Cloud Disaster Recovery: Avoid These Five Common Mistakes and Traps

 
 

Ransomware remains a significant threat to today's organisations. The National Cyber Security Centre calls ransomware “the biggest cyber threat” facing UK organisations large and small. The just-released State of the Phish report finds that over 90% of UK companies suffered at least one email-based phishing attack; nearly 85% experienced a ransomware attack. More than half of these organisations ended up paying a ransom. 

It’s a troubling landscape, but there are steps you can take to protect your organisation. We know that one of the most effective ways to mitigate the threat of ransomware is with a solid cloud-based backup and recovery strategy. However, there are common mistakes and traps that organisations fall into when implementing these critical security measures. Here, we highlight the top five mistakes we see businesses make, and how to avoid them.

Mistake 1: Not Having a Disaster Recovery Plan in the First Place

Organisations are increasingly moving their applications to the cloud, for good reason: cloud-based solutions enable today’s hybrid workforce to remain connected and productive, offering greater agility, scalability, and cost savings. In fact, 40% of workloads are currently run in public clouds, and even greater adoption is expected in the near future. 

However, with this growth, cloud security is increasingly critical, and the single best defence is a solid data backup and recovery plan. If you don’t have one, your data and business will always remain at risk, no matter how secure your cloud applications are (or seem to be).

Imagine one of your critical systems is infected with ransomware. Without a robust data backup and recovery plan, you might find yourself among the unfortunate 60% of UK organisations who paid a ransom to retrieve their data. Yet, if you had the right plan in place, you could quickly recover and reboot your system because your data is backed-up and accessible. The same scenario is true no matter what the disaster is: ransomware, accidental data deletion, hardware or software failure, or even another pandemic.

It’s a simple mistake to avoid—just take the time to craft a strategic backup and recovery plan. Is time the issue? If you partner with a third party, experts will help you implement a unique, transparent plan that aligns with your budget and needs—you’ll get the protection you need and nothing you don’t.

Mistake 2: Not Protecting your Backups

Maybe you’ve avoided the first mistake, and you have a disaster recovery plan in place at your organisation. But is it good enough? Today, sophisticated malware finds ways to target even backed-up data. The Prometheus ransomware, for example, was found to encrypt or kill backup files once it infiltrated a system. It’s no longer enough to simply backup your data; you must also ensure that your backups are secure, and the only way to do that is through immutable backups, which means that once your backup data is written, it can never be changed or deleted. 

This is exactly the reason why Optec has teamed up with Assured Data Protection to bring you Rubrik's uniquely immutable data backup solution. Once your data is stored, it’s encapsulated and compressed within Rubrik's special encoding. This means the data remains stable, secure, inert—it can't be changed. When you avoid this all-too-common mistake by adding immutable backups, you’ll also protect your organisation from costly personnel mishaps, bugs, and third-party vulnerabilities.

Mistake 3: Not Backing up the Right Applications

Moving your applications to the cloud is a smart move, but in doing so, you might find yourself in a situation where you have dozens if not hundreds of critical applications all running at once. And all of this noise? It’s a welcome sound for intruders. Have you fully backed-up every application? Does every solution have an up-to-date recovery plan in place? 

To avoid the mistake of not backing up the right (or all) applications and to best mitigate threats, we recommend you to first conduct a complete inventory of all cloud-based applications in use. Going forward, all new applications should be onboarded though a systematic and official process to ensure that every application is included in your overall recovery plan and data backup schedule.

Mistake 4: Not Relying on the Experts

We can all appreciate the feel-good nature of DIY projects, but disaster recovery might not be the best arena for going it alone. By its nature, disaster recovery can be a labour intensive and highly manual task. The time it takes to identify, implement, and properly maintain an organisation-wide disaster recovery strategy eats up precious hours and days from your strapped technology team. This is all lost time that your team could have spent on other valuable tasks and business growth. 

When you team up with the right partner for a fully managed backup and disaster recovery service, you have immediate access to vast technical expertise, either locally or globally. Another trend in the year ahead is a continued cybersecurity skills gap: there are simply not enough technology professionals to meet demand. When you partner with an expert on disaster recovery, you’ll gain instant access to top talent who will, in essence, extend your internal team and your own in-house IT capabilities, without adding significant cost. 

Mistake 5: Not Consolidating 

Chances are, your organisation backs up data in an ad-hoc fashion, which might include everything from cloud storage and local data backups to security box storage at a local bank to tape or thumb drive storage. There’s pros and cons to every form of data backup storage, but if you rely on numerous disparate systems, you’re probably keenly aware of the cost and time this requires.

The better approach is to consolidate all of these systems into a single platform with a managed service provider. You’ll eliminate steadily-rising licensing and hardware costs and free up your technology team to focus on innovation and business goals. You’ll also be more secure, because centralised platforms and dashboards will provide a better, more holistic, and real-time window into your entire backup and recovery estate. 

Are you guilty of any of these mistakes? If so, you’re not alone. We hope this post helps you optimise your cloud disaster recovery strategy and battle the rising risk of ransomware. 


Ready to improve your disaster recovery plan? Please get in touch with our expert team today to talk about fully managed backup and disaster recovery solutions from Optec and Assured Data Protection. Together, we can avoid costly mistakes in the year ahead.

Want the latest news from Optec? Be sure to be sure to follow us on LinkedIn and Twitter.


Related posts

Previous
Previous

SD-WAN: The Future of Secure Home Working?

Next
Next

Optec Achieves Fortinet’s Operational Technology Partner Specialization