June 03, 2024
BTEX 2024: What It Takes to Build Data Resilient Organizations
Sophisticated cyberattacks present several data protection challenges to organizations. Learn how data resiliency strategies can help Canadian organizations defend against threats with CDW experts.
The overarching role of data resiliency
Rowena Samuel began the session by introducing data resiliency as “the ability to protect, maintain and recover your data.” In a nutshell, it refers to the strategies for securing an organization from data breaches while also building data backup measures in case an attack is successful.
When an organization faces a cyberincident, how quickly and comprehensively it can recover its data determines its resiliency to threats. Samuel explained that data resiliency is a part of the larger organizational resiliency strategy and must be prioritized with the same effect.
Mere backups may not be enough
“The data protection strategy most common to organizations is backups. It’s a super simple strategy of just making point-in-time copies of your data. But over the years, we obviously found that just backing up was not enough,” Samuel said.
Cyberattackers have devised new ways of infecting backups to prevent recovery and increase the damage. Especially for ransomware attacks, backup infection can leave organizations with no other option.
She further explained, “You don’t necessarily go back to the latest copy of your data because that may already contain the ransomware. If those bad actors have been in your environment for a number of days, then you may have backed up stuff that those bad actors have put in your environment.”
She emphasized the need to adopt advanced data protection measures such as immutable backups, air-gapped sites and duplicate infrastructure to prevent extensive damage.
Combining cyber recovery with data protection
“We have a lot of people coming to us and asking us for a disaster recovery solution at the moment, but they're not really looking for disaster recovery, they're looking for cyber recovery,” Samuel said.
Samuel described three focus areas for data resilience. “To be data resilient, you need the data to always be available, easily accessible and trustworthy.”
Cyber recovery could play a key role in helping organizations achieve this. It refers to implementing a proactive plan for restoring data within a permissible timeframe and validating the legitimacy of backups. Parameters like recovery time objective (RTO) and recovery point objective (RPO) describe the speed and extent of recovery.
“When you have both of those strategies deployed together, then you start to actually have more confidence in your data being good data because you're checking it and you're scanning it,” Samuel said.
Core elements of data protection
Nicky Panfer then took the stage to talk about how to enable data protection. “Backups are your last line of defence against cyberattacks. And this is why it’s very important how you plan and store them,” she said.
She mentioned three core elements:
- Backup – the copies of data should be air-gapped and encrypted to prevent data corruption.
- Storage – the location where the backups are stored should be chosen with fallback measures in place. Whether the backups are stored on-premises or in the cloud, they should be kept out of reach of attackers.
- Recovery – the procedure by which data is restored should abide by binding SLAs and ensure backups are scanned for threats before restoration.
The 3-2-1 backup rule
Panfer mentioned that the 3-2-1 backup rule can come in handy to strategize backups effectively. It states that you should make three copies of your data across two different mediums, one of which should be offsite.
This rule ensures there are enough redundant copies of the data and the backup storage is air-gapped to achieve resiliency. It also helps improve recovery speed by provisioning dedicated sites for data restoration.
She also highlighted that CDW Canada has risk assessment, data protection and security teams to help customers meet their backup strategy needs.
AI in data protection
“We’re seeing generative AI and interactive conversational chatbots appear in the data protection products. AI could help automate your routine tasks, help you investigate issues and drill down into log files and take away a lot of time and manual work,” Samuel said.
She suggested that as more organizations build their AI strategy, data protection becomes a key component. With the help of AI-led analysis on massive pools of backup data, organizations could unlock new insights and drive value in unprecedented ways.