In this Help Net Security interview, Matt Waxman, senior vice president and general manager of data protection at Veritas Technologies, discusses the components of a robust data protection strategy, highlighting the growing threat of ransomware.
He emphasizes the importance of backup and recovery protocols that follow the 3-2-1 rule, along with measures such as role-based access control and AI-powered monitoring. Additionally, Waxman will discuss his cloud backup strategy, optimization practices, and integrating data protection with security and governance to increase overall cyber resilience.
What key components should be included in every data protection strategy?
Before outlining the most basic components of a data protection strategy, it may be helpful to explain why a data protection strategy is essential in the first place.
Massive disruption from data breaches is the biggest risk facing organizations today, and ransomware is the primary cause. Defenses such as firewalls and malware detection are important, but they are not enough. In fact, recent data from Veritas shows that 65% of organizations have experienced a successful ransomware attack and attackers gained access to their systems in the past two years. These attacks can cause business disruption for months or even permanently.
To combat this reality, organizations must evolve from a cyber security mindset to a cyber resilience mindset. Comprehensive cyber resiliency includes not only how to thwart an attacker, but also how to recover and restore operations as quickly as possible if the attacker gets past the permitter's defenses. Start protecting your data.
The most basic components of a data protection strategy are backup and recovery. Backups should follow the 3-2-1 rule. This means maintaining at least three up-to-date copies of your data on at least two types of media, with at least one of them in immutable storage offsite. The third stored copy of the data (the “1” in 3-2-1) is the data of last resort in an attack.
The second half of the equation, recovery, is just as important, if not more so, and is the ability to restore data and the business operations that depend on it from those backups. Data protection infrastructure and administrators are often targeted as part of ransomware attacks, so things like role-based access controls and multi-factor authentication are also fundamental. Additionally, leveraging AI to monitor suspicious activity is also important.
How can a cloud backup strategy enhance data protection? And what are the best practices for optimizing cloud object storage for backup and disaster recovery?
3-2-1 Backup Let's consider rule #1 again. At least one copy of your data must be stored offsite. The easiest way is to back up your data using a trusted cloud service provider (CSP). It also improves scalability and accessibility.
However, organizations often mistakenly assume that they will get results by backing up their data to the cloud, when in fact they are purchasing infrastructure. There is a shared responsibility model between CSPs and their customers when it comes to data protection, and too many people don't understand it. CSPs are responsible for cloud resiliency, while customers are responsible for cloud resiliency. Customers remain responsible for protecting their data.
Another myth is that backing up data to the cloud is inherently more cost-effective. While there are cost benefits, without optimization costs can quickly add up and get out of control. Optimization best practices include data classification, tagging, deduplication, and movement management to ensure that organizations store only what they need in the appropriate cloud storage tier. Given the vast amount of data that today's organizations generate, it's best to leverage tools that automate these processes.
What key components should a data protection strategy include and how do they contribute to overall data security?
In addition to the data protection basics outlined above, it is important to move towards integrating data protection with data security and data governance to improve overall cyber resilience. Ransomware attacks impact your entire IT.
Multiple teams typically use different tools to manage the response. Hackers prefer patchwork defenses because interaction points can become potential vulnerabilities. In the face of the costly threat of dual extortion schemes that combine data theft and encryption, this integrated ecosystem of data security, data protection, and data governance provides gap-free cyber resilience, both proactive and reactive. is the only way to achieve this.
Additionally, today's complex and heterogeneous multi-cloud environments require autonomous data protection. The proliferation of applications and data from edge to core to cloud is unprecedented. Real-time manual protection is no longer possible. It should be every organization's goal to responsibly leverage AI and hyperautomation to reduce operational complexity through continuously self-provisioning and self-optimizing data protection.
How can organizations align their data backup practices with their overall data protection requirements, and what steps are required for this alignment?
Instead of starting their data protection strategy with a backup plan, organizations need to think differently and start with a recovery plan. After all, the value of a backup is determined by whether you can recover from it. To do this, organizations need to understand and plan carefully:
- Data that needs to be recovered first.
- Which systems need to be brought back online the quickest?
- how do they make it happen?
Understanding these and implementing related plans and policies can help organizations align their data backup practices with their overall data protection strategy.