In the face of new and complex multicloud technology stacks, novel data resilience strategies are required. Forrester analysts have compiled a checklist for creating a modern and efficient backup system.
Data resilience refers to the capability of systems and data to remain accessible and functional despite unexpected events or cyber attacks, utilising Backup & Restore infrastructures, especially in hybrid on-premises or cloud environments that support SaaS and container environments. In a broader sense, data resilience strategies also encompass governance and accountability frameworks that seek to tackle concerns related to the management of confidential data and privacy.
Companies need to evaluate whether their data resilience strategies align with their business needs and if they satisfy their customers’ data protection, retention, and security requirements.
In a multi-cloud technology environment comprising various systems and applications, implementing a cohesive and efficient data resilience strategy is crucial. Private clouds, Edge systems, on-premise data centres, and SaaS meet different needs and merit specific risk profiles.
The rise of new multi-cloud stacks, which are becoming increasingly diverse and complex due to the integration of multiple interconnected technologies, requires a re-evaluation of strategies and approaches in order to establish a robust Data Resilience strategy.
Forrester analysts suggest seven key components of native cloud architectures, in addition to regulatory and compliance requirements in an ever-growing cloud-driven world.
An effective data resilience strategy is based on seven key components:
1) Automation and orchestration – a quantum leap for modern infrastructure
Backup systems achieve higher levels of reliability when they are able to rely on fast and consistent automation processes. Advanced monitoring solutions enable the recovery of complex applications on different platforms.
2) Security awareness and a Zero Trust approach – increasingly indispensable in multi-cloud environments
It is becoming increasingly important to be aware of the type of attacks that can affect IT security and their possible consequences for business continuity. The concept of Security Awareness has always existed, but businesses now need to expand infrastructures and move outside traditional perimeters. Adopting a Zero Trust approach is critical not just for production environments but also for backup systems. Introducing multiple risk profiles makes accessing the safety net more complex, making it essential to adopt a Zero Trust approach.
API integrations with popular SIEM (Security Information and Event Management) and SOAR (Security Orchestration Automation and Response) tools can make backup systems foolproof. These integrations help detect anomalies and ensure that the most suitable personnel analyse them.
3) Defending against ransomware – a specific field of Security Awareness
To effectively protect against ransomware, a dedicated approach is required, and the most effective backup systems are based on immutable file systems, WORM (Write Once, Read Many) archives, and are protected by multi-factor authentication. At the same time, backup systems need to be able to cope with parallel workflows both to secure infrastructure and reduce the RTO (Recovery Time Objective).
4) Backup and restore – a comprehensive strategy for good data resilience
No solution on the market can protect all the data used by a company,
but implementing a solid structure helps create more options for configuring API-driven or customised backups. A good backup platform should provide flexible recovery options, thus enabling backups from compromised systems to be transferred quickly to a new environment.
5) SADP: SaaS Application Data Protection – a vital requirement for many companies
As the demand for Software-as-a-Service solutions increases, companies are required to handle and manage large amounts of data, including sensitive customer information. Forrester points out that SaaS Application Data Protection (SADP) solutions are forming a real emerging market, which is expected to increase data security, retention, and resilience for both vendors and customers. SADP tools help prevent the accidental or malicious deletion of data and provide options to manage them, including during the testing phase.
6) Business perspectives & Platform Risk Awareness
Comprehensive data resilience strategies that align with companies’ goals and requirements begin with a process that involves all stakeholders, departments, and external interactions within and beyond the organisation. Understanding and mitigating the risks associated with deploying infrastructure across multiple platforms can also assist in responding to dynamic changes in policies, regulations, and legal requirements.
7) Centralising management and reporting – support for IT professionals
Consolidating management and reporting within an organisation is a valuable
tool that can support IT professionals who manage diverse infrastructures, often on a global scale. This not only aids the work of risk management personnel, but also benefits boards and decision makers, who gain a broad understanding of the data resilience and overall health of an enterprise.
Source: Forrester, Best Practice Report: Top Seven Components Of Data Resilience In A
Multicloud World. A Checklist For Creating A Modern Backup System, Luglio 2022