Over on the Aparavi Blog, Vicki Grey cited a recent study by The Herjavec Group, which indicated that ransomware attacks are on the rise. The report also states that ransomware attacks hit businesses every 14 seconds in 2019, and will hit every 11 seconds by 2021. Organizations, large and small, have heard the warning and are making sure their IT teams are revising data protection strategies. The problem is that one of the least protected data sets is also one of the most vulnerable: unstructured data.
Is Unstructured Data Defenseless against Ransomware?
In our findings, most organizations only protect their unstructured data set once per day as part of the typical backup process. Also, we find that if there is an error in the backup completion logs, it most often occurs while the unprotected data stores are being backed up. Typically, IT administrators don’t immediately address those errors because of time constraints. IT hopes that the backup software protects the data on the next backup run. That means that some of the unstructured data set can go two days or more without adequate protection.
There are several reasons for the lack of quality in unstructured data protection. First, most organizations don’t make it a priority like they do databases and other tier-one applications. The reality is that the unstructured data set is now critical, or at least essential to organizations.
Second, they lack tools that can quickly capture the very large quantities of unstructured data. Most organizations store unstructured data on network-attached storage (NAS) devices or on dedicated file-servers. It is not typically stored on a virtual machine within the virtualized infrastructure, meaning that the backup solutions that count on the hypervisor’s change block tracking capabilities won’t work. For many organizations, that means a file-by-file backup of thousands, if not millions of files. Even if the customer’s solution does have image-backup capabilities, that can create problems with regulations like GDPR and CCPA, which we outlined in our on-demand 15 minute webinar “Talking GDPR and CCPA with Aparavi.”
Building Better Defenses for Unstructured Data
The key is to develop a better defense system for unstructured data. At this point, it should rival the protection that a critical application receives. Better protection means more frequent backups, secure backup storage, and file-level insights. The problem is the requirements for unstructured data likely mean a new application that is up to this task. Organizations already use multiple applications to protect their environment, so having an application dedicated to the fastest growing data set, unstructured data, is a sound strategy. We expect the unstructured data protection market to continue to attract vendors that are primarily focused on the space. Archive vendors are expanding their capabilities to provide protection, and companies like Aparavi are now in the market with an integrated data protection, data insight, and data archive solution.
To learn more check out our full-length on demand webinar “The Three New Requirements of Unstructured Data Protection.”