27 Jun The importance of modern data protection

The face of data protection is rapidly changing to keep pace with the demands of bigger, faster data. Omar Akar, Regional Vice President, Middle East & Emerging Africa, Pure Solutions, looks at what a modern data protection strategy needs to look like.

The United Arab Emirates (UAE) has been said to face a ‘cyber pandemic’, the rise of which coincided with that of COVID lockdowns and led to a 250 per cent spike in incidents in 2020 compared with the previous year and the numbers are going up. While malicious hackers’ leverage of the health crisis was a global phenomenon, the UAE appears to have been disproportionately affected.

Last year digital security firm Cybereason surveyed the nation’s business leaders to find out more about how they’d been affected by ransomware. The findings serves to only highlight just how badly the region had been impacted – with the figures outlined below being higher than the global averages.

• More than a third (37%) of organisations reported being hit in the previous two years.
• 84 per cent who had been hit by ransomware paid up the ransomware.
• Shockingly, 90 per cent of those who paid up were hit again, often by the same attackers.
• 59 per cent of payers found that all or some of their data was corrupted after regaining access.
• 63 per cent reported losses to their business as a result of ransomware encounters.

The UAE, along with its regional peers, is on a digital trajectory designed to align with broader economic diversification programs. The pandemic’s dismantling of economies around the world has only heightened the need for accelerated recovery — recovery that can be delivered through digital transformation. But if ransomware strikes — and the figures suggest there is a one-in-three chance that it will — then chronic disruption will follow. IT departments and security analysts may be able to work through the night to deliver some continuity, but ransomware history tells us full recoveries can take anywhere from 10 to 14 days. The alternative — paying up, only to be hit again — is not a good option.

Upgrade data protection

Meanwhile, for those as yet unaffected by ransomware, warnings from headlines, cybersecurity whitepapers and other sources will lead to the gnawing anxiety that it is only a matter of time. While cybersecurity tools are the understandable go-to for C-suite decision-makers and their technology advisors, the road is long and complicated when trying to discern the appropriate mix of technologies for guaranteeing a safe environment. Vulnerabilities are everywhere and ransomware attacks have proven themselves adept at evading detection and penetrating traditional cyber defenses.

While the traditional approach to data protection was to safeguard systems in the even that there was a breach. Modern data protection is all about taking proactive measured to prevent data protection failures before they occur. This can be achieved through a number of ways, such as upgrading regularly, investing in better technology and the use of predictive analytics.

In my conversations with CIOs, I recommend a three-pronged modern data protection strategy to prepare for, minimise the impact of, and recover from an attack.

Be proactive

First, to safeguard against an attack and make detection faster, IT departments must ensure they keep software and operating systems updated with the latest patches. All employees must be trained to be aware of potentially malicious links or attachments in emails, especially unsolicited ones and those from outside their organisations.

Awareness of what is ‘normal’ in how infrastructure operates is essential here. Without awareness, it could take weeks to see something ‘abnormal’ to flag data or systems might be compromised.

Second, to minimise the impact of a ransomware attack, it is essential to backup data on a regular basis and keep it in ‘Safe Mode’. Make sure they are protected, encrypted, and immutable. Immutability is particularly important, as it keeps your data safe from being modified or deleted even from people with admin-level access to your systems.

Third, to enable a fast recovery following an attack, IT leaders should look at Service Level Agreements (SLAs) for restoring data as well as backing it up when choosing storage vendors. A ‘Rapid Restore’ of data is absolutely essential to get the business back on track as soon as possible.

Don’t leave it too late

A ransomware attack is not a normal recovery event that might involve a few lost files or a corrupted database. All files and databases of an organisation may be compromised, making the recovery task orders of magnitude larger than IT departments typically must deal with.

For example, consider that the restoration of a single database restore can easily take ten hours or more, with many taking more than 24 hours. An organisation may need to restore dozens or even hundreds of such databases, a herculean task even for the most well-equipped IT departments.

In sum, organisations that have been hit by ransomware attacks have learnt the hard way the importance of putting in place a modern data protection strategy. With a combination of proper preventative measures, real-time data backups, and a rapid restore solution, those compromised by ransomware attacks will be better positioned for swift return to operations.

www.purestorage.com