Millions of backups are happening throughout the world on a daily basis.
But are all of them accurate? Did IT backup all files and systems that were supposed to be backed up? Is there any corruption amongst any of the files backed up?
Such matters are the subject of backup compliance. And with good reason. Many have experienced a disaster or cyberattack and looked to their backups for respite from the incident. Yet, when the chips were down, their backups were either incomplete or unusable.
Here are some of the top trends in the backup compliance market:
1. Raised importance of compliance in backup procurement
There are a lot of different factors to be considered when purchasing backup products and services.
Gartner analyst Michael Hoeck recommends investment in backup solutions that address data protection requirements in the data center, public cloud, and edge environments, as well as providing a single pane of glass to manage distributed environments.
In addition, he flags built-in ransomware anomaly and malware detection, as well as expedited recovery capabilities and compliance.
“Select vendors that are able to augment the value of backup data by making it available to address compliance requirements, support analytics, reuse backup data for test/development and provide add-on capabilities such as DR,” said Hoeck.
2. SaaS backup
SaaS deployments are increasing sharply. As such, the data exists in the cloud, not on-prem. And that leads to a host of issues.
These include who really owns the data, who must secure it, and a multitude of privacy issues.
Backup becomes even more critical if the data is hosted elsewhere. One outage can cause havoc.
For example, over 20,000 Atlassian users were recently impacted by an outage. It left their data inaccessible for 14 days while the company worked to fully recover user data. Atlassian now recommends users have separate backup and data recovery solutions for its Confluence systems. Backups for Confluence is an automated backup and on-demand data recovery tool empowering Confluence users to recover their data instantly.
“Backups for Confluence joins our growing portfolio of backup and recovery tools, including GitHub and Jira, ensuring development teams maintain productivity,” said Mike Potter, CEO of Rewind.
3. Data security
Data security is a big issue right now on several fronts. Ransomware, for example, has been found inside backups and has thwarted attempts to recover enterprise data.
Once the recovery is done and systems are up and running, the ransomware takes hold once again and locks everything down.
“The key trends that affect data security affect backup security, too,” said Vishwas Mantral, chief architect at Skyhigh Security.
“Managing and monitoring cloud identities, entitlements and access to the data backups is critical for security of the backups. Creating models of behavior of access to identify anomalies and enforcing the principles of least privilege for such access is now a growing need and a key trend in the business continuity and disaster recovery industry.”
4. Kubernetes protection
Research from Veritas Technologies reveals that the majority of organizations (89%) are concerned about the threat of ransomware attacks on Kubernetes environments.
Part of the problem is that a Kubernetes adoption is often taken out of the hands of IT leadership – and is being spread across multiple stakeholders.
Respondents to a Veritas survey voiced challenges in protecting Kubernetes environments in silos, as this can lead to an increased likelihood of data being missed from protection sets (42%), more complex and lengthy data restoration processes (44%), and increased time pressure managing multiple solutions (40%).
“When other stakeholders force the hand of the CIO, it can often mean that supporting practices and technologies, such as security and data protection, aren’t yet in place,” said Sonya Duffin, ransomware and data protection expert at Veritas Technologies.
This has become a hot area for backup compliance. It is becoming increasingly difficult to verify that all data related to Kubernetes deployments has been backed up correctly.
Thus, those engaged in compliance should pay extra attention where Kubernetes is in play.
5. Prolonged retention
A significant trend in backup compliance is prolonged backup retention.
Since most companies don’t have a consistent and reliable archive strategy, they count on the backup process to meet the increasing need for data retention.
Most back software vendors have improved their metadata handling to handle years and even decades of data retention, but they need appropriate backup storage targets to support that data, said George Crump, CMO for StorOne.
How should backup storage targets be improved to address the new challenge of long-term data retention?
“A small flash tier is required to host these extensive metadata indexes and support significantly more frequent backups and instant recoveries,” said Crump.
“These new realities make all-flash impractical; high-density 20 TB hard drives are available now, which reduces the data center footprint and lowers cost.”
Flexibility is also crucial, Crump said. Users need the solution to last for more than a decade. They need to mix in drives of different capacities into the same volume so that as new drive densities come to market, customers can quickly adopt them, prolonging the life of the storage solution.