Welcome to our special blog post in honor of World Backup Day 2024. Today, we’re discussing the importance of backup and recovery for your organization. We’re joined by Juan Julian Moreno, Data Protector Presales Director for West Europe and America, a seasoned backup specialist who will share his insights with us.
The Importance of World Backup Day
When asked about the significance of World Backup Day, Moreno emphasized that backups are essentially an organization’s digital life insurance. He stressed that backups are futile without a proven and tested recovery practice. World Backup Day serves as a reminder for responsible staff to verify their backup and recovery strategy in an ever-evolving IT landscape. It’s crucial to ensure no flaws could jeopardize a clean restore. Often, it only takes a short time to discover misconceptions in a backup strategy, and little can be restored once disaster strikes.
The Threat of Ransomware
Ransomware has emerged as a significant threat to organizations. According to Gartner, organizations that paid a ransom could only recover 65% of their data, and a mere 8% managed to recover all data. Ransomware is just one of many threats to your data.
Backup is no exception from the golden rule: “you need to do it right to reliably achieve the desired outcome.” But with so much money and effort invested into backup, why do we see so many reports of data loss and significant impacts of ransomware?
The Purpose of Backup
Moreno clarified that the fundamental architecture must be built for purpose – and the purpose is not backup – it is restorability under the worst conditions. There are many shiny, new, feature-rich solutions out there that have put a “backup” sticker on them to attract IT budgets. In many cases, these solutions compromise the core idea of backup with questionable restore capabilities and require large investments into proprietary backup hardware.
Backup runs at the heart, lung, and brain of your IT, having read & write access to the most valuable data – to all your data and configurations. Adjusting instantly to an ever-changing IT landscape cannot be achieved with a simple tool.
See ebook 'Backup: The Last Line of Defense and Imperative for the “Data Age”'.
The Difference Between Copy and Backup
When asked if backup is about creating copies of your most relevant data, Moreno responded, “Well … in that case, it would be ‘World copy day’ today. Because a copy is not a backup.”
A copy or replication set will easily have the same or even worse corruptions as the original data set. Copies require that in case of a restore, you have the same tools, same versions running to access the data as you had when data was created. If you store the copies in the same location and or same conditions as the primary data, the same fire, flooding, theft will kill the copy as well.
Imagine there is a bug (or a virus) impacting the firmware of the disk drive/SSD on 1st of April 2024 – it might easily spread to the drive/SSD of your copy as well. And the list goes on for all kinds of intentional and unintentional changes to the precious data (both primary and copy).
From Copy to Backup
So how do we get from a copy to a backup? Moreno explained that a backup involves more than one copy! The crucial extras are: an instant format change to protect from exfiltration/manipulation, a dissimilar target architecture, indexing/catalog handling, tracking all media available for restore, and retention management.
The Gap in Common Solutions
When asked if common sense backup strategies are implemented in the market’s solutions, Moreno responded, “Unfortunately, not …”. He pointed out a significant gap with one of the most common solutions regarding the format change (also known as "logical media break”) as a key approach for transportable, non-comprisable non-exfiltratable backup sets. He also highlighted the importance of direct backup, object copy & replication management, integration with leading deduplication APIs, media management, and scheduler. He cautioned about the limitations of snapshot copy management.
Immediate Checks for Data Protection
If you’re responsible for data protection in an organization and feel confident with the current backup & recovery implementation, Moreno suggests checking if all your data is in scope: on-prem, cloud, SaaS, and so on. Is all your data being backed up regularly, and are the recovery point objective (RPO) and recovery time objective (RTO) being met? Do you have an offline copy? Are you running regular restore tests as part of your disaster plan? He reminds us of the multiple legal obligations that formally require all these to be in place and the severe consequences for organizations that fail to comply.
Planning for an Improved Backup & Recovery Concept
If you’re planning for an improved backup & recovery concept, Moreno advises avoiding Windows OS for core components of your backup software whenever possible, avoiding vendor lock-in on backup targets, and going for a solution that covers hybrid IT (physical, virtual, cloud) and is flexible to adjust & tune to your needs.
Read also white paper: 'Ransomware Attacks: Strategies for Prevention and Recovery'.
Using Artificial Intelligence with Backup and Restore
While AI is a powerful tool, incorporating it into backup and restore processes shouldn't be solely for the sake of being trendy, says Moreno. Real customer value should drive its implementation. I mean for example AI Anomaly Detection can identify unusual data access patterns potentially signifying a cyberattack. Additionally, AI can predict potential breaches of Service Level Agreements (RTO/RPO) by analyzing backup performance, allowing proactive measures to ensure smooth operations and recommend improvements. However, the final call on actions based on AI recommendations should remain with humans. After all, human expertise is crucial for interpreting insights and making informed decision about data security, just remember that Backup is your last line of defense.
Refer to 'Detecting Ransomware Attacks via Artificial Intelligence-Based Technology for Your Data Backup and Restore Environment'.
The Golden Rule of Backup
For the closing, Moreno shared a golden rule, “Don’t get tricked into using copy, High Availability (HA) or replication tools for the purpose of backup – they don’t serve these needs! If you want your data to survive – do backups right! Invest the money and other resources for true backup (getting the fundamental things right) and don’t abuse it for any other purpose! Backup and Recovery is your last line of defense for your data. Protect it by having multiple defense layers around it.”
Thank you, JJ, for sharing your insights and providing a well-thought-through and safe masterplan for data protection.
Stay tuned for more discussions on data protection and remember, World Backup Day is not just about creating copies of your data; it’s about ensuring that your data can be restored under the worst conditions. So, let’s use this day to reassess our backup strategies and ensure our organizations’ digital life insurance is in order.
Explore how OpenText Data Protector can help your organization to ensure data integrity and data protection.
Request a free trial of OpenText Data Protector
Learn more about Cloud data backup and restore .
Already a Data Protector customer? Learn what is new in the latest version.
Read about data backup and resiliency
Read what analysts say about Data Protector.
Read what a customer is saying about Data Protector.
Be sure to connect with OpenText on LinkedIn.
Keep up with the latest Tips & Info about Data Protector.
Do you have an idea or Product Enhancement Request about Data Protector? Submit it in the Data Protector Idea Exchange.
We’d love to hear your thoughts on this blog. Comment below.
The Online Community Team