Powered by MOMENTUM MEDIA
cyber daily logo
Breaking news and updates daily. Subscribe to our Newsletter

Op-Ed: Australia needs greater immutability to protect data on World Backup Day

Today (31 March) is World Backup Day, which encourages people to be prepared against data loss and data theft by backing up their data.

user iconJames Wright
Fri, 31 Mar 2023
Op-ed: Australia needs greater immutability to protect data on World Backup Day
expand image

It’s unlikely to ever hold the same weight as some of the other big-ticket events that dominate the calendar. But really, it should because data is an organisation’s most valuable asset, raising the value of the systems that manage and protect it. This is evident given the relentless wave of cyber attacks Australia has experienced since Optus and Medibank were breached, raising cyber security and question marks over our data to the top of the federal government agenda.

Backing up is one of the key strategies in the Australian Signals Directorate’s (ASD) Essential Eight, a baseline cyber security model for government organisations and, in turn, other businesses to follow. Backups can, and have, stood between organisations and multimillion-dollar ransom payments.

Australia has a reputation for being a fast, if not a first, adopter of new technologies. Maybe it’s now time we apply that spirit to securing our technology adoption by backing up our data and adding the word “immutable” to our data and backup vernacular.

============
============

Modernised infrastructure needs modernised backups

Much of our data is not only backed up but also stored and managed for daily use, in the cloud.

Increasingly, hybrid cloud has become increasingly popular — a mixture of in-house or on-premises IT infrastructure and the public “rented” cloud, giving choice to organisations based on the types of workloads and data in play. The market for hybrid cloud is expected to reach nearly $400 billion by 2027, with Australia and New Zealand as major growth markets.

Cost and data sovereignty are key concerns driving this hybrid trend — i.e., different environments are more cost-effective for different datasets and applications; and certain types of data are either required to be or ideally kept on shore for reasons, including national security and industry regulations.

But one area that has been overlooked as we’ve modernised the infrastructure that holds data is the nature of how we back it up, and this is vital in the context of the ransomware and cyber security challenges we face now.

One of the main sensitivities in data security is privacy — i.e., protecting sensitive data such as personally identifiable information (PII) like passports or driver’s licences and healthcare data — key factors in both the Optus and Medibank breaches. The other is protecting data needed to operate a business: the applications, files, and other tools your team uses to transact and do whatever it is the organisation does.

The most sensitive data needs more robust security; firewalls, failovers, barriers, with the aim that — even if someone gets past your perimeter security, which is always a possibility — those datasets are hardest to reach.

But the data you need to run your business needs to be replicated in an immutable, daily (at least) backup copy. That means a copy of the data that cannot be altered in its “resting place”. Naturally, having this means that your irreplaceable operational-dependent data can’t really be taken because if it is, you can inject a fresh copy back into the enterprise in a matter of minutes or hours.

In other words, immutable backups are your security blanket, your get-out-of-jail-free card for when that dreaded ransom note inevitably pops up on your company’s screen. Without them, cyber breaches can literally be an extinction-level event for your organisation.

All of this capability exists now — technologies to identify, appropriately secure, and immutably back up our data. It isn’t even expensive in the context of what companies spend on perimeter security. What we need is a mindset shift.

As we reflect on World Backup Day, and Australia reels from hopeless fears over cyber criminal attacks, it’s time organisations take Australia’s patented fast-adoption approach to gaining a security and financially stable foothold on our data.

James Wright is the senior director, Asia-Pacific and Japan, for hybrid cloud data management software company Cloudian.

newsletter
cyber daily subscribe
Be the first to hear the latest developments in the cyber industry.