How the pandemic changed backup | #itsecurity | #infosec


Remote working is now a permanent arrangement for a growing number of businesses after the Covid-19 pandemic pushed organisations of all sizes to move to home working on a wide scale in a very short timeframe.

And the shift to remote working is no longer viewed as a temporary measure for dealing with public health restrictions. Management consulting firm McKinsey believes more than 20% of the workforce can operate as effectively from home as they would in the office. If employers allow it, it says four times as many people could work from home than in 2019.

The impact of home working on IT systems is well documented. Businesses have had to invest in laptops and tablets, and even printers, for remote staff. They have also had to re-engineer networks and applications to allow remote access on a large scale.

Protected by being remote?

From a business continuity perspective, an organisation with a highly distributed workforce can be more resilient than one where the majority of employees are office-based. The obvious difference is that there is no need to invoke physical disaster recovery (DR) planning, such as moving to emergency office space. As long as datacentre or cloud-based applications remain accessible, work carries on.

But taking work off-premise forces changes to backup and recovery. Are backup systems configured to run on remote devices? And do employees have enough bandwidth to run backup tools?

At the start of the pandemic, organisations found the bandwidth of their virtual private network (VPN) under stress, so they had to invest in improving capacity. Anecdotally, supporting technologies such as backup was viewed as less critical than line-of-business applications.

“For remote workers, all of a sudden their home became their office. They may not even have had a desk for their laptop. These effects created a domino effect of networking, security and data protection consequences,” says Christophe Bertrand, a senior analyst at ESG.

But although some organisations opted for local solutions for their backup needs – including USB sticks, hard drives or even employee-purchased online storage – Bertrand believes that Covid-19 has accelerated existing trends towards cloud backup and reliance on online office suites and software as a service (SaaS).

Applications such as Microsoft Office 365 became much more important during the pandemic,” says Bertrand.

Five areas where the pandemic impacted backup

1. Local backups, and data compliance

Asking users to back up data locally to removable media is rarely an IT team’s first choice, but during the pandemic, especially the first few weeks, it might have been the only option.

Not all network-based endpoint backup tools supported remote users, and those that did had to contend with limited bandwidth and rising demand for VPN access from other applications.

Supplier support for remote users has improved over the past year, so IT leaders should check the features offered in their backup software. They should also check licensing, to ensure their endpoints are covered.

Once employees have moved to a secure, remote backup system, they should securely erase local backups to prevent a backup solution becoming a data compliance problem.

2. Protecting SaaS applications

Software-as-a-service is one of the technologies that really helped organisations adapt to pandemic working. And backups for SaaS applications are becoming more important – Gartner says it accounts for a growing number of client enquiries.

“In the past two years, infrastructure and operations leaders have begun to include SaaS applications such as Microsoft Office 365, Google Workspace (formerly G Suite) and Salesforce as a part of their backup strategy,” says Gartner senior research director Santhosh Rao.

Although users might assume “cloud” applications automatically back up their data, this is not the case. But suppliers are developing specific backup tools for SaaS, with Office 365 the best supported.

Google Workspace and Salesforce backups are still “largely a work in progress,” notes Rao, but the pandemic has prompted suppliers to invest there too.

3. Backing up to the cloud – and cloud-to-cloud backup

Backing up user data to the cloud bypasses the limitations of corporate VPNs and avoids the data protection pitfalls of remote workers’ local backups.

According to StorageCraft, part of Arcserve, 61% of UK IT decision-makers have increased their use of cloud backup services since the start of the pandemic. Another 28% say they rely increasingly on cloud services for data recovery.

The pandemic has undoubtedly forced CIOs’ hands in the face of technical and compliance concerns. Backing up users’ devices directly to the cloud should be more reliable, easier for employees and, with the right controls, compliant with data protection regulations. The option to back up to private cloud instances provides further assurance.

But organisations are also looking at cloud-to-cloud backup. More on-premise suppliers now support backups for infrastructure as a service (IaaS) and platform as a service (PaaS), including cloud-native workloads and virtual machines, according to Gartner.

With the pandemic shifting more critical applications from the datacentre to the cloud, ensuring they are fully backed up is vital. As Gartner’s Rao points out, this should also include containerised workloads.

Backing up to the cloud also helps deal with another pandemic impact – IT staff no longer need to physically access the datacentre to manage storage.

4. Centralised backup management

The pandemic, and the move to a more fluid and hybrid IT model, has increased workloads for IT teams. As a result, they need centralised tools that can protect data, regardless of location.

This includes backing up user data directly to the public cloud and tiering data to the cloud.

According to Gartner’s Rao, most backup providers now support this. Using services such as Amazon S3 and Azure Blob storage, as well as their long-term storage equivalents Glacier and Azure Archive Blob, can help businesses reduce storage costs.

5. Ransomware

Ransomware attacks have been another unfortunate feature of the pandemic that has affected enterprise backup strategies.

According to one research report, from IT security company Bitdefender, ransomware increased by 485% in 2020. Covid-related phishing campaigns, and attacks on the pharmaceutical and health sectors, account for a large part of the rise.

But any organisation can be targeted by ransomware. As a result, CIOs and CISOs are looking again at “immutable” storage, including tape and Worm-type devices. Meanwhile, backup providers are developing ransomware detection, immutable snapshots – potentially in the cloud – and “clean copy” recovery techniques to allow organisations to recover their data safely.

Security experts warn that ransomware will continue to be a threat, even when the pandemic is under control.



Original Source link

Leave a Reply

Your email address will not be published. Required fields are marked *

+ forty three = forty eight