Strengthen Your Data Defenses in Time for World Backup Day 2024 


By Craig Rhodes, Structured Data Center Solutions Managing Director —

World Backup Day 2024 is March 31. As it nears, this is a perfect time to reassess your data protection strategies. In today’s digital age, where data breaches, ransomware attacks, and unexpected disasters are increasingly common, safeguarding data is not just a recommendation, it’s a necessity. This article delves into crucial data protection concepts, offering insights and strategies to fortify your data against potential threats.

Understanding Ransomware is the First Line of Defense

Ransomware is malicious software that encrypts your files, holding them hostage until a ransom is paid. It’s a glaring threat to businesses and individuals alike. Protection against ransomware starts with a robust data protection system incorporating immutable storage, off-network backup copies, and the separation of metadata from data content.

Modern systems are now using AI and Machine Learning for anomaly detection and behavior-based malware identification, ensuring that backups remain untainted, and recovery is possible without the risk of re-infection.

A New(er) Threat: Double Extortion Ransomware

This newer type of ransomware illustrates the need for IT Infrastructure and Cybersecurity teams to work together to address this risk. In a double extortion ransomware situation, threat actors exfiltrate a victim’s sensitive data in addition to encrypting it.​ They will threaten to release or leak the stolen data if the ransom is not paid. Having that data gives criminals leverage to collect ransom payments.

​The added threat of exfiltration makes this attack especially dangerous for organizations in all industries.​ Incorporate data loss prevention (DLP) tools to prevent exfiltration or use your own data encryption technologies so any exfiltrated data is unreadable and unusable.

The Pillars of Data Resilience: Off-Site Backup, Air-Gapping, and Immutability

An off-site backup is your safety net against localized disasters. By replicating data to a secondary location, whether it’s a cloud service or another data center, you ensure that your data stays accessible, no matter the circumstances.

Air-gapping and immutability take this concept further by isolating backup volumes from the production environment and preventing any modifications to the backup data, respectively. These strategies are crucial in maintaining the integrity and availability of your backups, making recovery a seamless process.

DRaaS and BaaS: Simplifying Recovery and Backup

Disaster Recovery as a Service (DRaaS) and Backup as a Service (BaaS) are modern solutions that streamline the backup and recovery process. DRaaS ensures that, in the event of a disaster, your operations can be quickly restored from a cloud environment, minimizing downtime and data loss.

BaaS, on the other hand, simplifies the management of backups, using cloud technology to protect your data without the need for extensive on-premises infrastructure.

The Role of RTO and RPO in Disaster Recovery Planning

Recovery Time Objectives (RTOs) and Recovery Point Objectives (RPOs) in disaster recovery planning are critical to defining an organization’s strategy for responding to and recovering from incidents and disasters.

RTO refers to the maximum duration of time that a service or application can be offline after a disaster before causing significant harm to the business operations or achieving the business continuity objectives. These metrics guide the frequency of backups and the strategy for disaster recovery, ensuring that your business can recover with minimal impact on operations.

RPO refers to the maximum acceptable amount of data loss measured in time following a disruptive event. It is essentially the age of the files or data in backup storage that need to be recovered for normal operations to resume without significantly affecting continuity or operations.

Together, RTO and RPO help organizations design, plan, and implement effective disaster recovery strategies by setting clear expectations for recovery timeframes and data loss, ensuring that recovery efforts align with business priorities and requirements. This allows for a strategic approach to minimizing downtime, data loss, and the overall impact of disasters on business continuity.

Structured can help you facilitate answers to these RTO and RPO values by:

  1. Reviewing application criticality, and
  2. Discussing organizational goals with application owners and business leaders to understand and set the necessary RTO and RPO targets.

Once these values are documented, which may differ from application to application and system to system, a data protection method or approach can be developed to meet these requirements at the business process level.

Celebrate World Backup Day 2024 by Ensuring the Readiness of Your Defenses

As World Backup Day 2024 draws near, let it serve as a reminder of the importance of a comprehensive data protection strategy. From understanding the threat of ransomware to implementing off-site backups, air-gapping, immutability, and leveraging DRaaS and BaaS, there are numerous steps you can take to protect your data.

Remember, it’s not about if a disaster will strike, but when. Being prepared means ensuring the continuity of your business and the safety of your critical data.

Call on Structured to Help with Your Data Protection Needs

Structured has been a key resource for organizations in the data protection arena for many years, offering hardware, software, and engineering solutions to help address challenges. If your data protection strategies could use an outside review, or if you are considering any or all the technologies mentioned in this article, contact your Structured account manager today or email info@structured.com.

Resources

James Costanzo, 11:11 systems, “World Backup Day and the Importance of Being Prepared” https://1111systems.com/blog/world-backup-day-and-the-importance-of-being-prepared/

Vir Choksi, Rubrik, “Are you prepared for Remote Ransomware?” https://www.rubrik.com/blog/technology/24/1/are-you-prepared-for-remote-ransomware

Glenn Dekhayser, Equinix, “Data Protection Architecture for the Hybrid Multicloud World” https://blog.equinix.com/blog/2022/06/23/data-protection-architecture-for-the-hybrid-multicloud-world/


About the Author

Craig Rhodes is managing director of data center solutions at Structured, specializing in data center services and data protection. His role involves consulting with clients on data center strategies and process improvements, as well as vendor partner management. With a career spanning roles at GCI General Communication, Inc., Pacific Coast Consulting, and major projects for companies like Starbucks and Expedia, Craig’s expertise covers a broad spectrum of IT infrastructure, project management, and strategic consulting. His leadership has significantly impacted the development and execution of comprehensive data center and technology strategies for the companies he has served during his career.