Over the last one year, the ‘new’ normal has arrived with its own set of challenges centered around data protection. There has been an exponential increase in incidences of data breaches and ransomware attacks with the education sector being impacted at least five times more than other industries. In light of this, a study indicated that India has seen the greatest number of ransomware attacks attempts per organization, with an average of 213 weekly attacks since the beginning of the year.
As per a recent survey titled ‘2020 Value of Data Report’, 89% of Indian IT Leaders were concerned about protecting their organizational data from ransomware attacks during the pandemic. Thus, it has already been established that in order to recover quickly from a data breach attack and resume business with minimal fuss, organizations need to beef up the security infrastructure, keeping all the software up to date and all other hygiene factors in place. The best way is to back up data. The ability to quickly restore the data and get the business up and running ensures minimal impact to the business. Cloud solutions from third party operators could help eliminate the complexities attached to data protection.
Challenges to data protection
Wherever the data of an organization may reside, to back it up they typically will have a backup software and they would need to buy some servers to run it. The issue with having multiple components to the solution for one single use case of data being backed up, means companies must deploy it with multiple servers. The bigger the organization, the larger the infrastructure required, and thus, somebody must make them work together. Each one of them is a single point of failure because if something goes wrong with the server or disc or CPU goes bad or tape goes wrong, restores become unpredictable. Companies must invest a lot upfront because when they are setting this kind of a solution, they would typically size their hardware for a three to five years’ time and buy the hardware for a five years or three years’ duration.
Some companies use on-premises Cloud gateway to push data and dub it as a cloud solution. However, this is a complex, labor intensive, multi-vendor kind of a system that is prone to failure. Companies need to manage not only the software on premise, but also in the cloud so all the security patches updates must be done on both sides. Similarly, to add new users, they must compute both sides and if they must be compliant to their data residency and other compliances, then the amount of complexity goes up big time. Each time they touch the data on the cloud, there is a cost to be paid.
Eliminating complexity with third-party Cloud solutions
Since back up restores are unpredictable, it is important to eliminate all the complexity, and make it easy for the customers to back up the data. This is where a direct to cloud solution comes to the rescue. It picks up data directly from the endpoints, or data centers or cloud applications and doesn’t need any hardware or software premise. This is relevant in pandemic times because access to data centers is impacted due to lockdowns.
Furthermore, managing hardware in today's time is also an issue because of the supply chain being broken. But there is no need of any hardware or software to backup directly from their data center, encrypt the data, dedupe the data and back it up into the cloud. Once in the cloud, it is available for resource, whether it is the same location or some other location. This is a cloud native SaaS, not a legacy software that is run on VMs in the cloud. With all the complexity removed, an organization can add or dial up or dial down at will. Moreover, they pay for what they use, and this is delivered as a service wherein the entire back end is run and made available to them.
Anomaly detection is another important capability that could help detect ransomware, malware, or any other anomalous behavior such as sudden and excessive deleting of files by a disgruntled or departing employee. Irrespective of the nature of the impact on the user, third-party solutions can promptly detect the compromised system under the admin. In case it is impacted, the system is pulled down, and go back to the last snapshot and get the system up and running
These capabilities are important today for being able to search for data in case there's litigation involved, being able to search from email repositories or from end user data, being able to arrive at the required data path and give it for forensics fast and enhance cyber resilience. Security controls are in place to ensure one, the data is fully secure and two, nobody else apart from the company, has access to the data, not even the data centers used to run this application.
An affordable shield
A cloud native SaaS is an affordable shield that is simple to deploy and operate. It takes days or worst case a week to get it up and running, mainly because all the hardware is removed from the equation. Moreover, there's a single platform for backup archival and disaster recovery. While cyber-attacks in any form are inevitable, backing up data in the cloud will mean that it is available for restores and serve as an insurance against data loss. A third-party SaaS operator is good economics for companies as they bring immense value to the table. With no need for investments in building the entire capacity, one can start small, and grow big.
The article has been written by Bakshish Dutta, Country Manager, India and SAARC, Druva