Part IV: It’s Time To Rethink Your Risk Mitigation Strategy

Are You Ready To Recover, Or Do You Just Think It?

This is the fourth blog in a five-part series on risk mitigation and how Commvault can help. Read the third one.

As we have talked about in previous blogs, it’s no secret your data is under constant threat. Because of this fact, you have done everything humanly possible to try to protect it. You have secured and hardened your environment, and you have set up multiple dimensions of monitoring and alerting as an early warning system for potential threats. So that’s enough, right? Well, let’s consider a few figures regarding the expanding nature of these malicious threats.

• Damage related to cybercrime is projected to hit $6 trillion annually by 2021
• The average ransomware attack costs a company $5 million
• It takes organizations an average of 191 days to identify data breaches

It’s clear the number of threats is increasing, the frequency at which they are occurring is accelerating, as are the levels of sophistication. A “good enough” view of prevention is not enough. It’s time to plan for a disaster, regardless of the type, as if it is nearly certain to happen. So back to the question in the title, “Are you ready to recover, or do you just think it?”    

That brings us to our third critical component of a successful risk mitigation strategy – recovery readiness. In my conversations with our customers and prospects, many of them “felt” they were prepared for a recovery event, but really had no way to ensure that they were. Let’s put ourselves into a common situation: your boss comes into your office and asks whether you are ready for the DR test this weekend. Your response might be “yes!” But how confident are you? 

Now, a similar situation with a twist: suppose your boss comes into your office and tells you that your organization was hit with the latest ransomware variant and that you needed to recover many of your organization’s critical systems, like right now! Are you ready? Are you sure? No doubt this situation would immediately raise anyone’s stress level to infinite levels. These scenarios are precisely why recovery readiness is so crucial. Readiness is more than just thinking you can recover data. It’s knowing that you have the proper data to recover, and knowing that you’ll be able to recover data according to the SLAs defined by your organization, regardless of whether it’s a one-off request or a critical situation that requires recoveries en masse.

In a recent IDC survey, our customers reported that despite data growth in the 40 percent YoY range, they were able to maintain their SLAs, or improve upon them more than 85 percent of the time. This was across entire environments – on-premises, cloud, applications, virtual machines, etc. How were they able to do this? Well, Commvault has made it easier by automating many of these SLA assignments with machine learning (ML) and artificial intelligence (AI). By using “smart operations,” Commvault can automatically load balance and reorder backup jobs to ensure that your SLAs are being maintained. We like to call this “self-driving backup.”

Remember, readiness is more than just feeling you are ready to recover; it’s also being able to prove it. The Commvault Command Center™ offers customers a recovery readiness dashboard with a simple view of how compliant you are with your SLAs, and where you may need to give your attention. Highlighting your SLA exceptions makes it easy to quickly address any issues that may be impacting your ability to recover data. 

Readiness means recovery anywhere you need it, whenever you need, so we make it easy to automate and test recoveries of your data to the cloud DR sites – or even on-premise locations – to verify your RPOs and your RTOs can be met. It’s another valuable capability built into our complete backup and recovery solution that raises your confidence in being able to recover whatever you want, whenever you want, to wherever it is needed.      

With these innovations, Commvault is helping our customers achieve peace of mind that they didn’t, and simply couldn’t, have with their previous data protection solutions. When Commvault customers are asked whether they are ready for a recovery situation, not only is the answer a confident “yes!” but it’s quickly followed with, “Where are we recovering to this time?”  … Oh, and they can also prove it!

Next in our series, we will be discussing compliance and governance relative to data management. You don’t need to look that hard to find another company in the headlines that is being fined because of a data breach, or its inability to report whether data that it manage has been compromised. We’ll consider why governance and compliance need attention in any proper risk mitigation strategy.