Protected Information: Advancements in Data Backup, but Have Your Practices Adapted Correspondingly?
In the rapidly evolving digital landscape, South African organizations are being challenged to adapt their backup and recovery strategies to address the complexities of cyber threats, cloud-native workloads, SaaS sprawl, and AI-dependent workloads.
Muggie van Staden, CEO of Obsidian Systems, emphasizes the importance of viewing backups not just as a support function, but as a strategic pillar of business continuity, brand trust, and operational survival. He stresses that the failure of systems should be assumed and that backups should encompass both backup and recovery.
One of the current best practices is the 3-2-1 Backup Rule, which advises maintaining at least three copies of data, on two different media types or devices locally, and one copy off-site or in the cloud. This rule mitigates the risk of data loss from any single point of failure.
However, implementing the 3-2-1 rule is becoming increasingly challenging due to cloud-native workloads and SaaS sprawl. Organizations must protect data in hybrid clouds, multiple SaaS environments, and AI workloads that did not exist five years ago, necessitating a backup strategy that reflects this reality.
To counteract these challenges, South African organizations are turning to secure, reliable backup services with strong security protocols. Regularly updating and testing backup systems is crucial to ensure they function effectively when needed.
Moreover, organizations are implementing AI-enhanced Data Loss Prevention (DLP) tools to continuously monitor data flows across multi-cloud and hybrid environments. These adaptive systems detect complex threats and automate response, which is crucial given the complexity of AI workloads and cloud-native applications.
The Financial Sector Conduct Authority's Joint Standard on Cybersecurity & Cyber Resilience reflects a similar shift toward mandatory resilience testing locally. This standard underscores the importance of developing comprehensive disaster recovery plans, documenting clear recovery objectives, and conducting frequent tests of backup and recovery processes.
South African organizations are also leveraging cloud-native security and monitoring tools like Microsoft Azure Sentinel to gain a comprehensive view of their security posture, automate detection and remediation, and manage hybrid workloads effectively.
In addition, it is essential to back up network configurations and infrastructure, beyond just data. Backing up configurations of network devices such as firewalls and switches is critical to restoring operations after cyberattacks or outages.
Deploying redundant and automated systems, such as backup servers, failover systems, and process automation, enables rapid scalability, failover, and consistent management of cloud workloads.
Both Obsidian Systems and HYCU are partnering to bring advanced, scalable, and tamper-proof backup and recovery capabilities to South African enterprises. The partnership aims to help organizations navigate the complexities of data protection in the modern digital age.
The digital landscape is constantly evolving, and regular review and adaptation of strategies remain vital to address evolving risks. The Digital Operational Resilience Act (DORA) in the EU is setting new standards for financial entities, and South African organizations would do well to take note.
In the future, AI is expected to transform how backups are managed, according to Simon Taylor, Founder and CEO of HYCU. Karl Fischer from Obsidian Systems will deliver an insightful demonstration on the power of Ansible automation at Red Hat Day Cape Town 2025.
In conclusion, South African organizations must adopt a multi-layered, proactive approach that incorporates both traditional and advanced technologies to build a resilient backup and recovery framework tailored to the complexities they face today.
- Recognizing the importance of a strategic approach, Muggie van Staden from Obsidian Systems advocates for viewing backups as a pillar of business continuity, brand trust, and operational survival, assuming system failure and encompassing both backup and recovery.
- As the 3-2-1 Backup Rule becomes more challenging due to the rise of cloud-native workloads and SaaS sprawl, South African organizations are embracing secure, reliable backup services with strong security protocols and regularly updating and testing backup systems for seamless operation when needed.
- In augmenting their backup strategies, South African organizations are implementing AI-enhanced Data Loss Prevention (DLP) tools to monitor data flows across multi-cloud and hybrid environments, automate response, and detect complex threats in the ever-evolving digital landscape.
