The volume of data that organizations must store, manage and protect is exploding. Every day, the world generates more than 2.5 exabytes of data, which must be stored and managed by businesses or cloud providers.
The growth of data, the surge of security breaches targeting remote workers, and tighter regulatory requirements on consumer data protection, are challenging data-driven companies to rethink their approach.
“Organizations need mature modern data protection, data backup, and recovery,” said Andy Fernandez, disaster recovery product marketing manager for Zerto. Fernandez spoke at the ActualTech Media’s spring summit.
Top 5 challenges for protecting data
Companies face several challenges when it comes to improving and modernizing data protection, however. Those include:
Hybrid IT environments
Multicloud and hybrid cloud environments, with various platforms, operating systems, and geographic locations, are challenging to secure. If possible, IT should find cross-platform security tools that work across all of the environments, both on-premises and in the cloud. There are also best practices that can help ensure data is protected in a hybrid environment.
One of the most important protections is identity and access management (IAM). IAM controls user access based on an employee’s job needs. With an IAM solution, an IT manager can enforce “need to know only” access to systems.
This minimizes the potential damage when a user’s login credentials are stolen during a data breach. IAM also helps prevent an unhappy employee from stealing or destroying data.
Encryption is also a key element of data security in distributed and hybrid environments. Encrypting data traveling between clouds and between cloud and non-cloud systems makes data unusable should it be intercepted.
Many cloud providers offer consulting expertise on securing hybrid and multicloud environments. In addition, a cloud provider that specializes in managed security services can help configure and implement cross-platform cybersecurity solutions. MSPs are cloud services providers who handle many of the planning and management tasks for their customers.
Physical insecurity
With more employees connecting remotely, there’s a risk that other device users could inadvertently download malware, steal passwords (or personal data), or steal the device. As many office buildings are still half empty, it’s also easier for outsiders to steal devices or data without detection.
Social engineering and human error
A majority of cyber-attacks depend on human gullibility to succeed. Phishing is when a cybercriminal attempts to trick an unwary user into giving up confidential information or personal information. Phishing is a common social engineering method.
According to industry reports, 65% to 90% of breaches are caused by phishing or other social engineering campaigns. Ransomware, a top security threat that can cripple a business, is typically spread through social engineering.
Many security solutions filter out phishing and malware attachments, but some inevitably slip through. Training employees to recognize social engineering in an email or phone call is a critical aspect of data protection. Training is especially critical for remote and home-based workers.
Data storage and disaster recovery costs
The average in-house cost of storing a petabyte of data is nearly $2 million over five years. That includes hardware, maintenance, staffing, etc. As companies accumulate more and more data, the cost of keeping it on-premises is becoming unaffordable. Yet no business can afford data loss.
Many organizations solve this problem by turning to cloud-based disaster recovery (DR) services. Cloud DR provides a reliable storage solution at an affordable monthly cost.
The challenge is to select the disaster recovery service that best fits an organization’s budget and recovery time requirements. The recovery point objective (RPO) and recovery time objective (RPO) are the two most important metrics in selecting a cloud provider.
Also read: 3 Recovery Objective Considerations for Your Disaster Recovery Plan
The RTO measures how quickly data is restored. An RTO might be an hour, a day, or just a few minutes, depending on the company’s business requirements.
RPO determines how fresh the recovered data will be. Companies in industries like e-commerce, financial services, or healthcare need to recover all of their data and restore services immediately.
Other industries might be able to lose more of their data or wait longer for full recovery in exchange for a lower cost.
Lack of expertise
Busy IT departments often lack the time or expertise to implement and manage data storage and recovery programs. Fernandez quoted from a survey on DR and data protection that found a lack of IT skills was the #1 data protection and DR challenge for organizations. Small businesses particularly lack knowledge of data storage and recovery techniques.
Learn how to overcome data protection challenges
Learn more about modernizing your data protection. Watch TierPoint and Zerto speak on data security and recovery at ActualTech’s spring summit below.
Disaster recovery services providers can assist with finding the right solution for businesses of all sizes. Providers offer:
- cloud assessments with a custom roadmap for the customer
- disaster recovery and business continuity planning
- deployment of disaster recovery solutions
- monitoring and management
- troubleshooting and tech support
- the ability for the client to subscribe to the level of service they specifically need
TierPoint’s recovery experts can provide you with expert guidance in planning, addressing RTP/RPO, implementation, monitoring, and management. Contact us today to learn more.