The Lack of Online Backups Poses a ‘Real Problem’ for Data Protection
The Veeam Cloud Protection Trends Report 2023 recommends extra measures to ensure data safety, even as the government and other organizations increasingly move to cloud environments to back up their data.
The report, released earlier this year, examines these cloud protection pillars after surveying 1,700 IT leaders in the fall:
- Infrastructure as a Service
- Software as a Service
- Platform as a Service
- Backup and Disaster Recovery as a Service
The survey found that 98% of organizations use cloud service; 34% of respondents believe their cloud-hosted files are safe and durable without needing a backup, while 15% believe their cloud-hosted databases are secure and stable without needing a backup.
Here’s where the problem lies—a lack of data backup could make the cloud-hosted data vulnerable to cyberattacks. According to 59% of the respondents with cloud-hosted files, 79% of their databases are backed up.
Jeff Reichard, vice president of solution strategy at Veeam, notes that this is the real problem, as cyberattacks are consistently the most significant cause of outages for most companies. In the report, he attributes other reasons for outages, including:
- accidental corruption
- accidental deletion
The lack of a backup for your file shares ultimately makes your online-based database vulnerable to an administrator making a mistake such as accidental data loss, misconfiguration, or overwriting data.
While referring to the latest Veeam Ransomware Trends Report, Reichard acknowledges that it’s important to encrypt data. This is especially crucial after experiencing a malware or ransomware attack, as data loss can be irreversible. Encryption is also important for legal reasons, such as security inquiries, Freedom of Information Act requests, or legal discovery requests.
“A secure backup is really the last line of defense,” he notes, especially after your attacker has already escalated credentials.
Cloud protection is, however, improving more than in previous years as more companies have adopted more advanced resources for backup and disaster recovery as a service in the cloud. In the survey, 49% of the respondents said they are using a DRaaS solution; this is up significantly compared to last year.
Furthermore, Veeam’s report also found that backup teams perform two-thirds of the backups of cloud-hosted workloads while cloud administrators perform one-third of the backups. The fact that more professionals are increasingly protecting their cloud-based data is ultimately good news for the security of that data. And the realization of what the organization’s long-term retention mandates and disaster recovery requirements are is also a positive step towards having data integrity.
However, the report also notes that many organizations are repatriating their cloud-based data back to on-premises due to cost and workflow challenges. Out of all the respondents, seven out of eight organizations follow this trend.
Additionally, 88% of organizations said they returned their workloads to on-premises backups due to “disaster recovery failback, staging versus production, or the reconciliation that the cloud was not optimum for that workload.”
According to the report, an organization’s data protection strategy must include backing up cloud-hosted workloads once uploaded into a cloud environment and helping to migrate from the cloud to an on-premises data center or another cloud solutions alternative.
Apart from cost containment, which is a major problem, Reichard says the other cause for data repatriation is the unexpected connection of workloads with different workloads.
Finally, he notes that some agencies could make several mistakes during cloud protection. One of these is the failure to back up cloud-based workloads and being unaware that cloud-based workloads are just as vulnerable to cyberattacks and misconfigurations as on-premise workloads.
But with this realization comes the opportunity for these organizations to consider backing up their cloud-based workloads while considering their long-term retention requirements.