rvlsoft - Fotolia
With remote work becoming the new normal -- at least for now -- because of the coronavirus pandemic, backup trends in cloud and security are starting to emerge.
The cloud, already a major player in the data protection market, is becoming more relevant with so many organizations' employees working from home and needing to access data remotely.
"A lot of organizations were cautious about adopting cloud technology, but now they are forced to do it," said Gaidar Magdanurov, chief cyber officer at cyber protection vendor Acronis.
The increase in remote work brings greater potential for security problems.
Access control, for example, is important to check, said Christophe Bertrand, senior analyst at Enterprise Strategy Group (ESG).
"Backup workloads [should be] in a place where they can't be affected or touched by others," Bertrand said.
Cybersecurity vigilance needed in data protection
More employees working on devices outside of corporate networks means opportunities for cyberattackers.
"Backup is not enough anymore," Magdanurov said. "You have to have security integrated with your backup."
Research shows that companies were already worried about cyberattacks before the pandemic.
Gaidar MagdanurovChief cyber officer, Acronis
Acronis' annual data protection survey indicated that 88% of IT professionals reported concern over ransomware, 86% about cryptojacking, 87% about social engineering attacks like phishing, and 91% about data breaches. The latest survey was completed by 3,000 business and personal users.
Businesses can easily lose data even if they have backups, for example if they're not backing up enough. A company that backs up once per day stands to lose hours of data if a cyberattack hits at the right moment. In addition, ransomware can penetrate backups.
As far as backup trends regarding frequency, 15% of organizations reported backing up multiple times per day. The survey showed 26% back up daily, 28% back up weekly, 20% back up monthly, and 10% don't back up.
The coronavirus is leading to more social engineering attacks, Magdanurov said. These attacks don't necessarily involve new strains of ransomware, rather new delivery methods. For example, an attacker pretending to be the government sends an email about a potential coronavirus vaccine with a malicious link.
"They can go after millions of home users on unprotected networks," Magdanurov said.
Often it comes down to the education aspect -- companies should make sure their workers are even more cautious about clicking on links and opening attachments.
There are other best practices -- home workers need to shore up security settings on their Wi-Fi, Magdanurov said. An attacker hacking into a smart TV, for example, should not be able to get into the network the employee uses for work. Users should protect their Wi-Fi with a strong password.
"The world is not going to be the same again," Magdanurov said, noting that he thinks increased remote work will continue.
The time is now for improving backup process
According to Infrascale CEO Russell P. Reeder, the threat level has risen.
"People are more vulnerable for multiple reasons, specifically for ransomware," Reeder said.
Hackers know people are hungry for coronavirus research, and one bad click could be all it takes to infect a computer with a virus. Reeder said users have the power to stop ransomware -- don't click on a link or open a document that you don't recognize, encrypt and back up all data, and be careful with passwords.
"If there's no market, attackers will move on to something else," Reeder said.
According to a survey of more than 500 C-level executives at SMBs, 49% said cyberattacks are a top data protection concern, the highest percentage on the list. Other top concerns in the data protection and backup trends survey included system crashes at 41%, data leaks at 39%, ransomware attacks at 38% and human error at 38%. The survey was conducted in March by Infrascale, a cloud-based backup and recovery vendor focused on SMBs.
Even with all those worries, 21% of SMBs reported that they don't have data protection, backup or disaster recovery. Reeder said he figured that number would have been closer to 10%.
Cost may not be the top reason. Reeder said he thinks it comes down to priorities -- not all businesses have technical staff on hand. In addition, businesses put too much trust in virus protection, when they need backup as well. Human error is a major source of problems.
"There's a false sense of security out there," Reeder said.
It's a good time for businesses to shore up data protection.
"Backup and DR is one of those things they should be working on right now," Reeder said.
Now that many employees are past the initial phase of starting their work from home and are better used to it, Reeder said he's seeing a rise in cloud backup and disaster recovery. For businesses that don't have data protection in place yet, cloud-based backup and recovery is easy to set up, Reeder said.
Backup of cloud-based SaaS data is a key piece of data protection and further heightened in importance now, according to ESG's Bertrand. Businesses have mission-critical data in applications such as Office 365 and Salesforce, but those platforms' native protection is not comprehensive, and typically only covers the infrastructure and not customers' data.
"There's a disconnect in the market," Bertrand said. Fortunately, there are many products that provide SaaS backup.
In the end, for Bertrand, recovery point objectives (RPOs) and recovery time objectives (RTOs) are an important success indicator for cloud backup.
"RPOs and RTOs have to be met," Bertrand said.