A Multi-layered Approach To Data Resilience

Uploaded on 2022-11-01 in TECHNOLOGY--Resilience, FREE TO VIEW

What is data resilience? In a nutshell, it’s a mindset that all organisations should adopt to meet their business-continuity plans and keep their operations up and running. There are many moving parts, but overall, it’s as simple as that.

The good news is that 83% of IT decision-makers are now including data resilience in their business strategies, according to a global survey by Arcserve. The bad news is that only 23% have a mature approach to data resilience.

It is not enough because a solid data resilience plan is essential as organisations move to hybrid IT environments. When performance needs arise or a catastrophic failure occurs, organisations must have a well-thought-out and battle-tested plan for recovering their data.

The reality is that data is the fuel that modern businesses run on. When companies lose access to their data, they lose the ability to go forward. Data resilience prevents this from happening. It allows every organisation to quickly recover from a data-threatening event and flourish in the digital economy.

Here are three key steps to help your business develop a robust data resilience strategy.

Create A Plan And Test It Often

The strength of any data resilience strategy depends on the regular testing and adjustment of all its parts. To be reactive is not good enough. You can’t wait for a disaster or attack to occur, then scramble to implement your strategy and find out if it’s good enough or not. Planning and testing are indispensable to success. Indeed, a well-devised and continuously tested data resilience strategy can mean the difference between having a business and having no business.

Numerous studies have shown that organisations that suffer a ransomware attack or other type of data-loss event have a lot of difficulties winning back their customers. One study showed that 88% of customers would stop using the services or products of a business they no longer trust and that 39% lose trust in a company that misuses data or suffers a data compromise. You get the idea. A data-loss event or hack of any kind can be fatal.

Get Executive Buy-in 

Data resilience should be the responsibility of top executives and business owners, not just the IT department. And yet data resilience is still not a priority in the C-suite of many organisations. It must be, especially with the introduction of new cybersecurity measures such as the NIS 2 Directive in the EU. A successful data resilience initiative starts at the top, with buy-in from C-level executives and the board of directors. When this happens, the rest of the organisation will recognise the importance of the effort, keep it top of mind and rise to the occasion when necessary.

Data resilience initiatives face slow adoption in many organisations precisely because they lack champions at the top. Like any investment, a data resilience initiative needs support from the whole company, from the corner office to the cubicles, across every department.

It also requires buy-in from external partners and service providers. For an initiative to work, all participants must know their role in everyday operations and in the time of a disruptive event. Without buy-in from all parties, there will be some who don’t perform when the chips are down.

Take A Multi-layered Approach 

The key to achieving data resilience is a “multi-layered approach” and deploying an infrastructure that supports all your data resilience requirements. One vital layer is doing frequent backups and creating copies that can be stored in a digital immutable vault. During this process, storage snapshots should be taken and secured in a vault. When a disaster or attack happens, and data is compromised, you have these snapshots available for instant recovery. 

Automation and orchestration are two other important parts of a multi-layered approach, which help streamline data recovery. These parts should include processes and automated workflows that instil consistency and minimise complexity when time is of the essence and quick thinking is required. That way, you can bring back your data fast and get back to business as usual without critical damage to your business.

Another critical element of a multi-layered approach is 3-2-1-1 data protection. It means maintaining three backup copies of your data on two different media - tape and disk, with one of the copies placed offsite to enable quick recovery. Further, you should have one immutable object storage copy.

Immutable object storage continuously protects data by taking a snapshot at 90-second intervals. Even if disaster strikes, those data snapshots enable you to return to a recent file state.

Conclusion

A good data resilience strategy does a lot for your business. It enables you to manage rapid data growth and handle various workloads, unify data recovery and quickly get back up and running after any event that compromises your data. It brings many benefits to your organisation, including enhanced performance, reduced costs, reliable and efficient business operations, minimised risk, and strong protection in every part of your company.

Florian Malecki is Executive Vice President Marketing at Arcserve

You Might Also Read: 

Why Companies Need A Next-Gen Approach To Business Continuity:

 

« Proactive Cyber Security Is A Must Have
The Challenges Of Moving To Zero Trust »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Giesecke+Devrient (G+D)

Giesecke+Devrient (G+D)

Giesecke+Devrient develop security technologies in four major areas: enabling secure payment, providing trusted connectivity, safeguarding identities and protecting digital infrastructures.

ZyberSafe

ZyberSafe

ZyberSafe is an innovative Danish company specialized within building hardware encryption solutions.

Cloudmark

Cloudmark

Cloudmark is a trusted leader in intelligent threat protection against known and future attacks, safeguarding 12 percent of the world’s inboxes from wide-scale and targeted email threats.

Intrusion

Intrusion

Intrusion provides IT professionals with the most robust tool set available for performing in-depth research and analysis of network traffic.

RazorSecure

RazorSecure

RazorSecure offers products and services to enhance railway cyber security, by protecting and monitoring networks and key systems.

IAC

IAC

IAC is a specialist Irecruitment consultancy covering Internal Audit, Risk, Controls, Governance, IT Audit, and Cyber Security roles.

TunnelBear

TunnelBear

TunnelBear is a Virtual Private Network services provider offering secure encrypted access to the internet.

Excelerate Systems

Excelerate Systems

Excelerate Systems is a leading provider of IT services with a focus on Big Data, Cloud Services and Security.

BlueKrypt

BlueKrypt

BlueKrypt is a consulting firm for the security of IT systems and their management.

ThirdWatch

ThirdWatch

ThirdWatch is a Data Science company with real-time automated fraud prevention solutions.

Global Cyber Risk (GCR)

Global Cyber Risk (GCR)

Global Cyber Risk is a technology and advisory services firm that provides first tier cybersecurity services to both large corporations and small and mid-sized businesses.

Tugboat Logic

Tugboat Logic

Tugboat Logic was created to address the skills and expertise gap in the security and compliance industry. Our goal is to simplify and automate information security management for every enterprise.

World Cyber Security Summit

World Cyber Security Summit

World Cyber Security Summit, by Trescon, is a thought-leadership driven platform for CISOs who are looking to explore new-age threats and the technologies/strategies that can help mitigate them.

Match Systems

Match Systems

Match Systems provides blockchain investigations, KYC, KYT, AML, Due Diligence and compliance services.

IBM Security

IBM Security

IBM manufactures and markets computer hardware, middleware and software, and offers hosting and consulting services in areas ranging from mainframe computers to nanotechnology.

SecureLake

SecureLake

SecureLake (formerly Managni) is one of the most trusted US-based IT security and infrastructure companies.