In times of ransomware, insider threats and advanced persistent threats, many companies are on the defensive when it comes to security. Besides the actual defence, the core issue is to avoid long IT downtimes and data loss. Backups offer a simple and practical solution for restoring less important data. Critical data and workloads, however, require more sophisticated recovery technology. CDP (Continuous Data Protection) improves the defence against ransomware & co. exactly where not only data security but also very fast recovery is important.
Preventive protection alone is not enough
Ideally, of course, ransomware attacks would not reach the network in the first place. In order to live up to this wishful thinking, providers of security solutions are also continuously working to keep up with the attackers. However, they have not yet succeeded in finding one hundred percent protection against new security threats such as APTs (Advanced Persistent Threats) and zero-day exploits. IDC’s recently published study, The State of Ransomware and Disaster Preparedness: 2022, shows that 93 per cent of all organisations have experienced data-related business disruptions in the past 12 months. And 67.8 per cent of the companies surveyed had as many as four or more such disruptions over a calendar year. IT security is the first line of defence and is clearly unable to fend off all attacks. Accordingly, all companies must prepare for the worst-case scenario of a successful attack. To prepare for a successful attack, most companies rely on a time-honoured recovery technology that they have already implemented: Backups.
Backups alone do not guarantee fast recovery of critical IT services
Organisations have long used backups as a standard tool to protect their data. The approaches of traditional backups have also, surprisingly, remained almost unchanged over the past decades, from the magnetic tape storage of the 1950s to modern cloud backup: Data is copied to a second medium or data location at set intervals. Although longer intervals are associated with data loss, the 3-2-1 backup strategy implemented almost everywhere today can restore virtually all data in the vast majority of cases. However, backups have the weakness that they only protect individual servers, but not complete applications as a whole, which usually consist of different components (e.g. database, web server). The result of this silo-based focus on individual servers is restoration times that can last days or even weeks. This is because after the data has been restored, a functioning application must first be manually reassembled from its numerous components. It is therefore not surprising that most companies do not have confidence in their current backup and DR solutions. Only 28 percent of respondents to the IDC study said they were confident that their backup system could restore all data in a timely manner.
The common trade-off: reduce complexity or further increase security?
As a result, 72 per cent of companies expect that their backup-based approach will not allow them to recover their important data in a timely manner in the event of a successful ransomware attack. This is obviously not a sustainable state of affairs in the long term. Data security managers at these companies are therefore looking for ways to improve their spotty strategy so that they can recover data and workloads more quickly. Ideally, this should be done without adding to the already high complexity of the numerous interlocking security solutions. In addition to backups, these solutions include specialised recovery software, snapshots, mirroring and storage-based replication, as well as other disaster recovery strategies. This multi-layered security environment is designed to ensure the recovery of data in the event of failures. Accordingly, managers would prefer to consolidate this complex patchwork of security solutions. However, since backups alone are not sufficient for a quick recovery, companies have a gaping security hole in their line of defence. So it’s a matter of strategically weighing how important it is for a company to avoid major data loss and long downtimes.
CDP-based solutions eliminate complexity and increase security
In most organisations, the trade-off for or against a solution to close this security gap would be clear: according to IDC, the average cost of downtime across industries is $250,000 per hour. Unsurprisingly, more and more companies are turning to DR solutions to recover their most critical data and workloads faster in order to close this gap. The beauty of this is that with a CDP-based software solution, these companies are then not only more effectively protected, but can often reduce complexity in their existing solution stack. This is because with an agnostic CDP solution, there are no agents or snapshots to work with, and there are no hardware dependencies or extensive training and administration efforts. Also, these solutions have no impact on high-performance application operation and can therefore capture all data changes as they are written. This reduces the RPO to seconds and closes backup gaps, which are one of the main causes of data loss. CDP makes it possible to return to a point just seconds before an attack or disruption occurred in seconds without significant data loss, completely independent of the particular cause of the problem.
Conclusion: Improve security with CDP where it matters most
With pervasive threats and numerous new applications being deployed across the core, cloud and edge, IT organisations face increasing complexity in implementing data security and disaster recovery solutions. With CDP as the latest evolutionary step in recovery solutions, organisations can strategically improve their security where it matters most: on the most important corporate data and mission-critical workloads.
By Johannes Streibich, Zerto