7 steps to developing an effective IT backup strategy

Additional contributions from Lucas Salter, General Manager, Data Protection Solutions, Dell Technologies, Asia Pacific, Japan & Greater China

The acceleration of data growth has increased data management complexity and data silos (think multicloud). This — combined with an unprecedented rise in cyberattacks, limited budgets, and constrained operational staff — is making it crucial for organisations to efficiently store, protect, and back up their data.

World Backup Day on March 31 serves as a reminder that if our data is not effectively backed up, it cannot be recovered and can impact business continuity. Recovery is the reason we back up. Compromises in backup lead to deficiencies in recovery. Performing regular, complete, and robust backups are essential for the resilience and recovery posture of organisations.

Dell Technologies’ 2022 GDPI snapshot research found that 59% of its Asia-Pacific and Japan including China (APJC) respondents are not very confident that all business-critical data can be reliably recovered in the event of a destructive cyberattack. Moreover, 70% of APJC respondents are concerned their organisation’s existing data protection measures may not be sufficient to cope with malware and ransomware threats.

Distributed data, hybrid work, multi-cloud environments, as-a-service sourcing, and digital transformation have triggered a need to evolve cybersecurity strategies to include cyber resilience. There is an opportunity for organisations to maximise their resilience potential from their recovery platform and processes.

As businesses develop an integrated cyber resilience strategy, we suggest they consider the following key areas. 

1. Protect everything: Understand where your data is stored and the impact of data loss. To develop a holistic plan, ensure you include: 

• Databases;
• Virtual machines;
• Persistent Kubernetes data;
• Edge locations;
• Multi-cloud environments; and 
• As-a-service data.
  

2. Modernise your backup: Investigate the options for performing backups to see which ones are appropriate. Backup features including traditional backups, snapshots, replication, and deduplication technologies can help speed up backup and/or recovery. Ensure that the data written to the backup storage device is recoverable as it is written. This drives a focus on data integrity.
   
3. Safeguard your backup environment: Patch the operating systems it is running on, follow the backup tool hardening guides, and enable encryption in flight and/or at rest. With the increasing number of cyberthreats that target backup environments, it is essential to make backup data immutable.
   
4. Secure access to your backup environment: This can be done by enabling multi-factor authentication (MFA), role-based access control (RBAC), Transport Layer Security (TLS) certificates, and API credentials.
   
5. Plan for anomaly detection: In the event of destructive malware, use your backup data to identify data corruption. This helps to detect breaches early and ensure that only non-corrupted data is restored after a cyber event.
   
6. Leverage automation: Think of how built-in capabilities can help reduce risk, enable scalability, as well as validate your ability to recover. For example, when new virtual machines are created, they can automatically be added to a backup policy.
   
7. Create a network-isolated (air-gapped) recovery capability: Establish a trusted recovery environment that keeps data safe from tampering by creating a system that incorporates network isolation with the use of an air-gapped cyber vault. The vault would isolate immutable copies of backup data completely removed from the production network. This will ensure an environment to recover into (e.g., a clean room) that remains unaffected by the cyber event and enables faster recovery during critical scenarios. Full-content analytics can determine the integrity of the data in the vault and identify good recovery points. If backups are not sufficiently protected, organisations run the risk of corrupted data and lose the ability to recover from a cyberattack.

In today’s digital world, organisations need to continuously deliver the services their customers or citizens have come to rely on. They must also protect the integrity and privacy of the data that their customers or citizens have shared. Modernising data protection capabilities, including processes, provides an opportunity to address both these responsibilities effectively.