Using 10 disparate data protection solutions cannot boost data safety by 10x, but cyber-risks will be boosted a lot more: survey.
To keep your corporate data protected, investing more on backup and disaster recovery solutions is good, right?
Not according to an annual survey commissioned by data protection specialist Acronis.
While 2020 saw companies purchase new systems to enable and secure remote workers, data in the report is showing that those investments may not be not paying off. The global survey discovered that many organizations now run as many as 10 solutions simultaneously for their data protection and cybersecurity needs, others run more than 10 solutions: yet, more than half of those organizations still suffered unexpected downtime last year because of data loss.
Less is more, if done right
The survey involved online polls of 4,400 IT users and professionals in IT/Telecommunications,
Healthcare, Business services (Financial, Legal, etc.) and Manufacturing across 22 countries: US, Canada, Mexico, Brazil, Australia, India, South Korea, Singapore, Japan, Germany, Switzerland, UK, Belgium, Netherlands, Sweden, France, Italy, Spain, Bulgaria, Saudi Arabia, UAE, and South Africa. Within each country, 50% of respondents were IT professionals at organizations ranging in size from small- to medium- sized enterprises to enterprises in both the public and private sectors. The other 50% were independent IT users.
The report reiterates that it is a myth that simply adding more solutions will solve cybersecurity and data protection challenges. Not only does investing in more solutions not deliver more protection, in many cases trying to manage protection across multiple solutions creates greater complexity and less visibility for the IT team, which increases risk.
Acronis’ Founder and CEO Serguei Beloussov said: “This year’s Cyber Protection Week survey clearly illustrates using separate tools to address individual types of exposure is complicated, inefficient, and costly. These findings confirm our belief that the smarter approach is cyber protection, which unifies data protection, cybersecurity, and endpoint management.”
Bridging the knowledge gap
The following observations from the survey data showed that, among the respondents, there was a significant gap in awareness among users and IT pros of what IT and cybersecurity capabilities were available to them, which can cause them to lose valuable time, money, and security:
- Among the respondents: 63% of IT users and 16% of IT professionals would not know if their data had been modified without their knowledge because their solution did not make it easy to discern that kind of tampering
- 43% of IT users in the survey did not know if their anti-malware stopped zero-day threats, because their solution did not make that information easily available. About 32% claimed to actually have the feature.
- 13% of IT pros in the survey did not know their organization was subject to data privacy regulations. If those responsible for ensuring data privacy did not know they are culpable, they cannot implement strategies or evaluate the solutions needed to address the requirements.
The firm noted that organizations using multiple cybersecurity and backup solutions may have even less transparency into such information. Not only must they remember which solution provides a particular data point, they are constantly switching between consoles to find the details they need—leading to inefficiencies and missed insights.
Lax approach to protection
The survey revealed data indicating that a lax approach to data protection among respondents who were IT users:
- Some spent more time on their devices in 2020, yet only half took extra steps to protect those devices
- Some admitted to not updating their devices until at least a week after being notified of a patch, or even longer
- Some reported performing backups (5% back up daily), yet around 69% had irretrievably lost data at least once, suggesting that they did not know how to back up or recover properly
Based on the survey, the firm has concluded that the efforts of individuals to protect their data are not keeping pace with cyberthreats—likely due to false assumptions (such as believing Microsoft 365 backs up their data) or over-reliance on automatic solutions.