By Joe Noonan, General Manager, Unitrends and Spanning
Cybercrime and hybrid work environments prompted by the pandemic have significantly impacted the way organizations protect and store their data. Data is living in multiple places, and backups now must protect data centers, endpoints, multiple clouds and SaaS. More than ever, IT professionals need to incorporate unified business continuity and disaster recovery (BCDR) plans into their cyber resilience strategy to protect the organizations they serve.
Cyber resilience goes beyond firewall and patching. It refers to how well an organization responds to cyber threats and involves a strategy that accounts for planning, detecting, defending and responding in case of an attack. There is also a clear process in place for recovery and business continuity.
It is difficult for IT professionals to find time for cyber resilience planning when they’re juggling so many other responsibilities. But not having a strategy in place can be disastrous for an organization.
Terms to Know
When it comes to BCDR, there are two terms that will guide your cyber resilience strategy – recovery time objective (RTO) and recovery point objective (RPO). RTO is the amount of time it will take to have the business back online. RPO refers to how much data an organization can afford to lose as it pertains to time or amount of information. The RPO for a bank, for example, would be close to zero because as soon as the system goes down, hundreds, even thousands of transactions can take place. A bank cannot afford to lose this information and it would be difficult to recover if the IT environment is non-operational. One way to think about RPO is the more difficult it is to recover data, or create it from scratch, the shorter RPO an organization will need to have. Once both RTO and RPO are established, it’s time to look for a unified BCDR tool.
What to look for in a solution
Cybercriminals are becoming more cunning, driving the need for backup and recovery. A successful backup can eliminate the impact of a cyberattack. Cybercriminals know this so they look for alternate ways to disable, encrypt and delete those backups. An efficient unified BCDR solution is built on hardened Linux – not Windows – so it is not as vulnerable. Another way to fend off cyber criminals is by storing offsite data in an immutable format, which makes it untouchable and prevents attackers from making changes to it.
Additionally, there are innovative backup appliances that can protect data wherever it lives. Today, there are appliances that provide powerful data protection and fit in your pocket! These solutions are perfect for small-office settings or even home offices since they do not require a server rack. They are extremely quiet and come with built-in software tests recoverability right on the box. This ensures data will be available whenever needed.
AI saves time
Organizations should look for solutions that use artificial intelligence (AI) and machine-learning to identify suspicious activity and alert administrators to possible ransomware before it spreads. AI has multiple benefits, among them, allowing IT professionals to cut wasted time on false alerts and backup remediation by up to 50%. An AI-powered assistant can think the way a technician does, prioritizing issues in the most critical systems so your actual technicians can focus on what matters most.
Another thing to keep in mind when considering a unified BCDR solution is opting for tools that include anti-phishing options to protect against credential compromise and account takeover attacks. People are the first line of defense, and they may accidentally put an organization at risk if they lack security training.
An effective tool maximizes productivity
A unified BCDR solution should offer a single view of the entire data landscape, so technicians do not have to move between multiple systems. This saves them time and decreases room for error. Another way a BCDR tool can maximize productivity is through automation. Technicians can spend more than a quarter of their day monitoring, managing and troubleshooting backups. Automated solutions proactively fix common problems in the backup environment, therefore pulling double duty by saving technicians time and securing the environment.
Don’t let compliance fall through the cracks
Some organizations operate in highly regulated industries such as government or healthcare, which mandate how data must be secured. Regardless of the industry, most companies must adhere to compliance standards, especially if they want to be approved for cyber insurance. Part of a cyber resilience plan includes policies around data retention and automated backups to guarantee compliance. Organizations must be prepared to properly store, archive and recover compliance data as a proactive measure.
A BCDR solution with automated disaster recovery (DR) testing capabilities also helps with executing service level agreements (SLA). It allows organizations to schedule a time and specify the systems that need to be tested and then takes care of it automatically. If a test identifies an SLA cannot be completed, adjustments can be made, and tests run again to check if the changes worked. This type of testing protects against unplanned downtime.
Regardless of where data lives, a unified BCDR solution can help IT professionals reinforce their organization’s cyber resilience, free up time to focus on more important tasks, adhere to compliance regulations and ensure SLAs are met.
About the Author
Joe Noonan is the General Manager of Unitrends and Spanning. Joe has spent over 18 years delivering hardware and software technology solutions for virtualization, cloud, data protection, and disaster recovery. He has worked for Unitrends since 2010 driving its software product strategy for data protection, recovery automation, and cloud disaster recovery and migration. Joe has also held roles in developing technology alliances and is now the GM for the backup and DR suite at Kaseya, which includes Unitrends, Spanning and Kaseya-branded backup solutions. Joe can be reached at unitrends.com/contact.