By Anshuman Rai, Area Vice President, India and South Asia, Commvault
The past two years have witnessed rapid digitalization of businesses across verticals as companies enabled remote working and transitioned to cloud-based platforms. In all probability, the disruption brought about by the pandemic has served as a catalyst for permanent business and technology change.
While there are compelling benefits accruing from this permanent digitalization, the transformation has also exposed enterprises to new and unprecedented levels of risk, especially with respect to critical data.
The importance of data in today’s business landscape cannot be overestimated. According to a survey by Cloudera and Vanson Bourne released in December 2021, Indian organizations that had mature data strategies for at least 12 months, on average, showed higher profit growth of eight per cent. It also found that Indian companies lost $52,939 annually on account of missed opportunities due to poor handling of data.
This is, therefore, the time for progressive business-technology leaders to responsibly manage data in new work environments, with effective strategies, right policies, and cutting-edge technologies for information governance and resiliency to truly empower the workforce.
With remote work, availability of enterprise data on endpoint devices, use of collaboration tools for team interactions, and lack of physical oversight of critical IT infrastructure, the attack surface of enterprises has increased several folds. In such a scenario, organizations need to protect their critical data. To achieve this, an effective data protection strategy must be built on solid business foundations. Here are three top attributes that enterprise technology leaders will need to build it, and prevent a ‘what if’ scenario.
- Becoming Risk Aware
Enterprises that lack a ‘risk aware’ culture, more often than not, become prone to accidental risks that can compromise privacy and data security.
For instance, procurement departments purchase IoT devices (from thermostats to security cameras) and basic products such as USB memory keys, without mandating security requirements like encryption, which can lead to a serious data breach.
On the contrary, an organization with a ‘risk aware’ culture ensures security requirements are embedded into processes across departments, and are applied to all procurement decisions — from simple products to significant solutions such as ransomware detection and cloud data management.
Going forward, IT leaders will have to build a ‘risk aware’ culture.
- Building Flexibility to Respond Effectively
In conjunction with risk awareness, flexibility comes across as a powerful source of competitive advantage. Enterprises leverage their scale to ensure market dominance but in the absence of flexibility, they can quickly relinquish their leadership position.
During times of major disruptions, risk aware and flexible companies can capture entire markets if they are crisis-prepared and cyber-ready.
According to the GDPR law, technical and organizational measures need to provide “the ability to ensure the ongoing confidentiality, integrity, availability and resilience of processing systems and services; the ability to restore the availability and access to personal data on time in the event of a physical or technical incident; and a process for regularly testing, assessing and evaluating the effectiveness of technical and organizational measures for ensuring the security of the processing.”
While GDPR is a European Law, its scope extends to countries that may not be within the jurisdiction of the EU. Those Indian companies that offer any goods or services in the EU, are processing any personal data transferred from the EU, or are profiling the personal data of the EU residents, have to comply with GDPR.
Against this backdrop, effective backups designed to maintain business continuity and recovery systems are not just ‘good to have’ but are legal obligations for enterprises. Having effective backups and regularly assessing, testing, and evaluating cyber security processes is imperative for every enterprise.
- Establishing Trust
The number of ransomware incidents in India continues to rise. According to a report released in December 2021 by CrowdStrike and Vanson Bourne, almost half (49 per cent) of all organizations in India suffered multiple ransomware attacks, while 76 per cent were hit by at least one ransomware attack in the past 12 months. As per the report, this is more than any other country.
Today, trust is everything for a brand. While it may take a while to shake people’s belief in trusted brands, reputational damage, arising out of a cyber-attack, takes a toll immediately. Ransomware causes reputational damage that has far reaching consequences for any brand.
To counter ransomware, IT leaders need to immediately conduct expert forensics, as soon as a breach is detected, to determine the scope and nature of the incident. The findings can be used to not only plug the breach but also come up with a brand defense plan.
Protect, Manage, Leverage Data in the Post Pandemic World
Enterprises today need to not just protect data, but also transform businesses by turning managed data into an asset. Companies need to efficiently sift through heaps of data and identify the valuable datasets that can be turned into assets.
Therefore, how smartly enterprises protect, manage, and leverage their most critical asset — their data, today, will decide who is going to, figuratively speaking, ‘keep the lights on’, and thrive in a post-pandemic world.
IT decision makers can meet all these priorities with data backups by leveraging a state-of-the-art Data-Protection-as-a-Service (DPaaS) solution. These solutions must be highly scalable, with services available from 1TB storage to 10,000 (or more), and deployable within minutes, allowing enterprises to immediately begin protecting their environment with backups and at-rest or in-flight encryption.
CIOs should look at solutions that have built-in anomaly detection as that would provide technology leaders with real-time monitoring of their environment, allowing for instant response to unusual behavior. Cutting edge DPaaS solutions also provide robust data isolation, giving CIOs that “air gap” that is necessary for modern backup best practice and risk mitigation.
Progress is all about taking on new challenges. And the answer to overcoming risks lies in anticipating and innovating consistently. With the pandemic redefining preparedness across all industries, businesses must rethink and readjust their data management policies to bounce forward in an ever-evolving threat landscape. It’s time for enterprise technology leaders to plan, prepare and adopt an inside-out security approach to restrengthen their core capabilities, find new opportunities and build an agile and intelligent data driven organization.