BrandPost: The 4 inexcusable failures of legacy backup tools – Source: www.csoonline.com

Are you still relying on legacy backup tools to protect your data from modern cyberthreats? Legacy backups were created with natural disasters in mind, not cyber threats such as ransomware. Attackers often target backups because if you can’t safely restore your data from there, their chances of collecting the ransom or creating other havoc are virtually assured.

One report estimates spending on global data backup and recovery grew to $14.15 billion in 2023, up 16.2% over the previous year, and is projected to increase at a compound annual growth rate (CAGR) of 13.7% to $23.64 billion in 2027. 

Rubrik’s State of Data Security report indicates 39% of IT and security leaders believe their boards of directors or C-suites have little to no confidence in their organization’s ability to recover critical data and business applications in the event of a cyberattack. It’s not unreasonable to expect that many others are overconfident in the investments they have made over the years in backup systems and services.

There is just so much data, more and more organizations are losing confidence in their abilities to restore their data. IDC’s Global DataSphere forecasts data will grow at a CAGR of 21.2% to reach more than 221,000 exabytes by 2026.

With data growing at an exponential rate, many organizations are saving backup data to the cloud, where they can scale as their needs grow without having to invest in more storage infrastructure. But if you’re relying on legacy backup tools, you are likely shortchanging your organization. An attack may have targeted your backup first, leaving you either unable to restore, or in danger of reinfection from compromised archival data. Say goodbye to resiliency and business continuity!

Here are four ways that legacy backup tools are likely failing you:

• They don’t allow you to easily test and prove cyber recovery. Legacy backups were designed to restore individual files, virtual machines, or databases from a known point in time associated with a disaster. But cyberattacks often make it difficult to determine what to restore, when the attack occurred, how far the bad actor went, and the extent of the damage caused.

• They can’t ensure your data is secure. Legacy backup tools were designed for an era when we naively assumed we could detect and stop attacks at the perimeter. That was never the case and it’s even more outdated in an era when data spans on-premises, hybrid and public cloud, and edge systems and millions of users have access to corporate and cloud systems via the internet.

• They can’t easily identify data at risk or affected by an attack. These tools were built in an era when structured data ruled supreme, but IDC estimates unstructured data now accounts for 90% of data created annually. Most tools rely on anomaly detection to tell you that, whoops, something has happened; unfortunately, they don’t provide you with insight into what an attack has done to your data.

• They can’t quickly restore data without risking reinfection. If your backups have already been infected by attackers, restoration activity can trigger the attack all over again. That could lead to even more damage and data loss.

It is essential to make sure your data backup and restore systems provide:

• Data Resilience: Securing data from insider threats or ransomware by utilizing air-gapped, immutable, access-controlled backups

• Data Observability: The ability to continuously monitor data risks like sensitive data exposure and detect cyber threats such as ransomware

• Data Remediation: So you can simulate recoveries, and surgically and rapidly recover applications, files, or objects while avoiding malware reinfection

Rubrik Security Cloud for AWS provides continuous security, availability, and visibility of your data with native, immutable snapshots. Learn how Rubrik uses a unique backup architecture to secure data, relying on zero trust principles to incorporate a logical air gap, secure protocols, native immutability, encryption, and access controls.

Pete Bartolik has researched and written about technology and vertical market segments for many years and has worked on many market research, writing and social media projects. He was news editor of the IT management publication, Computerworld, and a reporter for a daily newspaper.