Set Recovery Objectives for Cloud Data
In addition to having visibility of what data they have, as well as automated processes to protect new data when it is created, companies need to understand the business value of their data so they can set appropriate service levels for its recovery. In their simplest form these services levels might be set at Gold, Silver, Bronze, etc. Each level will have a different collection of recovery and retention polices depending the data’s value to the business and whether any government or industry regulations have an impact on the data’s retention or introduce other considerations for its protection.
It might seem to make sense to apply a “Gold Standard” to all data, but, especially with data volumes and types growing rapidly, this can quickly lead to an enterprise’s data protection costs skyrocketing. Enterprises need to take a hard look at their cloud data, and use a cost/benefit analysis to determine how long they need to retain it and how quickly they need to recover it – or whether this data should be kept at all. By applying these considerations, enterprises can lower the amount of resources they invest in backing up data, and ensure they have all the resources they need to set necessary Recovery Point Objectives (RPO) and Recovery Time Objectives (RTO) for their cloud data “Crown Jewels,” whose loss would cause their enterprise significant disruption.
Test Plans to Recovery Cloud Data
Of course, to avoid disruption from a zero-data attack or other significant outage on their cloud service provider, enterprises need somewhere to recover their cloud data to. There are many different choices available for backing up and recovering cloud data, ranging from purchasing additional backup and recovery services from their existing cloud provider, to backing up cloud data from one cloud to another, to backing up some cloud data on-premises. More often than not a combination of some or all these alternatives works best, including backup to a different geographic or cloud zone. However, using a patchwork approach means it is difficult to set common policies, and can introduce its own new risks and expenses. For this reason, implementing a strategy that is truly multi-cloud and can cover all eventualities pays dividends.
What is true for every enterprise is that they need to test whatever recovery processes they choose if they really want to make sure they will work when a zero-day attack happens. As the old saying goes, “there's many a slip 'twixt the cup and the lip.” Only by testing these processes – both when they are first deployed and regularly afterward – can an enterprise be confident that when a zero-day exploit or other disaster occurs, the RTOs and RPOs they have set for their cloud data will be achieved. Manual testing is tedious, which is why many organizations are using “self-driving backup” that allow they to automate this testing, helping ensure it gets done properly on a regular basis without eating too much into their staff’s other work.
By definition, enterprises can’t plan for a “Black Swan” event, where a string of incidents (malicious, human error, natural disaster or otherwise) take them well beyond what their plans were designed to cope with. In testing, enterprises need to know their limits. At the same time, failing to plan and test well enough can make something that is recoverable look like a Black Swan event from the enterprise’s perspective.
Having tested and evaluated these scenarios, enterprises might determine that for their critical cloud data a “belt-and-suspenders” approach makes sense, with data backed up on alternative cloud providers as well as on-premises at multiple sites. In any case, testing will help ensure that they have a recoverable copy of valuable cloud data somewhere and that the plan they have to recover it from a zero-day attack actually works in the “real-world.”
Be More Than Ready When Zero-Day Comes
Can major cloud providers, assisted by government agencies, continue to stay one step ahead of rogue states and international cybercriminals intent on using zero-day vulnerabilities to bring these cloud providers’ services to their knees? Perhaps. Yet, as enterprises expand their hybrid and “cloud-only” strategies, the amount and value of the data that a successful zero-day attack would put at risk is growing rapidly. Given cloud services’ cybersecurity resources and high availability, it is not surprising that many enterprises continue to just hope that no such attack ever succeeds. But hope is not a strategy.
This is why enterprises who value their cloud data need to ensure their risk mitigation strategy provides them with an understanding of what cloud data they have, sets appropriate RTOs, RPOs and other recovery objectives for this data, and tests the processes they have put in place to realize these objectives. Unlike those who depend on hope, such enterprises will be ready if (or when) a zero-day vulnerability attack on major cloud providers does succeed.