Backup & Data Protection, the Last Line of Defense

Most organizations don’t consider backup & recovery as part of their IT security posture, however, if you read the many articles and white papers on how to protect against cyber-attacks backup will always appear as the last line of defense. We usually refer to backup & recovery as “data protection” which is more suitable from an IT security standpoint.

Organizations spend money each year investing in new IT security products to protect their networks, and they should!  The internet should always be characterized as a very bad neighborhood and necessary precautions should be taken.  As new security products are continually updated and introduced so too are new threats, vulnerabilities and exploits.  According to the latest Symantec Intelligence Report there were 349 new vulnerabilities, 10 zero-day, and 38.5 million pieces of malware created in the month of August 2015 alone.

While information security products and services are a must for every organization they cannot prevent against all threats. In fact, most organizations have a security posture much like that of an “egg”, strong on the outside, but soft on the inside. Threats such as spear phishing, zero-day attacks, ransomware/malware and human error are almost impossible to prevent.

If in fact an attack is successful, your last line of defense is a good backup! This is where backup & data protection come into your security posture. By incorporating versioning, file/image, system-state backups, and recovery drills into your security posture your business is much more likely to survive an attack. Image-based fail-back and virtual disaster recovery solutions can get an organization back up and running within minutes not hours or days like traditional tape backup solutions.

Including backup & data protection as a preventive security measure can vastly improve an organization’s overall security posture and ability to continue business as usual with the least amount of data loss.