Christian Mahncke, Enterprise Business Development at Routed, a vendor-neutral cloud infrastructure provider, has said that while cloud computing has proven that it is a better option than in-house servers, security challenges remain a concern and businesses require a solid cyber-security strategy.
Private, public and hybrid clouds are growing in popularity as lift and shift cloud apps are making migration easier for businesses.
According to Mahncke, it is evident that companies are still experiencing common security challenges such as backup and Disaster Recovery (DR) failures, ISPs being hacked or Ransomware attacks, all of which are exposing the network and potentially sharing valuable personal information. “These businesses are neglecting this important aspect within their cloud strategies, failing to include backups and DR in the overall planning.”
For Mahncke, including security and a backup plan comes naturally for anyone that has migrated or developed new applications in the cloud: “It is simpler to secure data by creating a DR environment in the cloud than doing so on-premise. Once all your applications are in the cloud, it takes care of all backup and DR requirements quickly and more cost-effectively. Cloud provides one virtual environment, as opposed to a number of disparate applications each requiring individual backup and DR needs.”
The importance of looking after data, inside and outside of an organisation remains lacking, which means that DR is probably equally absent. Mahncke says that there is a need for security policies and associated regular backups. This will automatically result in ensuring that proper DR is in place, and it works.
“So often backups only get tested after a server crash or security breach, only to discover that the backups do not exist or were never taken. DR is often absent as there is a belief that a multitude of backups constitutes DR,” explains Mahncke.
He stresses that backups are not DR, nor can multiple backups amount to any kind of DR. Backups are useful for immediate access to restore a document, but do not facilitate the failover of a total environment if the infrastructure becomes compromised.
“Backup is simply a copy of data intended to be restored to the original source, while disaster recovery requires a separate production environment where the data can live. All aspects of the current environment should be considered, including physical resources, software, connectivity and security,” says Mahncke.
Data backups should be automated and part of daily operations, while DR planning is an integral part of any organisations IT strategy, and is becoming essential as security breaches and network outages become common threats.
“DR needs to address complete system failure and provide a set of security policies to govern disaster incidents. A cloud platform provides for this in the most efficient form. You can either back up your cloud or store to a DR site,” says Mahncke.