CXO research from Veeam has found that 86% of EMEA (78% within South Africa) organisations have a protection gap between how much data they can afford to lose and how often IT systems are protected. This has risen by 14% in the past 12 months across the EMEA region and indicates that while the criticality of data continues to soar, so do the challenges in protecting data to a satisfactory level. World Backup Day 2022 (31 March) was another reminder that as both the cyber threat landscape and IT environment complexity continue to increase, the need for robust data protection measures is more vital than ever. A solid backup, replication, and recovery plan is a key component of any Modern Data Protection strategy that ensures business continuity and the capacity to take immediate action.
Why backup matters
Almost every organisation experiences unexpected outages, according to the Veeam Data Protection Trends Report 2022. There are many incidents that can lead to downtime. Among EMEA businesses, these are commonly caused by infrastructure or networking outages, server hardware failures, and application software faults. Furthermore, ransomware and other cyber threats are compounding the situation – with 51% of EMEA organisations suffering outages at the hands of a cyber-attack in the past 12 months (97% within South Africa).
Backup best practice: Simply put, any data that is not backed up can be lost forever in the event of an outage. While the threat landscape is daunting, the general rule of thumb for a robust Modern Data Protection strategy are consistent. No matter how data is compromised, whether hardware and power failure, accidental deletion, or cyber-attack, if it has been protected in line with Veeam’s 3-2-1-1-0 backup rule, you can get it back. There should always be at least three copies of important data, on at least two different types of media, at least one off-site and one as immutable copy offline, and finally, with zero unverified backups or backups completing with errors.
Ransomware is a new norm
There is still a perception that ransomware strikes an unlucky few, but this is not the case if you consider that almost 9 in 10 South African organisations surveyed have suffered ransomware attacks in the last year alone. The majority (71%) of EMEA organisations have suffered ransomware attacks in the past 12 months (86% within South Africa). Given the inevitable nature of cyber-attacks like ransomware, it’s paramount that businesses can recover. However, according to Veeam´s survey respondents, over one in three (36%) EMEA organisations are unable to recover data after a ransomware attack. Per attack, South African organisations were unable to recover 31% of their lost data on average. 78% of organisations were unable to recover at least some of the data they had lost. Therefore, we now have the situation that it is no longer a question of whether businesses are experiencing ransomware incidents, but rather when. There are still far too many organisations that are unable to recover the data they lose.
Cybersecurity best practice: There are three elements that create the ultimate strategy to protect data against ransomware. The first line of defence is using education to build a human firewall. Prepare your employees with the digital hygiene tools and knowledge needed so that they do not fall for some of the oldest tricks in the cybercrime book like phishing. Make sure this is an integral part of your business practices. The second is implementation. Implement the 3-2-1-1-0 backup rule; invest in solid Disaster Recovery provisions in accordance with your defined RPOs and RTOs; ensure you’ve protected data across all platforms including physical, virtual, cloud, SaaS, and Kubernetes. Finally, it’s remediation. If your education and implementation strategies fail, do not pay the ransom. The only option is to restore data.
Future-proof your data protection investment
The ability to move workloads from one platform to another – including physical, virtual, and cloud-hosted – enables organisations to progress with Digital Transformation initiatives and retire legacy backup tools. But not at the expense of IT resilience. Veeam enables both cloud-powered data protection, as well as protection of cloud-hosted workloads such as SaaS and containers, with full backup and recovery, disaster recovery, application mobility, and ransomware protection. It is essential for decision-makers to understand that data is the lifeblood of their business and investment in Modern Data Protection is an investment in their future.
When it comes to the importance of backup, Ian Engelbrecht, Systems Engineering Manager – Africa at Veeam Software says “backup is not a nice-to-have addition or a luxury. It is a crucial element of every modern business and should be built into the very fabric of the modern data management strategy of organisations. It is all good and well to pay attention to it once a year during World Backup Day, but in reality, we should all be thinking about it every minute of every day. Active threats are more today than yesterday, and this trend is going to continue. The threat is multi-pronged, and risks come from infrastructure or network failures, cybercriminals and even from within organisations in the form of staff negligence or vindictiveness.”
The full Veeam Data Protection Trends Report 2022 is available for download at https://www.veeam.com/wp-data-protection-trends-report.html
