Here are up-to-date checklists and ideas from three data management vendors to compare against your own organizations’ possibly inadequate playbooks

With years of surging cyberattacks and clandestine state-sponsored espionage, social engineering and intelligence gathering campaigns wreaking chaos, businesses across the region are required to align their backup and recovery processes with any new regulatory standards mandating swift restoration of services in critical industries.

For instance, in Singapore, banks are expected to restore critical systems and services within four hours following an outage. This is difficult to achieve with legacy data storage solutions, which were never designed with fast recovery in mind. Even modern data backup and recovery solutions, if not well implemented and updated, may still fail to yield the appropriate outcomes in times of a cyber crisis.

With that in mind, one tried-and proven two-pronged approach to data protection is regularly creating immutable copies of data, and adopting robust infrastructure to rapidly restore backups at speed and scale, according to Pure Storage. The firm’s Vice President (Asia Pacific & Japan), Nathan Hall, reminds readers: Traditional tape or disk-based backups are optimized for backup, but not recovery. Instead he noted that “advanced flash-based storage solutions have failure rates two to five times less than disk-based solutions, can deliver recovery speeds of hundreds of terabytes per hour, and are able to restore ransomware-immune backups in a matter of minutes or hours at any scale.”

Hall also noted that, after any cyber incident, storage arrays are often locked down for investigation by cyber insurance or law enforcement agencies, so Storage-as-a-Service solutions and ransomware recovery service-level agreements are the latest ways to add cyber resilience when the original storage arrays are unavailable for any reason after a cyberattack.

AI-resilient data management in 2024

According to NetApp’s spokesperson, traditional perimeter defense and data backup strategies do not match up to today’s sophisticated attack modes. Therefore, modern cyber resilience strategies with a zero trust approach require organizations to be able to put up a comprehensive defense at the workload level. This enables swift and effective identification, protection, and recovery of critical workload data, minimizing costly disruptions.

Especially in 2024 — just a little more than a year into the democratization of generative AI (GenAI) — data has become even more sought-after and valuable by corporations and cybercriminals. Said the firm’s Solutions Engineering Lead (Greater China, ASEAN and South Korea), You Qinghong: “Data preservation can be achieved by implementing appropriate disaster recovery strategies, such as advanced tamper-proof backup capability that includes application-consistent backups of critical data wherever it resides, whether on-premises or in the Cloud. Enterprises need to treat data as a product with use cases, policies and life cycles. Only then can they realize the full potential value of their internal data. Likewise, organizations need to lay the necessary foundations of an intelligent data infrastructure that breaks down silos, fosters agility, and tailors optimization for AI applications, before they can enjoy the full potential of AI and Gen AI.”

No place for cyber complacency

After three years of ‘pandemic-monium’ and super-accelerated digital transformation in the region and beyond, it is now time for organizations big and small to take stock of all the mistakes and accepted compromises made for the sake of staying afloat during lockdowns and travel restrictions.

According to Wasabi Technologies, prioritizing digital advancement should not come at the expense of data security and loss. Said the firm’s VP and GM (Asia Pacific and Japan), Michael King: “Ensuring the availability and accessibility of data is not merely optional; it is an imperative to maintain compliance and competitiveness.”

King offered the following imperatives for IT leaders to bear in mind 24/7 and not just on any random year’s World Backup Day:

    • Zero trust approach to cloud storage: This approach requires rigorous authentication and authorization for all organisational members accessing sensitive data, encompassing strategies such as end-to-end encryption, multi-factor authentication, and immutable buckets to limit user access. This creates a robust defense mechanism safeguarding the information from alternations, deletions of encryption attempts orchestrated by malicious actors.
    • 3-2-1 and done: As simple as the 3-2-1 rule can be, transforming your data security strategy can be a huge undertaking. Instead, a backup strategy that is purpose-built for today’s digital climate should include immutability and speed of access adhering to the 3-2-1-1-0 rule: maintaining three copies of data on two different media, one off-site, one immutable copy, and zero for zero errors by making sure the air-gapped backups are fully functional. Replicating numerous copies of data is not conducive to efficiency; instead, businesses should adhere to an effective data management principle.
    • Beware of cloud egress costs: Most cloud providers often charge an egress fee for data moved from their cloud back to on premises, which is the case whenever a recovery occurs. Take this into consideration when choosing selecting cloud vendors based on their experience level and offering of cost-free access to data in crisis situations.

Let us heed the wisdom of Albert Einstein who remarked: “Intellectuals solve problems, geniuses prevent them.”

As we sit on the precipice of a decade of unpredictable GenAI quantum computing benefits and threats, let all leaders be the geniuses of our digital era: safeguarding data not just on designated days every year, but at every moment in and out of the workplace, ensuring data disaster resilience in the face of adversity being imposed by malicious cyber geniuses.