SecurityBrief Australia - Technology news for CISOs & cybersecurity decision-makers
Story image
Acronis: Lack of backup process within organisations causing data losses
Wed, 1st Apr 2020
FYI, this story is more than a year old

New research has revealed 42% of organisations across the world have experienced downtime as a result of a data loss event.

According to Acronis' 2020 World Cyber Protection Week Survey, the high number of incidents is likely caused by the fact that while nearly 90% are backing up the IT components they're responsible for protecting, only 41% back up daily – leaving many businesses with gaps in the valuable data available for recovery.

Acronis says the figures illustrate the new reality that traditional strategies and solutions to data protection are no longer able to keep up with the modern IT needs of individuals and organisations.

In response to this, Acronis has expanded World Backup Day – the annual holiday celebrated on March 31 as a reminder to back up data – to World Cyber Protection Week.

The annual survey, completed this year by nearly 3,000 people, gauges the protection habits of users around the globe. The findings revealed that while 91% of individuals back up data and devices, 68% still lose data as a result of accidental deletion, hardware or software failure, or an out-of-date backup.

Meanwhile, 85% of organisations aren't backing up multiple times per day, only 15% report they are. 26% back up daily, 28% back up weekly, 20% back up monthly, and 10% aren't backing up at all, which can mean days, weeks, or months of data lost with no possibility of complete recovery.

Of those professional users who don't back up, nearly 50% believe backups aren't necessary. A belief the survey contradicts: 42% of organisations reported data loss resulting in downtime this year and 41% report losing productivity or money due to data inaccessibility. Furthermore, only 17% of personal users and 20% of IT professionals follow best practices, employing hybrid backups on local media and in the cloud.

Acronis says these findings stress the importance of implementing a cyber protection strategy that includes backing up data multiple times a day and practicing the 3-2-1 backup rule: create three copies of your data (one primary copy and two backups), store copies in at least two types of storage media, and store one of these copies remotely or in the cloud.

“Individuals and organisations keep suffering from data loss and cyberattacks. Everything around us is rapidly becoming dependent on digital, and it is time for everyone to take cyber protection seriously,” explains Acronis chief cyber officer, Gaidar Magdanurov.

“Cyber protection in the digital world becomes the fifth basic human need, especially during this unprecedented time when many people must work remotely and use less secure home networks," he says.

"It is critical to proactively implement a cyber protection strategy that ensures the safety, accessibility, privacy, authenticity, and security of all data, applications, and systems – whether you're a home user, an IT professional, or an IT service provider.

Cyber Protection Changes the Game

Acronis says that with increasing cyberattacks, traditional backup is no longer sufficient to protect data, applications, and systems, relying on backup alone for true business continuity is too dangerous. Cybercriminals target backup software with ransomware and try to modify backup files, which magnifies the need for authenticity verification when restoring workloads.

"It makes sense, then, that the survey indicated a universally high level of concern about cyberthreats like ransomware," the organisations says.

The research found 88% of IT professionals reported concern over ransomware, 86% are concerned about cryptojacking, 87% are concerned about social engineering attacks like phishing, and 91% are concerned about data breaches. Among personal users, awareness and concern regarding all four of these threat types were nearly as high. In fact, compared to Acronis' 2019 survey their concern about cyberthreats rose by 33%.

The survey also revealed a lack of insight into data management, exposing a great need for cyber protection solutions with greater visibility and analytics. The findings indicate that 30% of personal users and 12% of IT professionals wouldn't know if their data was modified unexpectedly. 30% of personal users and 13% of IT professionals aren't sure if their anti-malware solution stops zero-day threats. Additionally, 9% of organisations reported that they didn't know if they experienced downtime as a result of data loss this year.

"To ensure complete protection, secure backups must be part of an organisation's comprehensive cyber protection approach, which includes ransomware protection, disaster recovery, cybersecurity, and management tools. This deeply integrated approach also addresses the Five Vectors of Cyber Protection, delivering safety, accessibility, privacy, authenticity, and security (SAPAS) for all data, applications, and systems," says Acronis.

World Cyber Protection Week Recommendations

"Whether you are concerned about personal files or your company's business continuity, Acronis has five simple recommendations to ensure fast, efficient, and secure protection of your workloads."

These include:

  • Always create backups of important data. Keep multiple copies of the backup both locally (so it's available for fast, frequent recoveries) and in the cloud (to guarantee you have everything if a fire, flood, or disaster hits your facilities).
  • Ensure your operating systems and applications are current. Relying on outdated OSes or apps means they lack the bug fixes and security patches that help block cybercriminals from gaining access to your systems.
  • Beware suspicious email, links, and attachments. Most virus and ransomware infections are the result of social engineering techniques that trick unsuspecting individuals into opening infected email attachments or clicking on links to websites that host malware.
  • Install anti-virus, anti-malware, and anti-ransomware software while enabling automatic updates so your system is protected against malware, with the best software also able to protect against zero-day threats.
  • Consider deploying an integrated cyber protection solution that combines backup, anti-ransomware, anti-virus, vulnerability assessment and patch management in a single solution. An integrated solution increases ease of use, efficiency and reliability of protection.