SecurityBrief Asia - Technology news for CISOs & cybersecurity decision-makers
Story image
Cohesity stresses on cyber resilience on World Backup Day
Fri, 31st Mar 2023

World Backup day is a commemorative date celebrated annually by the backup and tech industries worldwide on March 31. It is a day for people to learn about the increasing role of data and the importance of regular backups. It started with a post on Reddit where a user wrote about losing their hard drive and wishing someone had reminded them about how important it is to back up data. The campaign started in 2011.

“Backups are as crucial as they have ever been for organisations given their impact on cyber resilience and business continuity. Establishing and maintaining cyber resilience - the ability to continue to deliver business outcomes, operations, or generate revenue despite suffering an adverse cyber event - relies on having a backup and recovery approach that works when the worst occurs. Without cyber resilience, organisations bring into question their business continuity in the digital world of today and in an era where cyberattacks are no longer a case of ‘if’ but ‘when’,” says Brett Chase, systems engineering leader for Asia-Pacific and Japan (APJ) at Cohesity.

Organisations can set themselves up for success by focusing their backup strategy on what data is vital for them to continue to operate and the level of sensitivity of this data that, if leaked, stolen, or encrypted, would significantly disrupt their ability to operate. 

If the data exploitation will cause significant impacts, then it is valuable to malicious actors and is susceptible to exploitation or exfiltration. Hence, it's crucial organisations know if this data can be recovered by their data recovery technology without a complete data restore; whether their backups are immutable; if their data is encrypted in transit and at rest; if those with specific roles or privileges can only access backups; and if their backups can meet a predetermined recovery point or time targets.

“This World Backup Day, organisations may also want to take the time to consider adding '+1' or adopting for the first time a '1' in accordance with the 3-2-1 approach to backups and data recovery,” adds Chase.

“The traditional 3-2-1 rule is centred on having at least three copies of data, stored on two different types of media, with one backup copy kept offline or offsite. This easy to understand approach to backups is designed to ensure organisations have an available and usable backup of your data and systems, especially given offsite and offline backups help mitigate ransomware and support cyber resilience.”

“Now, organisations can go beyond this by adding a +1, or if an offsite tape backups approach was too costly and difficult to implement they can add a '1', to their backup strategy by leveraging cloud-based isolated data vaults. Isolated cloud data vaults provide faster recovery for data, applications, and workloads run in the cloud, which is vital if your organisation has a hybrid or multi-cloud data storage environment.”

“For organisations that have implemented the 3-2-1+1 rule and have a robust backup and data recovery strategy, leveraging modern data management and security technology, the only thing left to do is to test and refine their ability to recover their data, which will strengthen their cyber resilience,” concludes Chase.