We often don’t think about data backup and recovery until it’s too late. There are a number of reasons behind data loss, some more sinister than others: an employee accidentally deletes the wrong file; another leaves the business and their work is removed from the system; a threat actor uses malware to lock down certain files until the organization agrees to pay a ransom for their recovery. Each of these situations can be stressful, time consuming and costly, and the main reason behind them is a lack of awareness.
A lot of us assume that our files are backed up automatically by our software vendors, but unfortunately this isn’t the case. Microsoft, for example, only protects Microsoft Office 365 data for an average of 30-90 days before deleting it permanently. With ransomware attacks on the rise, it’s more important than ever that we that we take steps to secure our data.
Backup solutions can be complex, and it’s not enough to just keep backing up your data to a secondary location – organizations need to make sure that they can recover data quickly and thoroughly, no matter the cause of loss.
To delve deeper into this topic, we spoke to Alistair Mackenzie, Chief Executive Officer at Predatar. With 25 years of experience in the IT industry, Alistair has supported many large enterprises in building a more secure data platform so that they can extract the most value from their data. If data has been compromised, it can’t be used.
Predatar offers a last line of defence against the consequences of data loss. Whether at the hand of a threat actor or an unfortunate employee, data loss is inevitable, so having the ability to securely restore lost data is crucial – this is where Predatar’s platform comes in.
When It Comes To Data, Time Is Money And Knowledge Is Power
Predatar offers an enterprise-level software platform that allows IT and security technicians to easily administer and manage their backup recovery systems. Enterprise backup and recovery solutions move huge amounts of data from multiple locations and varied workloads across the cloud and various physical drives. This requires a lot of processing power and maintenance, which can be a huge drain on an IT security team’s resources.
“It’s almost impossible for an administrator to check everything that’s going on when they’re protecting thousands of systems on a daily basis,” Alistair says. “So, our software does two things. It automates the repetitive tasks that administrators would do, so that they can focus on problem resolution rather than incident identification and threat detection. It also collects metadata about what’s going on in the backup systems so that you can spot patterns and trends.”
One of the most crucial features of any backup and recovery solution is knowing that backups are successful, and recoveries will be carried out without a hitch if they’re needed. Technical teams need to know that the software they’re relying on actually works. Predatar uses a machine learning algorithm to identify data patterns that suggest whether or not a recovery is likely to be successful.
This is particularly important for larger enterprises, Alistair says. “When you’ve only got a small number of servers you need to protect, you can perform a restore and test it yourself to find out if it’s working. But if you haven’t got the infrastructure or time to test thousands of machines, you need machine learning to ascertain which half dozen of those thousands of systems look likely to fail. You need to be able to find the needle in the haystack.” When it comes to recovery assurance, machine learning is the magnet that draws the needle out.
From Hardware Failures To Ransomware Attacks: Responding To A Changing Landscape
“20 years ago, hardware was one of the primary causes of data loss,” Alistair says, “but vendors have become very good at producing reliable hardware. Incidents of mass hardware failure have really declined.” However, while some causes of data loss have decreased, others have shown a stark increase. An increase in the number of ransomware attacks in recent months has created a demand for faster recovery across the market, as well as around-the-clock customer support.
“Ransomware attacks can be quite painful. Most of the time, backup and recovery are housekeeping tasks that run in the background, but when that last line of defence comes into action and you need to restore data, the level of urgency and criticality goes up tremendously,” Alistair explains. “Predatar has a dashboard where customers can see their service levels any time of day or night, and we do a service review with a customer on a quarterly basis. But when responding to a ransomware attack, we make sure that customers get hourly updates from our coordinator.”
However, a difference in the types of threats organizations are facing isn’t the only change the data defence industry has seen recently. As more organizations have turned to remote work during the Covid-19 pandemic, whether temporarily or permanently, it’s become important that teams can collaborate across a digital work environment to protect their data from any location, at any time, as easily as they could if they were in the office.
Predatar’s solution to this challenge comes in three parts. The first of these is centered around role-based access. Self-service approaches are becoming increasingly popular when it comes to management platforms, as they give users the ability to secure themselves at a high level, “segmenting the data so that users only see data that’s relevant to them,” Alistair says.
Secondly, Alistair continues, is the design of their workflow management system. “Incidents don’t fall between the cracks and no batons can be dropped in that relay race of going from problem identification through to problem fix.”
The third part to tackling the challenges posed by remote working, Alistair says, is capturing knowledge so that it doesn’t fall on one person to remember something and pass the message on before they clock off at the end of the day. Scrawled post-its and Chinese whispers have no place in data protection.
More Data Means More Vulnerabilities
As the song goes, it’s a small world after all, but it’s becoming smaller as the world becomes more technologically advanced and organizations from opposite ends of the globe collaborate and create partnerships. This evolution has brought about a wealth of advantages, but it also means that data is being stored in multiple different locations and each of these, if not secured properly, presents a vulnerability.
“Data is getting increasingly dispersed,” Alistair says, “which means there are multiple different entry points into customers’ data. And, with increasing collaboration and partnerships between companies, that data is being moved inside and outside of the traditional borders. All of this presents opportunities for theft and loss.”
Plan, Encrypt, Test, Repeat
Backup and recovery solutions are the last line of data defence – the tar that stops the wood from rotting when water splashes onto the ship. Like a storm at sea, data loss is inevitable. We asked Alistair what steps organizations should take to protect themselves against data loss, and how best to mitigate the consequences of a data loss incident.
“You’ve got to have an agile recovery and restore plan, and you’ve got to test that plan regularly, especially if you make any big changes across the organization,” he begins. “It also goes without saying that you need to make multiple copies of your data. We often talk about the practice of three, two, one: you need three copies of your data, in two different locations, and one of them needs to be stored in a different medium to the others. So, you might have one copy on a primary disk, then another copy on tape or in object storage.”
“Next, you need to roll out encryption within your backups, not just your production storage,” Alistair continues. “And you could have 100% backup success, but that doesn’t necessarily mean you can restore those backups. So, the final mantra is ‘test, test, test!’”
Thank you to Alistair Mackenzie for taking part in this interview. You can find out more about Predatar and their data management platform at their website.