How Can a Layered Protection Approach Ensure Data Resiliency?

We’ve established that cyberthreats are more frequent and sophisticated, making the ability to prevent, respond to and recover from an attack critical for organizations. The simple act of nightly backups might not be sufficient to protect your data, which is where a layered protection approach comes in.  

Whether monitoring threats, controlling data access or rapidly recovering data, data resiliency tools are crucial to contain breaches, limit exposure windows and drive business continuity. A layered approach to data protection is highly recommended.

Layered data protection is the practice of implementing multiple data management and cybersecurity tools and measures to protect against a wide range of threats. Each layer has a specific function and collectively these layers work in unison to build multifaceted business environment protection.  

The key elements of a layered protection approach that supports greater data resiliency are outlined in the following sections.

Security and IT operations teams need a cohesive way to identify and classify business data, including its age and usefulness. These teams typically spend tedious hours manually searching for files and folders, usually based on limited data analysis, and can make potentially monumental decisions without a clear understanding of data and how or where it’s stored. Rising levels of access to data from third-party applications and minimal monitoring are contributing factors to the rise in cyberattacks.

Risk analysis provides organizations with a better way to secure and defend data infrastructures (also called “estates”) by making it easy to systematically identify and categorize sensitive data and empower a proactive defence against data breaches. Risk analysis platforms examine both backup and live data to help organizations make informed decisions on how to mitigate risks and the potential effects of data breaches.

Risk analysis solutions should provide the ability to:

• Safeguard and manage sensitive data and ensure compliance
• Respond to security events faster – before data encryption, leakage or exfiltration occurs
• Identify and remove redundant, obsolete or trivial data to reduce costs

As they say, an ounce of prevention is worth a pound of cure; the more time and resources you spend preparing for a cyberattack, the less time and money would be spent responding to it. As part of a cybersecurity framework centred around “Prepare, Defend, Respond,” a modern approach sees a shift to proactive data protection and the application of security capabilities to minimize damage, reduce risk and downtime across an entire data estate, including on-premises, cloud and SaaS environments.

Traditional data protection solutions also play a pivotal role in post-attack recovery, but the approach is reactionary, narrowly focused and often unable to keep pace with evolving threats and motives. As cyber risks evolve, data estates grow and IT resources shrink, organizations need a proactive way of identifying risks and defending data sooner. Data protection systems can’t sit idle in the background, bracing for impact. More advanced data protection is needed to meet threats head-on, insulate data and its exposure, and pick up where conventional security tools leave off.

With the increasing importance of data in business operations, workloads are more complex and distributed. Old ways of backup and recovery are simply insufficient, even for smaller organizations, and traditional tools cannot keep up with the fast-paced changes in data centre environments. A proactive data protection solution that can adapt to new workload types and scale to handle ever-increasing data growth is needed.

A proactive data protection solution should provide:

• Comprehensive coverage for file systems, applications, databases, virtual machines, containers, SaaS applications (including Microsoft 365 and Salesforce) and endpoints
• Cost-optimized cloud data mobility with support for leading cloud platforms
• Verifiable recovery of data, applications and replicas
• Easy-to-use disaster recovery orchestration with automated compliance reporting, on-demand testing and one-click recovery
• Flexible replication, from periodic replication to sub-minute recovery point objectives (RPOs are the maximum acceptable intervals during which transactional data is lost from an IT service) and near-zero recovery time objectives (RTOs are a targeted time duration and service level within which a business process must be restored after a disruption to avoid a break in business continuity)
• Resilient ransomware protection with integrated scanning and alerts

Security and IT operations teams often lack insight into malware and ransomware attacks at the early stages of data backup. They may not have the tools needed to analyze file changes over time and are not likely to be alerted to or aware of when encryption efforts fail and files become corrupted.

Failure to identify infected files and prevent their dissemination grants threat actors greater access to and time in data and computing environments. This encourages more pervasive ransomware attacks, which inflict greater damage to systems and a business’ reputation, and results in longer recovery times due to larger volumes of affected data sets and difficulty in determining which files are safe to recover.

Threat scanning provides secure and quick data recovery by identifying last known clean copies and avoiding potential reinfection by accidentally restoring malicious files. Threat scanning examines backup content files and network-share file system backups for malware infection and quickly denotes what backup data has become corrupted, encrypted or heavily changed, providing an early warning when attacks occur.

As the number and types of workloads that use data, such as cloud, virtual machines, containers, applications, databases and endpoints increase, so does the complexity of protecting and managing it. With data taking centre stage for businesses as a vital resource, easily and efficiently protecting and recovering it becomes critical during a cyberattack or disaster. Traditional disaster recovery solutions might include expensive hardware or patchworks of incomplete point solutions that often leave protection and recovery gaps. That's why a more modern approach is needed.

Auto-recovery solutions are a modern and comprehensive approach, where a single platform manages, protects and securely recovers all applications across an entire data estate. Auto recovery provides simplified, flexible and scalable cyber recovery as well as automation, replication and cost-optimized cloud data mobility.

Auto recovery should:

• Secure cyberthreat recovery across an entire data landscape
• Provide recovery readiness in the event of a ransomware incident
• Reduce recovery time with sub-minute RPOs and near-zero RTOs
• Facilitate cost-effective cloud data mobility

Commvault offers data protection and resiliency solutions that deliver proactive and innovative protection and security capabilities to minimize damage, reduce risk and eliminate downtime – uniformly across an entire data estate. Commvault’s multilayered data protection technologies intelligently secure data by rapidly revealing risk, minimizing cyberthreats, continuously controlling data and its access, and driving informed recovery outcomes.

Commvault also provides Data Protection as a Service, bringing easy-to-manage, SaaS-delivered data protection through the cloud.

In Q4 2022, Forrester named Commvault a Leader in The Forrester Wave Data Resilience Solution Suites and Gartner named Commvault a Leader in its 2023 Gartner Magic Quadrant for Enterprise Backup and Recovery Solutions.

NetApp solutions help customers build, protect and govern their hybrid multicloud data estate from a single unified control plane.

NetApp® BlueXP™ approaches cyber resilience from the inside out, delivering zero-trust capabilities that protect both data and infrastructure.  BlueXP offers customers a unified control plane for managing storage and data assets across on-premises and cloud environments.

Through BlueXP, volumes can be easily managed, configuration changes can be made and each storage environment’s native control interface can be easily accessed. A mobility function allows data to be moved where it’s needed through a simple drag-and-drop. Other functions include backup and recovery, replication and a ransomware protection feature that recommends to administrators where data should be moved to secure it from potential cyberthreats.

NetApp also offers SnapLock, a high-performance compliance solution for organizations that retain files for regulatory and governance purposes. SnapLock helps protect the veracity of data and can also detect and notify you about ransomware encryption events in real time to help mitigate their impact.