FINAL WORD ///////////////////////////////////////////////////////////////////////////////////////////
The best practice
approach to data protection
for modern organisations
Organisations which do not employ robust data protection schemes put
themselves at serious risk of suffering a data breach and causing potentially fatal
damage to the business. Florian Malecki, International Product Marketing Senior
Director of StorageCraft, explains how organisations can better protect themselves
by assessing and testing their recovery plans for ransomware prevention.
WWhy is constant data availability so
crucial for modern organisations?
Data is the lifeblood of any modern
organisation. It provides the foundation
for understanding where a business is
positioned and is essential to analysing
customer behaviour, navigating markets
and assessing a business’ performance.
Many successful business leaders are
dependent on the insight provided by data
to make informed decisions about the
business’ future.
If the data is breached, subject to a
ransomware attack or unavailable for a given
period of time, it can prove catastrophic to
a business. Lack of access to critical data
can lead to malfunctions across the entire
business, from significant revenue loss as
a result of system downtime, to remote
workers being unable to access shared files.
Unquestionably, the constant availability of
data is fundamental to the longevity and
success of any modern organisation.
What is driving the need for
businesses to re-assess data
protection strategies?
Companies are generating oceans of data –
and not all of that data is equally important
to their function. Organisations that know
this and know which pieces of data are more
critical to their success than others will be in a
position to better manage their storage and
better leverage their data. Think about it.
As organisations deal with a data deluge,
they are trying hard to maximise their storage
pools. As a result, they can inadvertently end
up putting critical data on less critical servers.
Doing so is a problem, because it typically
takes longer to access slower, secondary
machines and leverage that critical data. It’s
this lack of speed and agility that can have a
detrimental impact on business.
Traditionally, organisations take a serverbased
approach to their data backup and
recovery deployments. Their priority is to back
up their most critical machines rather than
focusing on their most business-critical data.
So rather than having backup and recovery
policies based on the criticality of each
server, we will start to see organisations
match their most critical servers with their
most important data. In essence, the actual
content of the data will become more of a
decision-driver from a backup point of view.
The most successful companies in the digital
economy will be those that implement
storage policies based not on their server
hierarchy, but the value of their data.
What are the implications for
organisations which do not employ
robust data protection schemes?
Organisations that fail to implement a robust
data protection scheme put themselves at
serious risk of suffering a data breach and
causing potentially fatal damage to the
business. When it comes to system downtime,
businesses risk both reputational damage and
the cost associated with downtime.
If customer data is stolen, clients will lose
trust in the business and may look to
competitors. In addition, if employees aren’t
able to access critical files, productivity will
plummet. Companies without a robust data
protection scheme should look to implement
one as a matter of urgency.
What best practice approach
should organisations take to
data protection?
StorageCraft recommends organisations
assess and test their recovery plans for
ransomware prevention, remediation,
systems failures, any type of natural disaster,
on a regular basis, being once a year, twice
a year, etc.
It is the only way to know whether they can
meet their Recovery Point Objectives (RPO)
and Recovery Time Objectives (RTO).
In the event of a ransomware attack,
businesses should first identify and locate
their business-critical data and take steps to
protect it. This step includes email security
systems, firewalls, regular software updates,
clearly audited administrative and access
policies and user education.
Prevention is not foolproof, which is why a
ransomware-specific plan for remediation
and recovery is essential.
Thwarting ransomware is dependent on an
organisation’s data locality (i.e. on-premises,
in the cloud or in cloud-based applications
such as G Suite and O365) and preferred
recovery location. Critical elements of a
successful plan for ransomware remediation
and recovery include:
82 INTELLIGENTCIO
www.intelligentcio.com