Private, public and hybrid clouds are growing in popularity as lift and shift cloud apps are making migration easier for businesses. Christian Mahncke, Enterprise Business Development at Routed, a vendor neutral cloud infrastructure provider, says that while cloud computing has proven that it is a better option than in-house servers, security challenges remain a concern and businesses require a solid cyber-security strategy.
“It is evident that companies are still experiencing common security challenges such as backup and Disaster Recovery (DR) failures, ISPs being hacked or Ransomware attacks. All of which are exposing the network and potentially sharing valuable personal information,” says Mahncke. “These businesses are neglecting this important aspect within their cloud strategies, failing to include backups and DR in the overall planning.”
He says that including security and a backup plan comes naturally for anyone that has migrated or developed new applications in the cloud: “It is simpler to secure data by creating a DR environment in the cloud than doing so on-premise. Once all your applications are in the cloud, it takes care of all backup and DR requirements quickly and more cost effectively. Cloud provides one virtual environment, as opposed to a number of disparate applications each requiring individual backup and DR needs.”
The importance of looking after data, inside and outside of an organisation remains lacking, which means that DR is probably equally absent. Mahncke says that there is a need for security policies and associated regular backups. This will automatically result in ensuing that proper DR is in place, and it works.
“So often backups only get tested after a server crash or security breach, only to discover that the backups do not exist or were never taken. DR is often absent as there is a belief that a multitude of backups constitutes DR,” explains Mahncke.
He stresses that backups are not DR, nor can multiple backups amount to any kind of DR. Backups are useful for immediate access to restore a document, but do not facilitate the failover of a total environment if the infrastructure becomes compromised.
“Backup is simply a copy of data intended to be restored to the original source, while disaster recovery requires a separate production environment where the data can live. All aspects of the current environment should be considered, including physical resources, software, connectivity and security,” says Mahncke.
Data backups should be automated and part of daily operations, while DR planning is an integral part of any organisations IT strategy, and is becoming essential as security breaches and network outages become common threats.
“DR needs to address complete system failure and provide a set of security policies to govern disaster incidents. A cloud platform provides for this in the most efficient form. You can either back up your cloud or store to a DR site,” says Mahncke.
Some interesting statistics:
- Hardware failure is the number one cause of data loss and/or downtime.
- 40% of security breaches are caused by employees
- 93% of companies without Disaster Recovery, who suffer a major data disaster, are out of business within one year
- 96% of companies with a trusted backup and disaster recovery plan will be to survive Ransomware attacks
- More than 50% of organisations experienced a downtime event in the past five years that were longer than a full workday