January 11, 2023, was a very memorable day for at least one IT engineer. According to ABC News, a software maintenance mistake was the cause of the computer meltdown that drove a nationwide ground stop, causing the cancellation or delay of thousands of flights across the U.S. The outage resulted from an engineer's mistake during routine scheduled maintenance, with the story quoting a senior FAA official as saying the engineer “replaced one file with another.”
The engineer didn’t recognize their error as the systems headed toward failure, and FAA staff struggled to figure out what went wrong. In the ABC story, the same FAA official said, “It was an honest mistake that cost the country millions.” And if you were traveling by air that day, it probably cost you some time.
Balancing Costs Against Consequences
So, getting right to the point, here’s the lesson every IT pro should learn from this incident: Regardless of whether your IT team does a great job preventing cyberattacks and keeping your systems running, all it takes is one mistake to bring your systems down. The Verizon 2022 Data Breach Investigation Report found that human error is the dominant trend behind breaches, with misconfiguration being a significant cause.
It gets repeated often, but it’s important to remember that downtime is incredibly costly. The Uptime Institute found that 60 percent of outages resulted in $100,000 in total losses, while 15 percent cost over $1 million. And Statista says about 70 percent of businesses were victimized by ransomware in 2022.
Then there’s a recent survey of IT decision-makers across the U.S. and Canada that found that 77 percent believe their companies will likely face a data breach within the next three years. Add in human error as a cause of data loss and downtime, and the odds are that you, too, will be hit.
Those high costs could put anyone but the FAA out of business. That’s why every IT pro needs to expand their focus to include the concept of data resilience in their discussions regarding data protection, backup, and disaster recovery. And it’s incumbent on IT leaders to ensure everyone from the executive team on down understands that they have a role to play. That ranges from authorizing IT budgets that can be invested in solutions that help the organization avoid the consequences of downtime to cybersecurity training for everyone, so they are aware of risks from suspicious emails and other threats.
Data Resilience: Defending Against Downtime
IT industry association ISACA defines data resilience as “a data system [that] can continue to operate when faced with adversity that could otherwise compromise its availability, capacity, interoperability, performance, robustness, safety, security, and usability.”
Meeting those requirements demands solutions that cover virtually every aspect of your organization’s digital presence. In a recent Executive View report, analysts KuppingerCole list the following as the key components to look for in data resilience solutions:
• Protection for all of your data, including unstructured data, file systems, databases, and SaaS data.
• Infrastructure protection, including physical and virtual machines and cloud infrastructures.
• Tiered storage options that keep high-value data protected at the highest levels while keeping costs under control using less expensive storage options for less valuable data.
• Robust security, including multifactor authentication (MFA) and role-based access controls (RBAC) for access to systems and data.
• Assured disaster recovery while meeting your recovery time and recovery point objectives (RTOs/RPOs).
Read the entire KuppingerCole report here.
Get Guidance from Data Resilience Experts
Arcserve works closely with our technology partners to deliver effective data resilience solutions to organizations worldwide. Find an Arcserve technology partner here, and take the first step toward making your organization more resilient.
You May Also Like
- Channel: MSPs / VARs / SIsSeptember 21st, 2023
- Backup and Disaster Recovery Business Continuity Cloud Compliance Data Protection Data ResilienceSeptember 20th, 2023
- CybersecuritySeptember 19th, 2023