Story blogs

Data Resilience: A Hypothetical Story

Read the article

Anshuman Rai, AVP, Commvault

By Anshuman Rai, Regional Vice President, India and South Asia, Commvault

The last two years have seen a rapid digitization of businesses across all verticals as companies have enabled remote working and moved to cloud-based platforms. In all likelihood, the disruption caused by the pandemic has served as a catalyst for permanent change in business and technology.

While this ongoing digitalization has indisputable benefits, the transformation has also exposed businesses to new and unprecedented levels of risk, especially when it comes to critical data.

The importance of data in today’s business landscape cannot be overstated. According to a survey by Cloudera and Vanson Bourne released in December 2021, Indian organizations that had mature data strategies for at least 12 months, on average, showed 8% higher earnings growth. It also found that Indian businesses were losing $52,939 a year due to missed opportunities due to poor data management.

So now is the time for progressive enterprise technology leaders to responsibly manage data in new work environments, with effective strategies, appropriate policies, and cutting-edge technologies for information governance and resilience to truly empower the workforce.

With remote working, the availability of corporate data on endpoints, the use of collaboration tools for team interactions, and the lack of physical monitoring of critical IT infrastructure, the attack surface of businesses has multiplied by several. In such a scenario, organizations need to protect their critical data. To achieve this, an effective data protection strategy must be built on solid business foundations. Here are three key attributes enterprise technology leaders will need to build it and avoid a “what if” scenario.

  1. Become aware of the risks

Organizations that do not have a “risk-aware” culture, more often than not, become prone to accidental risks that can compromise data privacy and security.

For example, procurement services purchase IoT devices (from thermostats to security cameras) and commodities such as USB memory sticks, without imposing security requirements such as encryption, which can lead to serious data breach.

On the contrary, an organization with a “risk-aware” culture ensures that security requirements are integrated into the processes of all departments and are applied to all purchasing decisions, from simple products to important solutions such as ransomware detection and data management in the cloud.

Going forward, IT managers will need to create a “risk-aware” culture.

  1. Increase flexibility to respond effectively

Combined with risk awareness, flexibility emerges as a powerful source of competitive advantage. Companies leverage their size to ensure market dominance, but without flexibility they can quickly give up their leadership position.

In times of major disruption, risk-aware and flexible businesses can conquer entire markets if they are crisis-prepared and cyber-ready.

According to the GDPR law, technical and organizational measures must provide “the ability to ensure the ongoing confidentiality, integrity, availability and resilience of processing systems and services; the possibility of restoring the availability and access to personal data in time in the event of a physical or technical incident; and a process for regularly testing, evaluating and evaluating the effectiveness of the technical and organizational measures to ensure the security of the processing.

Although the GDPR is a European law, its scope extends to countries outside of EU jurisdiction. Indian companies that offer goods or services in the EU, process personal data transferred from the EU, or profile the personal data of EU residents, must comply with the GDPR.

In this context, effective backups designed to maintain business continuity and recovery systems are not only “good to have”, but are legal obligations for businesses. Having effective safeguards and regularly evaluating, testing and evaluating cybersecurity processes is imperative for every business.

  1. Establish trust

The number of ransomware incidents in India continues to rise. According to a December 2021 report by CrowdStrike and Vanson Bourne, nearly half (49%) of all organizations in India have experienced multiple ransomware attacks, while 76% have been affected by at least one ransomware attack in the past of the last 12 months. According to the report, this is more than any other country.

Today, trust is essential for a brand. Although it can take some time to undermine people’s trust in trusted brands, reputational damage, resulting from a cyberattack, is felt immediately. Ransomware causes reputational damage that has far-reaching consequences for any brand.

To counter ransomware, IT managers should immediately conduct an expert investigation, as soon as a breach is detected, to determine the extent and nature of the incident. The results can be used not only to close the breach, but also to build a brand defense plan.

Protect, manage and leverage data in the post-pandemic world

Businesses today must not only protect data, but also transform business by turning managed data into an asset. Businesses need to effectively sift through piles of data and identify valuable datasets that can be turned into assets.

Therefore, how smartly companies protect, manage and operate their most critical asset – their data, today, will decide who will, figuratively, “keep the lights on” and thrive in a post-pandemic world.

IT decision makers can address all of these priorities with data backups leveraging state-of-the-art Data Protection as a Service (DPaaS). These solutions should be highly scalable, with available services ranging from 1 TB of storage to 10,000 (or more), and deployable in minutes, allowing businesses to immediately begin protecting their environment with backups and encryption at rest or in flight.

CIOs should consider solutions incorporating anomaly detection, as this would provide technology leaders with real-time monitoring of their environment, enabling instant response to unusual behavior. Industry-leading DPaaS solutions also provide robust data isolation, providing CIOs with that “air space” necessary for modern backup best practices and risk mitigation.

Progress is about meeting new challenges. And the answer to overcoming risks lies in anticipation and constant innovation. With the pandemic redefining preparedness across industries, organizations need to rethink and readjust their data management policies to bounce back in an ever-changing threat landscape. It’s time for enterprise technology leaders to plan, prepare, and take an inside-out approach to security to strengthen their core capabilities, find new opportunities, and build an agile, intelligent, data-driven organization.

If you have an interesting article / experience / case study to share, please contact us at [email protected]