As enterprises continue to struggle with how to protect their data in the face of growing cyberthreats, data protection budgets are increasing around the world.
That’s according to Veeam Software Inc.’s 2023 Data Protection Trends Report released this week. The provider of backup, recovery and data management solutions found that 85% of organizations worldwide expect to increase their data protection budgets by 6.5% in 2023, significantly larger than predictions from Gartner (5.1%) and IDC (5.2%), and larger than overall spending increases in other areas of information technology.
The world of backup and recovery has been and continued to be a market mired in confusion and lack of preparedness. I’ve often said that every company I talk to is an expert in doing backups but it’s the recovery where they struggle, and you often don’t find out where the problems are until it’s too late. The survey reflects a high level of concern, despite the increased level of spending. For example, 30% of companies still expect to recover resources during a data crisis manually, and only 18% currently have an orchestrated workflow capability.
For background purposes, Veeam surveyed 4,200 IT leaders and implementers across 28 countries on a variety of data protection drivers, challenges and strategies. The report covers three broad areas of “modern” data protection:
- Reliability for business continuity or BC and disaster recovery or DR
- Recovering from a ransomware attack
- Cloud-based BC/DR solutions and protecting hybrid infrastructure
One of the more striking data points from the study is that few businesses can reliably recover data following a cyberattack or disaster. Although the most impactful data outages in 2022 (as well as in 2020 and 2021) were the result of cyberattacks, modern data centers still commonly experienced outages caused by networking, application failure, hardware failure and operating system issues. Overall, 28% of servers had at least one unexpected outage. Hardware reliability is very good today, but not perfect, and businesses need to be prepared for the unexpected.
No matter the cause, the essential measure of success here is how quickly businesses can safely restore data and resume business operations, but the Veeam report finds that 82% of companies have an “availability gap” between how quickly they need systems back online and how quickly IT can actually bring them back. Nearly the same amount, 79%, also acknowledge a “protection gap” between the amount of data they can afford to lose and how frequently IT protects that data.
Another shocking data point is that 30% of companies still rely on manual processes to recover data during a crisis, and 52% rely on scripts. Neither strategy assures reliability and speed, especially if the experts responsible for these plans are no longer available.
A best practice approach for BC/DR planners is to use fully tested and orchestrated workflows that can be quickly executed during an actual crisis, but the report revealed that only 18% of companies currently have an orchestrated workflow capability. I can’t emphasize this enough. There’s an expression, “Measure twice and cut once,” and with BC/DR it’s important to test at least quarterly so when it is time to execute the plan, the workflow should go smoothly.
The study also found that ransomware is still a losing battle for most organizations. One area of improvement is that 82% of organizations now understand that they must include cyberattack and ransomware remediation strategies in a more holistic BC/DR planning process. This is critical given the increasing frequency of such attacks.
In 2022, for example, 85% of organizations were attacked by ransomware at least once, up from 76% in 2021. If the company can quickly recover data, the threat of ransomware is minimized. My research has found that many businesses are better prepared to go through the ransomware payment process than they are to recover their own data.
Unfortunately, implementing a broader approach to BC/DR that includes ransomware will take time. When companies were asked about their most significant ransomware attack in 2022, they reported that a hefty 39% of their entire production data set was successfully encrypted or destroyed and only 55% of that encrypted or destroyed data was recoverable. So although time is needed to build a more holistic plan, that’s the one resource companies are short on.
In addition to the pain of data loss, companies see the lack of assurance that data can be recovered following a ransomware attack as the top challenge to progressing on their digital transformation and IT modernization initiatives for 2023. This is because the manpower and financial resources that might have been applied to digital transformation and modernization must instead be applied to data protection.
Clearly, the continuing increase in successful ransomware attacks makes the automated verification and protection of backed-up data absolutely critical to a successful recovery process at the speed businesses require.
Another overlooked part of data protection strategies is backing up cloud workloads. Hybrid infrastructure is here to stay, and businesses are planning to keep around 50% of their servers on virtual machines within a major cloud service or managed service provider through 2025, with the other 50% split almost evenly between physical servers and virtual machines within the company’s data center. This means data protection capabilities must extend equally across physical, virtual and cloud architectures, especially for the 98% of survey respondents that have some industry, national or other regulatory mandate to retain previous versions of data.
Currently, however, the most common way to protect data in containers is by protecting the underlying storage (47%), not the workloads themselves, which will likely prove to be insufficient during a data crisis. One of the misconceptions that many IT leaders have is that the cloud provider is responsible for data protection and recovery. Though the cloud companies do backup information, the ultimate responsibility lies with the customer. The survey did reveal that the mindset around cloud protection is changing as 57% of companies will likely or definitely switch backup solutions in 2023 to keep pace with the threats.
The combination of rising cyberthreats and rapid infrastructure evolution puts pressure on organizations to enhance their BC/DR capabilities in a way that protects both on-premises and cloud data equally. In addition, to ensure securely backed-up data can be reliably and quickly restored, businesses must develop the ability to create, test and orchestrate automated backup and recovery workflows as part of their BC/DR plans. As companies look to develop these capabilities, they should include the following in their solution criteria:
- Data backup and recovery tools that are integrated with other cyber detection and remediation technologies
- Backup of cloud-based workloads, with support across IaaS/PaaS/SaaS services
- Purpose-built, Kubernetes-native backup and restore, disaster recovery and mobility for containerized applications
- Flexible orchestration workflows across the entire infrastructure
- Centralized monitoring and management, coupled with extensive application programming interface coverage to support different infrastructures
For ransomware specifically, a common best practice has been the “3-2-1” backup rule where the company would have three copies of the data, with two stored in different locations and at least one copy in an offsite location. Veeam recommends adding another 1-0 to the end where one copy is air-gapped and the zero represents zero errors in the process.
The survey found that backup and recovery remains a complex and almost overwhelming challenge for companies, but it doesn’t have to be. Testing, orchestration and preparedness is the key to success. It may not be fun, but it’s a lot better than finding out the data can’t be recovered.