplanned server outages from the last three years, and all of the things that we’ve worried about for decades, such as networking issues and accidental deletion, all remain, and now cybersecurity events have become the most common, and the most impactful cause of an outage. If there are no backups to recover from, a company risks loss of revenue and loss of brand and reputation. Our global industry data shows that backup is vital for recovering from a ransomware event, as on average, 39 percent of data is encrypted or destroyed. No organization, of any size, vertical, or geography has 2 out of 5 files, servers or applications that they can afford to completely lose.
Ransomware and cyberthreats are evolving. Unfortunately, as an industry, we are losing ground. Veeam’s unbiased, independent industry-wide research surveyed 4,200 organizations across the world, running a variety of backup solutions, with 85 percent reporting that they were hit by a ransomware attack. Only 15 percent indicated that they were not successfully attacked, which is down from 24 percent the previous year. Not only are more of us getting attacked, but we’re also getting attacked more frequently.”
Michael Cade, Field CTO of Cloud Native at [kasten.io]Kasten by Veeam
“As with all platforms, the protection of data is critical to business. The key area of focus for me though is making people aware and to understand the importance of data backup when it comes to cloud and cloud native. As many businesses are in process of moving their workloads into the public cloud and consuming as a service, it’s important to note that this doesn’t remove the requirement for data management. The cloud providers are going to keep the infrastructure available and resilient, but the data is on you as a company. Now when we get further up the stack to Kubernetes and cloud native adoption, this is just another platform. So, all those data services (regardless of where they reside), if the data is important then backup is needed.
Ransomware is inevitable. In fact, that risk is only growing according to research. From a data services perspective, there is one particular area that are being targeted by those cyber criminals – gain access to a database exfiltrate customer data, sell that data and then encrypt. Imagine that happening to your business, which is not an if, but when. We are seeing more adoption of PaaS-based database services in the cloud as well as an increase of data services being deployed within Kubernetes. It is imperative that we secure and protect these workloads because an impact isn’t always a light touch when these bad actors strike. Having up front visibility of attacks and having an immutable copy of your data as the last line of defense is going to get you back up and running as a business versus closing the doors to your business.
In the Kubernetes space in, attacks around crypto mining is a trend potentially as the first wave where the attacker gains access to the cluster, plants their own mining application alongside workloads, and then leverages CPU cycles to mine cryptocurrency. These attacks are becoming more and more advanced. This may have been the extent of the attack before but now we are seeing exfiltration, encryption and deletion of data alongside the mining. This not only brings the disaster failure scenario to recover data but with a skills shortage around cloud native technologies, you need to make sure you have an easy button for recovering that data and moving swiftly without complexity and constraints.”
Maxime Arandel, IT & Security Director at CybelAngel
“Regarding data loss the golden rule is backup, backup, backup. Backup your critical data, encrypt it and store it safely, preferably in a separate environment. Perform restoration tests on your backups regularly, otherwise they are worth nothing.
Regarding data theft, use all the traditional tools of IT security to make sure any initial access in your environment will be harder and only yields limited access. Enforce 2FA and organize phishing training for your employees. Apply separation of duties and least privilege. Encrypt everything that can be encrypted. Use SSO as much as you can, it’ll help manage security of your third party environments.
You also need to take a proactive approach to map your attack surface perimeter and identify threats before they are used against you. Vulnerabilities, outdated environments, shadow IT… will be used to gain initial access in your environment.
Finally, have a crisis and incident management plan and do actually test it. It will help fight the stupor that sets in if your company is under attack.”
Carl D’Halluin, Chief Technology Officer (CTO), Datadobi
“Failing to backup your data can have catastrophic consequences, as a single hardware failure, cyber-attack, or natural disaster can wipe out all your valuable information, leaving you with no way to recover it. This means that years of hard work can all be lost in an instant, with no chance of retrieval. Even the cost of losing just a portion of your important data can be immeasurable, with potential financial, legal, and reputational implications that can last for years.
Identifying the vital data that requires protection should be the first step in the process. But even if you know and can ‘describe’ what data must be protected, finding it has always been another matter – and you cannot backup what you cannot find. To effectively address this enormous and complicated undertaking, users should look for a data management solution that is agnostic to specific vendors and can manage a variety of unstructured data types, such as file and object data, regardless of whether they are stored on-premises, remotely, or in the cloud. The solution should be capable of evaluating and interpreting various data characteristics such as data size, format, creation date, type, level of complexity, access frequency, and other specific factors that are relevant to your organization. Subsequently, the solution should allow the user to organize the data into a structure that is most suitable for the organization’s particular needs and empower the user to take action based on the analyzed data. In this case, backup the necessary data to the appropriate environment(s). And, if necessary, the solution should enable the user to identify data that should be organized into a ‘golden copy’ and move that to a confidential, often air-gapped environment.
To sum it up… Don’t let the nightmare of data loss become your reality – always backup your data.”
Don Boxley, CEO and Co-Founder, DH2i
“World Backup Day is an annual event that is intended to raise awareness of the importance of data backup and protection. It serves as a reminder for individuals and organizations to take proactive measures to safeguard critical data against unexpected incidents that can result in data loss, such as hardware or software failure, cyber-attacks, natural disasters, and human error. And, while the exact cost can vary depending on factors such as the size of the organization, the type and amount of data lost, the cause of the loss, and the duration of the downtime, according to various studies, it can cost organizations upwards of billions of dollars each year.
That’s why, for systems architects and IT executives alike, zero is the ultimate hero. And to achieve it, they are taking a multi-pronged approach to data protection. To achieve zero downtime, zero security holes, and zero wasted resources, they are also layering-on smart high availability (HA) clustering and software-defined perimeter (SDP) technology that enables them to securely connect and failover enterprise applications — from anywhere, to anywhere, anytime.
On World Backup day and all year long, it is critical to remember that businesses that invest in data protection are better equipped to navigate unexpected data loss events, maintain regulatory compliance, and protect their critical assets and reputation. Bottom-line, investing in data protection is not just smart, it’s essential for business success.”
Steven Santamaria, CEO, Folio Photonics
“The world’s most valuable resource is data, and it is of utmost importance to properly store, protect, and preserve this resource. The safekeeping of data is essential because it represents the foundation upon which many modern businesses are built, and its loss can have far-reaching consequences for organizations and individuals alike. As such, ensuring the safety and longevity of data should be a top priority for any entity that relies on this precious resource.
On World Backup Day, we are reminded of this, and the criticality of backup as one of the key safety nets against data loss, whether it’s due to technology failures, cyber-attacks, or human error.
Today, I would offer that the most effective data protection strategy should also incorporate a data storage platform that can be securely archived in an off-site location, with the added benefit of being taken off-line and air-gapped for even greater security. This means that the storage platform is physically separated from the main network and disconnected from the internet, making it highly resistant to cyber-attacks and other forms of data breaches. In essence, a well-designed data protection strategy should prioritize both physical and digital security to safeguard critical data and ensure business continuity.”
Ken Barth, CEO of Catalogic Software
“Backup solutions continue to play a significant role in ensuring business continuity, particularly in the event of a ransomware attack or a natural disaster. World Backup Day reminds us that it’s only a matter of time when we will need to recover our systems and data from backups. To minimize downtime and the effort it takes to recover compromised systems and data, IT professionals need to have the tool to detect suspicious activity and potential ransomware data compromise, and the tools to quickly recover.
Pre-backup is where the focus has moved to, which includes tools for monitoring that the systems and data being backed up are not compromised by ransomware, to help ensure that they can be restored from backups. Integrating pre-backup monitoring with your backup solution also provides the ability to identify and restore only affected data and systems.
Take the next step to provide your backup team with the tools to be proactive in their cyber security stance, and you will now have a holistic, unified backup and disaster recovery strategy with immutable and air-gapped copies of data, and granular and guided recovery plans that can be easily executed in the event of a disaster.”
Joe Morgan, VP of Cloud at Virtuozzo
“Backups are no longer just a copy of some data, but part of the full data lifecycle. You have to ensure your data is end-to-end protected, because if you’re recovering data that has been compromised, it’s not good. That’s why technology like backup scanning is becoming more and more important, and why backup is now part of the whole cyber-security effort. By making sure data is end-to-end protected, and not just backed up, you can be back up and running quickly if disaster strikes – instead of having to rebuild everything from scratch.”
Aron Brand, CTO of CTERA
“World Backup Day is a reminder of the importance of backing up data, but let’s face it, the traditional backup and restore approach is outdated and prone to errors. Ransomware attacks have shown us the weaknesses in this approach, and the road to recovery can be complex and time-consuming. It’s time for a change.
The future of data storage lies in intelligent storage systems that proactively safeguard data from ransomware, continuously protect data as it changes, and offer instant recovery solutions. This means organizations can quickly assess the scope of lost or damaged data and easily remediate it, without lengthy restore sessions or downtime. I believe we should say goodbye to the old backup approach and embrace the dawn of a new era. Proactive disaster protection is the best way to mitigate disaster, and next-generation storage solutions that utilize artificial intelligence and data-based insights will be the key to keeping organizations up and running in the face of disaster. It’s time to deliver storage solutions that support the requirements of the modern enterprise.”
Ameer Karim EVP & GM, Unified Monitoring & Management at ConnectWise
“World Backup Day is an essential reminder of the critical role that data backups play in ensuring business continuity and the optimal productivity critical to the success of every small business. And though cyber-attacks and breaches have been getting more attention, data corruption and data loss from human error have plagued the industry long before cyber threats were on our radars.
As many workloads shift to the cloud, many believe that backup is no longer needed, not realizing that the SaaS providers often don’t backup user data for their end-users. Only 25-30 percent of organizations rely on third-party SaaS Backup solutions to back up their data, leaving their mission-critical applications, such as Microsoft 365, Google Workspace, Salesforce.com, and Azure Active Directory, unprotected. Data loss due to accidental deletions, malicious insiders, and cyber-attacks can easily cost small businesses thousands of dollars in lost business and productivity.So, on this World Backup Day, it’s important to prioritize backups as not only a best practice but also a lifesaver for your SaaS solutions that assist in maintaining company operations. By regularly backing up data and partnering with trusted MSPs, SMBs can prepare their businesses for unforeseen events.”
Glenn Gray, Director of Product Marketing at Auvik
“Backing up data and the network is not the most exciting task, but it is critical for business continuity, productivity and profitability of a company. Changes and updates to network configurations happen regularly, but documentation and backups of those configurations typically lags behind, leaving organizations vulnerable to network outages. Our recent report found 41.5 percent of IT teams are only updating network documentation monthly or less often, despite 53% reporting that configuration changes are happening daily or weekly. What’s more, 45 percent of IT teams do not fully know the configuration of their networks.
These gaps make it far more challenging for IT teams and network managers to pinpoint and correct issues when the network goes down, and in these moments, speed is crucial. According to the information Technology Industry Council, one hour of server downtime costs most small and mid-sized companies $300,000, and can cost larger organizations more than $5 million. World Backup Day is a good reminder for IT teams and network managers to ensure that they have policies and capabilities in place to keep network configuration changes and documentation fully up to date, routinely backup network configurations and maintain a complete network map. These tasks are mundane but incredibly important for ensuring business continuity and recovery in the event of a cyber-attack or other network disruption.”
Anneka Gupta, Chief Product Officer of Rubrik
“If your organization is relying solely on legacy backup solutions to recover from a cyber incident, you’re exposing your critical apps and data to significant risk. The harsh reality is: no industry, organization, or government is immune. In fact, according to the Rubrik Zero Labs’ State of Data Security report findings, 98 percent of security and IT leaders dealt with at least one cyber-attack in the last year. While many organizations have backup solutions in place, this legacy technology alone is not enough to effectively defend against today’s sophisticated cyber threat landscape. A more holistic approach is needed that combines backup & recovery with data security to provide cyber resiliency.”
“World Backup Day is a perfect day to remember that legacy backup solutions can be effective when it comes to recovering from events like natural disasters, they’re not purpose-built to secure your data from cyber incidents, which can result in catastrophic data loss. There are three key reasons why relying on legacy backup solutions alone can pose a threat to the security of your organization:
- Legacy backups are vulnerable to cyber-attacks. All too often, legacy backups have open storage protocols, which can expose data to unauthorized access and manipulation by hackers. Without proper authentication and access controls, cybercriminals can exploit vulnerabilities in these systems and compromise an organization.
- Legacy backups fail to provide critical insights or visibility into what data is at risk or what’s been affected when you’ve been attacked. The inability to effectively monitor your data puts you in a highly vulnerable position and significantly hinders your ability to quickly and accurately assess risks and remediate threats.
- Legacy backups don’t allow you to simulate and test your recovery. This is particularly concerning when it comes to confidence in the ability to recover your critical data and systems – which is critical in the face of a cyberattack when time is of the essence. These tools also don’t empower you to quickly restore data to a specific point in time and don’t provide an easy way to ensure that the restored data is free of malware.
These reasons further exemplify why a strong data security posture is needed to detect, respond to, and quickly recover from security breaches with confidence and speed.”
Stephen Manley, CTO, Druva
“Backup isn’t security… but security is part of your life now. You need to learn how to secure your backups, how you can help security, and how to recover from a ransomware attack.
You need to look past the traditional workloads. Your company’s data is moving to SaaS applications and the cloud. If you’re not protecting the data where it is, you’re leaving the business exposed.
We used to say, it’s not about backup, it’s about recovery. Now it’s not about data, but applications. How will you protect and recover your business applications?
We have self-driving cars. It’s time for self-driving backups. You need a solution that takes care of managing your backups, so you can spend your time working with the business.”
Tony Liau, VP at Object First
“As we celebrate World Backup Day, it’s critical to acknowledge the pivotal role of backup and recovery in shielding organizations from the disastrous impacts of data loss. However, with the increasing frequency and sophistication of ransomware attacks, simply backing up data is no longer adequate. Organizations must ensure that their backups are immutable to prevent malicious encryption, which can cripple operations and result in significant financial losses. As we navigate the ever-evolving threat landscape, it’s crucial for organizations to proactively safeguard their data and ransomware-proof their environment by implementing proper data protection strategies that include immutable storage. Let’s take action today to safeguard our valuable data, maintain business continuity, and protect against ransomware attacks.”
Anthony Cusimano, Technical Director at Object First
“We celebrate backup because it’s the last bastion of defense against ransomware. With best practices in place, an acceptance that attacks will happen, and daily vigilance, backups are much more than an insurance policy. First, ensure you are running backups and verify that your backup strategy is behaving as expected and covers all the data you need to restore in a crisis. Second, test your recovery scenarios. Your backups are only as good as knowing what they are and where they belong. Third, ensure that your backups are backed up and practice the 3-2-1 policy – have three copies of your data stored in at least two locations, with at least one immutable copy. Lastly, ensure your backups are immutable. Encryption is good, but it can be decrypted if the admin accounts that control it are compromised (which they often can be when a complex attack occurs). Immutability is the only way to truly ransomware-proof your backups.”
Manikandan Thangaraj, VP of Program Management at ManageEngine
“Disaster recovery and data protection will play a crucial role in 2023. With ransomware attacks constantly garnering headlines, organizations should get used to the fact that it is impossible to prevent ransomware attacks entirely. It’s a question of when operations will be affected by ransomware, not if. Moreover, with the rise of Ransomware as a Service (RaaS) over the past couple of years, global ransomware damage costs are predicted to exceed $265B by 2031.backup service providers and threat actors who leverage ransomware will be determined by how quickly DRaaS providers can react to potential new threats. Organizations should prefer solutions built on the zero-trust security model to ensure data security. When it comes to data backup and recovery, using a zero-trust strategy will boost your data security by authenticating both the user and the device initiating the backup. Of course, achieving zero trust is a long and challenging journey, but it is a must for organizations that care about data security. zero trust Network Access (ZTNA) is anticipated to increase by 31 percent in 2023 according to Gartner, making it the fastest-growing area of network security.
The only way organizations can withstand the threat of ransomware is by investing in disaster recovery solutions. Disaster Recovery as a Service (DRaaS) has been on the rise for the past few years and its market size is predicted to reach $41.26B by 2030. The winner of the battle betweenAnother recommended strategy to meet today’s evolving threats is to implement the 3-2-1-1 backup rule—which is an update to the popular 3-2-1 rule with the extra ‘1’ covering immutable storage. Immutability will restore your data to its original, unaltered state and get you back in operation within minutes of a breach, so you can be sure that you can recover your data even after a successful attack.”
Dr. Johannes Ullrich, Dean of Research at SANS Technology Institute
“Data should be considered “at risk” if it can’t be found in at least three locations. Organizations should aim at maintaining an on-premise copy, a cloud or online-remote copy as well as an offline remote copy of critical data. In particular, sophisticated ransomware will attempt to disrupt recovery from backups, and any online backup, remote or local, is at risk.”
“Attackers are exploiting backup system vulnerabilities to access confidential information or to disrupt recovery after a ransomware incident. Cloud backups are often more vulnerable. Controls used to monitor access to on-premise backups do not always translate one-to-one to cloud-based systems. Designing a cloud-based solution, organizations need to consider how access is controlled, how requests to retrieve or store data are authenticated and how the backup live cycle from creation over retrieval to eventual deletion is managed.”
“Backup systems need to be redundant AND diverse. It does not help to have three copies of your data using the same cloud provider (even if the data is located in different zones). Use different technologies like on-promise, off-site/offline, and cloud.”
“One of the main reasons to invest in on-premise backups is to speed up recovery. Cloud and offsite backups will almost always be slower. In some cases, cloud backup providers may have mechanisms to accelerate the recovery of large amounts of data by shipping hard drives instead of using slower internet connections. Make sure you test recovery speed in order to better estimate how long it will take to recover large amounts of data.”
“Any data leaving your direct control, for example, physical backup media being shipped offsite, or cloud-based online backups, need to be encrypted before they leave the network you control. Backups need to be encrypted while in transit but also while at rest at the backup location. This may, in some cases, cause additional complexity, but rarely used backup data should always be encrypted.”
Amir Tarighat, CEO of Cybersecurity Company Agency
“Backups that aren’t verified by IT departments aren’t real backups. Today, most cyberattacks begin with a single employee, then make their way to their company. Companies should reevaluate their cyber safety measures and backup strategies, implementing solutions like providing incentives for employees to conduct regular backups.
When ransomware incidents occur, companies and their insurance partners often opt to just pay the ransom because the time it takes to recover the data is much longer. An attack can put a company offline for weeks before it’s back up and running, adding even more to the cost and affecting a company’s bottom line. It’s never been more important for companies to manage backups effectively in the most secure way possible to avoid being the target of a breach.”