The importance and need for data backup and recovery

SANDEEP SONI
Sandip Soni GM

“Hit by the Covid-19 slowdown, many businesses experienced major impacts no matter how established they were, and had to relook at how they manage and operate their business, ”says Sandeep Soni, GM & Vice President of Engineering, India Operations, Clumio in an exclusive interview to Enterprise Talk

ET Bureau: How has the pandemic disrupted businesses and created a larger need for recovery and backup?

Sandeep Soni: The COVID-19 pandemic has undoubtedly disrupted millions of lives and many businesses worldwide. Very few would have anticipated an event that reached every corner of the globe as it has in this pandemic. COVID-19 has forced enterprises to work from home, and many companies have quickly adapted technology-enabled solutions for seamless working and leveraging video conferencing to connect with employees.

This sudden shift to remote working has also increased the risk of cyber-attacks. City and state governments, along with private, public, and higher-education school systems, are the most frequently targeted and more vulnerable. Hence, organizations need to be prepared to tackle these challenges.

When planning for data protection, most of the focus is on scenarios involving site outages, and in extreme cases, regional disasters. Healthcare systems and public safety organizations are seeing interruptions in supply chains for hardware, and continuous lockdowns at the beginning of the pandemic have prevented access to data centers to do hardware installs.

Leveraging the public cloud and the many available enterprise SaaS applications is how any organization facing challenges in these areas can quickly plan for these new realities. In data protection, choosing the right solution can give users instant access to data protection capabilities to ensure SLAs can be achieved even when capacity runs low on existing systems.

Read More: Technology Leaders Are Re-Establishing Their Business Models Amid the New Normal

It also gives those most vulnerable to ransomware attacks a rapidly deployable, “air-gapped” solution that ensures that they have a good copy of their data in the event of a ransomware attack.

ET Bureau: How can businesses upscale their recovery existing model post-COVID?

Sandeep Soni: Hit by the Covid-19 slowdown, many businesses experienced major impacts no matter how established they were and had to relook at how they manage and operate their business.

It has become challenging for most businesses to keep up due to less revenue churn and the uncertainty in the global financial environment. As businesses plan for the ‘new normal’ post-COVID, leaders should consider the below key issues to upscale their recovery existing model:

  • Incident management and scenario plans
  • Effective and empathetic communication to stakeholders
  • Robust business continuity planning
  • Understanding government priorities and policies
  • Mapping the economic impact

Every crisis allows companies to be resilient and bounce back. Businesses that swiftly capitalize on opportunities will unlock the growth potential and, in the process, discover a new lease of life.

ET Bureau: According to you, what are the:

a) Best ways to ensure cyber resilience –

Sandeep Soni: Cyber resilience has lately become a buzzword in the industry. While cybersecurity is focused on preventing cyberattacks by all possible means, cyber resilience is centered on the idea that incidents could happen anytime, so while it’s ideal for preventing them, you should always be capable of continuing your operations despite difficulties. Below are some of the best ways to ensure cyber resilience:

  • Identify risks and vulnerabilities: Consider what would happen if there was an incident and identify what information, data, and systems are required to keep the business running and how to protect them best
  • Maintain backups diligently: Back-up all your critical data, files, and bandwidth capabilities. This will help you retain and retrieve crucial information in the event of a cyber-attack
  • Train your employees: Ensure cyber resilience is part of normal business and staff are trained in the event of an infrastructure breakdown
  • Protect your internal network by safeguarding your emails and have a proper insurance cover to include any damages in case of a breach. This will protect you from incurring losses that occur due to cyber risks and may typically include liability protection

Read More: CIOs demystify Change fatigue reduction during digital transformation

b) Best practices for data backup and disaster recovery –

Sandeep Soni: Having good data backup and recovery strategy and tools in place will be essential for every organization to leverage the full potential of the cloud in the new normal. As the use and prevalence of Software-as-a-Service in today’s modern IT infrastructure is undergoing strong adoption, there must be no gaps in a backup.

Below are some of the best practices that organizations should consider for data backup and disaster recovery:

  • On-premises or Cloud: It is important to evaluate the best backup and recovery deployment plan. This is about either choosing between a cloud-based or a non-premise approach, which depends on the nature of the business, the critical level, and the investment and expenditure plan. Post-backup, the recovery of the data must be seamless between physical, virtual, and cloud, and especially if it is a multi-cloud architecture, it does not disrupt the work speed
  • Technologies: There are several different technologies or solutions that can be applied in taking effective backups like tapes, which is being proven as the best air-gap backup strategy in case of ransomware attacks; snapshot-based backup, which not only helps protect data but also conserve storage space; continuous replications where the solution is continuously replicating data at the file system level of files or folders and applications
  • Disaster recovery as a service (DRaaS): A holistic unified DraaS helps enterprises to continue accessing business-critical applications with minimal disruption. DraaS usually serves as insurance for companies that cannot afford to invest in a secondary site for disaster recovery, taking care from end-to-end, from deployment to failback

ET Bureau: How can enterprises be prepared and protected from Ransomware?

Sandeep Soni: Ransomware is becoming one of the more common types of malware, and its prevalence is growing fast. According to a recent Data Protection Report, ransomware and cyber-threats are the number one challenge faced by organizations today, and an average ransomware attack costs over $80k to restore data.

Organizations can protect themselves from ransomware threats by implementing a recovery plan to maintain and retain multiple air-gapped backups of sensitive or proprietary data in a physically separate, secure location. A multi-layered approach is key. Below are some of the steps that enterprises can take to be prepared and protected from Ransomware:

  • Develop a robust backup strategy and make regular backups
  • Deploy a real-time malware detector
  • Keep your devices updated with security patching, next-generation endpoint protection, and managed services
  • Educate your IT teams and employees to minimize risk and maximize prevention
  • Don’t play into the hackers’ hands by paying a ransom for a return of your business-critical information. You may still not recover your data even after paying
  • Perform a risk assessment as it identifies and remediate weaknesses in your IT security and privacy
  • Utilize a spam filter in the cloud as this can keep malware from ever reaching your premise. Using Multi-Threat Protection (MTP) is a great way to ensure your systems are secure in the cloud with email and spam protection

While the threat of ransomware is real, with the right preparation, organizations can increase resiliency against an incident to minimize the risk of data loss, financial loss, and reputational damage.

Sandeep Soni currently serves as the GM and Vice President of Engineering, India Operations at Clumio. Sandeep has 23 years of experience in technology engineering. He served most recently as the Director of Engineering at Nutanix, was the Senior Architect at Citrix R&D, and Vice President of the Middleware and Messaging Division at Goldman Sachs prior to that. Sandeep is excited to bring his experience as a Senior Architect and business leader to Clumio.