As organizations increasingly rely on cloud solutions for data storage and protection, cloud backup faces critical challenges that impact security and reliability.
Issues such as data privacy, compliance with regional regulations, and the complexities of managing multi-cloud environments create significant hurdles for effective implementation.
We asked 4 experts to provide their perspectives on the major challenges when it comes to cloud backup and recovery.
Michael Cade, Field CTO, Cloud Strategy, Veeam: Cloud backup is an evolving space – we have SaaS-based workloads (such as Microsoft 365) and the importance of that data across an entire platform. Then we have IaaS, where customers have looked to take that first step into the cloud journey to run their virtual machines, maybe to get out of an on-premises virtualization platform. We have PaaS, or Platform-as-a-Service, which is where the end user can offload some of the underpinning OS, patches, etc., off to the cloud provider and just consume the database.
The biggest challenge with all this choice is the skills needed to manage the responsibility of this data spread across these multiple cloud-based solutions. Most likely not everything is going to be in the same cloud.
We must also consider regulations and compliance, and make sure that data is not crossing borders and breaking regulations. The security aspect of data spread across all these platforms and clouds is a top priority. It must be ensured that data is secure, protected, and available no matter what happens. Read the full Q&A.
Arvind Nithrakashyap, Co-founder and CTO of Rubrik: According to the recent Rubrik Zero Labs report, 94% of IT and security leaders reported their organization experienced a significant cyberattack last year. During these incidents, attackers attempted to remove backup and recovery options from defenders. External organizations that reported a successful attack observed that their attackers tried to affect the backups in 96% of these attacks and were at least partially successful in 74% of those attempts.
With ransomware group tactics rapidly evolving, security leaders will never be able to fully pin down risk—or completely eliminate it—but they can get a handle on the most impactful levers and take distinct actions to change the risk calculus in their favor. Preparation is key and leaders can get ahead of evolving threats by increasing data visibility, especially across hybrid environments, while also having a comprehensive understanding of where their sensitive data is, who has access to it, and how it is being secured.
Preparing for a contested recovery will also alleviate the pressure against a threat. This includes ensuring that backups are fully immutable and available, automating as much of the recovery process as possible, and testing recovery outcomes across hybrid environments. Lastly, they should be prepared to find ways to unify different teams before, during, and after an attack.
Having a recoverable backup in place can be one of the most significant components when an organization is faced with a ransomware event. Read the full Q&A.
Rob Emsley, Director, Data Protection Product, Dell Technologies: Data sprawl across edge, traditional data center, and multicloud environments creates challenges with maintaining visibility into the protection and security status of data and ensuring recovery against potential data loss or cyber threats.
Organizations face a shortage of professionals equipped to manage and secure data effectively across hybrid multicloud environments. This gap complicates efforts to address evolving threats and manage infrastructure complexity, making the development of these critical skills essential for robust data management and security.
The rise in sophisticated ransomware attacks has made it harder for organizations to detect and prevent these threats. Effective data protection strategies must include robust defenses to stay a step ahead of attackers as well as cyber resiliency capabilities to enable the rapid recovery of data post-attack.
Backups are essential, but they often require significant additional storage space, driving up costs. Finding a scalable and cost-effective solution is key to maintaining efficiency without overspending.
Regularly verifying backups is critical to ensure your data hasn’t been tampered with or corrupted. Reliable data integrity checks ensure that your business can depend on its backups when it matters most. Read the full Q&A.
Andy Kerr, Senior Product Marketing Manager, Acronis: Cybercriminals are increasingly leveraging artificial intelligence to develop more sophisticated and adaptive threats. Malware is not only targeting production data but backup data as well. Bad actors are specifically targeting backup data, which is the last line of defense against threats such as malware.
Malware authors are also looking to embed malware within backup data, often sitting dormant for upwards of over 200 days, which results in malware being recovered post cyber-attack. The only way to address this threat is to integrate backup with cybersecurity. By scanning backup data for malware, you can make sure that it’s possible to recover malware-free. Ideally, an organisation’s chosen solution would also enable patching an environment to ensure vulnerabilities are patched before recovery.
The acceleration of remote and hybrid work models has further complicated this issue by expanding the attack surface. With more employees accessing corporate resources from various locations and devices, there are additional endpoints that could be compromised by these advanced threats.
In addition to these evolving threats, organizations are grappling with the exponential growth of data that needs to be securely managed, backed up, and restored. The increasing data volumes require backup solutions that are not only efficient and reliable, but also intelligent enough to identify and neutralize AI-generated threats embedded within the data.
Compliance with stringent data protection regulations like GDPR and CCPA adds another layer of complexity. Read the full Q&A.
Further reading
- Read our guide to the best Cloud Backup and Recovery Solutions For M365
