Identify, Protect, Monitor, Respond, and Recover

By Mike Letschin

In today’s geopolitical climate, having your data is just part of the battle.

You need to be prepared for anything that could happen: it’s not if, but when. Currently ransomware attacks are happening every 11 seconds1 throughout the world. With that, it means that you need to have not only your data ready and available, but in the event of a disaster, you must be able to rapidly recover. At Commvault, we believe a multi-layered framework is the way to get you prepared and ready for anything your data is facing.

Identify:

First, you must identify all the sources of data that you may need to back up. It can come from all sorts of places—from file servers to data centers, that’s just the basics. You might have emails in O365, or Salesforce, or even things like SaaS apps. You have to identify the data and know what you’re working with to know what you’re working with, and the things that are critical for you to run your business.

Protect:

Protecting your data should be something you are very used to. You likely have some sort of backup, just doing standard backups and standard procedures. The problem is, standard backups and procedures just don’t cut it anymore. Whether you’re looking at on-prem or cloud usage, native tools simply aren’t enough. To enhance your data protection, you must have at least one more copy to back up from, preferably at a secondary site. By having a secondary copy at another site, you have replication and rapid recovery. This is a good solution for recovering data in the event of a disaster site. But what if you have a cyber attack and both sites are impacted? To enhance your protection and holistically defend your data from local and cyber attacks, having a third copy of your data in a cloud solution (like Metallic Cloud Storage Services) is the best option. Particularly by air gapping the solution to take it offline for standard access, you know you have a good, protected copy of your data. This 3, 2, 1 strategy is the key to solid data protection: three copies, two different locations (minimum), and one of them in an air gap.

Monitor:

How do you monitor your data to make sure it is secure? First, you need simplicity to ensure you’re not only able to see all of your data and understand what’s happening, but see it all in one place. The Commvault Command Center is an ideal solution: it manages all your backups at all locations, keeping your notice of what’s going on. Plus, it utilizes things like honeypots and AI ML capabilities to make sure that we know what’s going on to your data. Even better is the Security Dashboard, which allows you to see what is going on across your data and across your environment from a single space. This gives your insight into the pieces that you’re protecting, and gives you the ability to do active monitoring on your data. You can even tell if things have changed on both live and backup data, which is a key differentiator when looking at the Commvault solution.

Respond:

Once you have protection and monitoring down,  it’s time to test your response. You need to be able to respond rapidly if something happens to your data. With Commvault, you can use our API-driven architecture to have recovery tests scripted, to test backups. The world isn’t perfect, and as backup professionals, we know that things can fail. Testing your recovery is essential to your response.

Recover:

The goal is rapid recovery, being able to go into your system and quickly get your data back—this can keep you up and running in any environment. No matter what industry you’re in, you need to be able to come back quickly and maintain your system. So, remember when you’re looking at how to rapidly recover and protect your data, that you need to look at identifying, protecting, monitoring, responding, and rapidly recovering.

You can do all that with Commvault: to learn more, visit https://www.commvault.com/ransomware

References

1. https://infimasec.com/blog/11-seconds/