The Modern CIO: Building bridges between business and customers.

Once upon a time, the CIO was an unappreciated and largely unknown hero; relegated to the back room and responsible for keeping the lights on without fanfare or recognition. Now, the role has matured to one which is central (and critical) to achieving business goals.

As well as being charged with the responsibilities that come with a seat at the boardroom table, today’s CIO is accountable for building a digital customer-first foundation that can easily evolve to meet changing demands.

How did Customer Experience (CX) become a CIO responsibility?

One of the most telling comments in Forrester’s “The CIO’s Role In The Growth Agenda” report is where they say: One CIO we spoke with told us, “It turns out, I actually own customer experience because I’m responsible for the systems that serve them.”

And with CX being increasingly reliant on technology, the choices the CIO makes now will underpin business growth. They’re important, and far-reaching.

Here’s why.

The case for exceptional CX being the norm, not the exception.

In Forbes’ article from late 2023, “Leading Digital Transformation: Why CIOs Should Keep CX Top Of Mind,” they observe that research has repeatedly shown that keeping customers happy and finding better ways to engage with them is not just crucial for survival but also key to thriving in a challenging economic climate.

Forbes also points to PwC’s Customer Loyalty Executive Survey 2023, where 87% of executives and 51% of consumers in the United States agreed that an online shopping experience can negatively impact loyalty if it’s not as easy or enjoyable as shopping in person.

What is apparent from this, is that CX is critical to growth and loyalty (and profitability) across virtually every aspect of customer interactions – from websites to apps, support to fulfilment, to personalised omnichannel communications based on previous behaviour, preferences, and purchases. And key to this, is your organisation’s ability to collect and meaningfully analyse masses of data – via technology.

Is there more to the CIO role than CX, though?

While important, CX isn’t the be-all and end-all – it’s a two-way bridge. Your technology environment needs to empower your internal stakeholders so they can derive deeper and more valuable insights into the market and make better decisions. From what to sell, when and how, and what next – impacting product development, sales, customer service, marketing, and growth strategies.

And of course, the better the technology, the more ownership and support by your tech teams.

So, circling back around to the original point of this article – today’s CIO plays a critical role in deciding and guiding the use of technology (from your systems of engagement, systems of insight, security, and infrastructure – nothing is exempt) and data.

The decisions you make should enhance how the business interacts with your customers, optimise its processes, and align your business strategies with the needs and high flying CX expectations of your customers – while bringing joy to your stakeholders.

That given, let’s look at how you can ‘make it so.’

The four key strategies to drive a customer-centric tech approach.

1. Be customer aware

Make sure your business is where and what your customers expect it to be with the ability to interact with you how they want to.

While it’s not as simplistic as building it and they will automatically come, failing to build solutions that deliver the high-quality experience your customers expect (from web to mobile apps to self-help) is a sure-fire path to failure in a digital world.

2. Stand united

Your technology model should link your tech and business teams – from marketing, to sales, CX and product, and digital – together, not drive a ‘have/have-not’ wedge between them.

In Forrester’s “The CIO’s Role In The Growth Agenda” report, they say: “In our studies, respondents at enterprises with high levels of alignment across customer-facing functions report 2.4x higher revenue growth than those with some or no alignment. Those same aligned groups benefit from working with IT teams that are 3.7 times more likely to be highly or somewhat aligned with other functions.”

Also consider what new technologies like AI (artificial intelligence) and ML (machine learning) will bring to the table as part of your drive to improve your business operations and gain a competitive advantage. While you may prefer to develop custom models that work well with your current data sets, keep an eye out for records management application vendors who are incorporating AI directly into their products.

3. Discard complexity

Stop investing in old technology. Make now the time to move on from the cost and complications inherited with legacy systems to consolidate and build better customer facing systems.

Reduce the complexity of your systems of records by ensuring you have a strong ability to retrieve data from your existing systems. This way you can be confident that you can access the data you need in the future – which is especially important if you are in a regulated industry.

For example, in the professional services sector, many organisations are switching to cloud-based records management systems to enable new Business Innovation, and as a result, are shutting down their old on-premise systems. Global Storage customers in this sector trust that their legacy data is secure and recoverable through our range of cloud services, which allows them to move forward and free up old capital and resources.

4. Invest in result

While it’s tempting to adopt one shiny, exciting new solution after another, step back and reconsider. The most important thing about technology is the result, not the way to achieve it.

Keeping this in mind will help you focus on what matters most to the business. For example, Global Storage offers an outcome-based service with strict SLAs that allows our customers to concentrate on innovation within the business. This saves them from getting bogged down in the essential but routine operational tasks and the effort and expense of keeping up with new technology and systems that ultimately add little value to the business.

In summary, building great bridges requires strong foundations – ones that are deep and true to support the weight of change and significant business growth.

Above all, the foundations you lay as CIO should enable fast and complete business recovery following a natural or maliciously contrived disaster.

Contact us to have an obligation-free chat.


Global Storage takes out Veeam VCSP Partner of the Year for ANZ

Veeam recently announced their ANZ Partner Awards to celebrate the success of their channel in 2022. Global Storage were delighted to accept the award for Veeam Cloud and Service Provider (VCSP) of the Year for Australia.

Laura Currie, Channel & Alliances Marketing Manager for ANZ commented on the award.

“Your commitment to ongoing growth and valuable insights into our products and programs have truly set you apart. Your dedication to our partnership and active engagement within the Veeam community have significantly contributed to our mutual success.”

Laura Currie

The partner awards celebrated 13 partners across ANZ for their achievement and activity with Veeam in the previous year.

“In the past year, Veeam has made great progress in helping its ANZ partners build their practices, in order to better serve their customers,” said Gary Mitchell, VP of ANZ at Veeam Software. Gary went on to say that “Veeam’s 100 per cent channel model firmly puts Veeam’s partners at the centre of the ecosystem and we are extremely proud to be working with them to provide customers with the resilience, availability, and business outcomes they need. We are thrilled to be able to celebrate their achievements at this year’s ANZ Partner Awards.”

This reward reflects Global Storage’s ongoing commitment to delivering our innovative and secure Back Up and Disaster Recovery as a Service offering.

As a Platinum Veeam VCSP partner we invest in our people with 6 certified Veeam Technical Sales Professionals forming part of our team. With over two decades of data management experience the Global Storage team is uniquely qualified to help companies of all sizes realise agility, efficiency, and intelligent data management across diverse cloud environments.

Global Storage takes out Veeam VCSP Partner of the Year for ANZ

Source: Veeam celebrates A/NZ channel — ARN (arnnet.com.au)


Written in partnership with Veeam.

Cloud: Simplifying an increasingly complex hybrid landscape with confidence

The challenges for today’s CISOs aren’t going away any time soon – especially when it comes to data management, protection and recovery in a multi-cloud or hybrid-cloud environment.

The complexities associated with cloud and tech environments were listed as a top 3 challenge in the Focus Networks Intel Report for the CIO & CISO Leaders Australia Summit 2023. And, according to ARN, cloud spending will top the list in 2024.

So, what does this mean for your organisation and its ability to manage your hybrid cloud environment?

Shouldn’t hybrid cloud be getting easier, not more complex?

You’d think the rush to hybrid cloud would be slowing down by now.

But, says Veeam, in its #1 Hybrid Cloud Backup Guide, hybrid cloud implementations are unlikely to go away. Whether by careful, strategic design or accidental evolution, 92% of businesses already have a hybrid or multi-cloud setup. Regardless of the route taken, hybrid cloud is today’s reality for most organisations.

Hybrid cloud, observes Veeam, no longer means a mix of on-premises and a (single) public cloud. These days, a hybrid environment is more likely to consist of specifically chosen platforms used to serve different purposes. For example, disaster recovery (DR), production, dev-test and more. Meaning there’s more to measure, manage, and protect.

So, it’s easy to see how, over time, the complexity of hybrid cloud – especially in terms of backing it up – has grown, not lessened.

Managing data protection and security is easy (said no one, ever)

As we adopt more modern platforms, the struggle to manage them and their dispersed, often locked-away data grows in the face of ever-evolving cyber threats. And legacy backup solutions won’t cut the mustard. They’re old news, high-risk, and only suitable for dangerously old and high-risk technology environments.

If you have a modern multi-cloud environment, it’s obvious you need to take a modern approach to protecting it. Even then, not all cloud backup solutions on offer are created equal. With the need to back up your physical and virtual machines (VMs), cloud-native infrastructure and platforms, SaaS, and Kubernetes – all of which benefit from purpose-built protection, it can be a big ask. While native backup tooling is available from both first- and third-party vendors, this multi-vendor approach can result in siloed management and often creates more challenges than it overcomes. At a time when the desire is to reduce costs and simplify management, it does the opposite.

Then, there are those public cloud vendors who lock your data into their platforms, meaning you need to compromise on performance, capabilities, and costs rather than embrace a move to a better, more suitable platform.

Multi-cloud and hybrid-cloud environments are now the norm not the exception. So, the need for a single pane of glass approach to data management, protection and recovery is more critical than ever before.

The lowdown on the future of cloud (and what it means for you)

First, let’s look at where cloud is heading. Because above all, as cloud evolves and transforms, you need to consider solutions that will go the distance.

In Forbes’ article on Cloud Computing In 2024: Unveiling Transformations And Opportunities, they open with this bold statement: “The dynamic realm of cloud computing is on the brink of remarkable transformations in 2024, as organizations and service providers brace themselves for an era characterized by innovation, challenges, and unprecedented opportunities.”

Sounds great, but what do they actually mean by this?

In its list of 11 key trends for 2024 – Forbes says the era of one-size-fits-all cloud solutions is on the way out and a more tailored and dynamic approach that combines public and private clouds is in. Hybrid and multi-cloud environments are set to become the new normal for organizations of all sizes – which comes as little surprise to most of us.

More importantly (in the context of this blog), Forbes says that with the shift to multi-cloud environments and serverless computing, IT departments will face novel challenges, including paying more attention to security. While specialised solutions that are designed to help simplify the inherently intricate nature of multi-cloud environments are emerging, Forbes cautions against tools that conceal complexity without genuinely streamlining or reducing it.

More positively, though, Forbes says that AI will optimise cloud management, in a transition from novelty to the norm and bring benefits, including streamlined overall cloud operations.

Another trend Forbes noted (one that’s far from new in a world strapped for skilled technology resources) is the challenge of bridging a skills gap as cloud adoption increases. Meaning solutions that reduce the need for specialised cloud-computing professionals will be welcomed with open arms.

So, where to from here?

Given the challenges, what’s important when considering a data protection, management, and security platform to support your ever-evolving hybrid-cloud environment?

  • Centralised management. Drive efficiency and reduce costs with a single view of all environments and just one toolset.
  • The ability to support everything. As hybrid environments grow in complexity, look for a solution that natively supports everything from SaaS to physical servers, Kubernetes, and more.
  • Own your own data. Eliminate data lock-in with a solution that allows you to move data freely across your infrastructure so it’s available where and when you need it.
  • Only use and pay for what you need. Choose a solution that allows you to cherry-pick the components you need without financial or licensing penalties.
  • A seamless experience. Protect, manage, and recover your hybrid cloud environment with a platform that delivers what it promises without downtime, data loss, or compromise.

Hybrid cloud offers benefits and challenges in equal measure – something we deal with daily. Reach out to Global Storage for an obligation-free chat about how we can help you simplify the complex.


Written in partnership with Veeam.

The new NIST list – what you need to know 

How time flies. It’s already been almost 10 years since the NIST (National Institute for Standards and Technology) Cybersecurity Framework was first rolled out to provide technical guidance for those responsible for critical infrastructure interests, including energy, banking, and public health. 

By early November, we can expect to see a sixth function officially added to the famous five functions of an effective cybersecurity program – namely: Identify, protect, detect, respond, and recover. 

And we’re glad to say that the final function is ‘govern’. 

It’s expected that the addition of the sixth function will expand the usefulness of the NIST framework to all those sectors outside of critical infrastructure and provide guidance to support their overall cybersecurity strategies.  

Celebrating the new NIST framework 

So, why does NIST 2.0 make us quietly happy? Possibly because it’s something we’ve taken to heart. 

From the Global Storage perspective, governance has long been the missing piece in the cybersecurity puzzle. Having gone through the intensive processes of earning ISO 27001 certification several years ago, it’s good to see NIST catching up with the technology partners (like us) who adopted ‘govern’ as a central premise to support and protect their customers more effectively. 

And the Australian Government obviously agrees. Its current principles of cybersecurity governance are grouped into four key activities: govern, protect, detect and respond. Govern: Identifying and managing security risks. Protect: Implementing controls to reduce security risks. Detect: Detecting and understanding cyber security events to identify cyber security incidents. Respond: Responding to and recovering from cyber security incidents. 

 In its discussion paper, “Strengthening Australia’s cybersecurity regulations and incentives,” the government is actively seeking views about how it can incentivise businesses to invest in cybersecurity, including through possible regulatory changes. The first of the proposed new policies up for discussion is governance standards for large businesses. Suggested governance approaches include alignment with international standards and frameworks (like ISO 27001 and NIST).  

Governance (and the associated reporting) is clearly a timely new focus for those non-critical infrastructure Australian businesses that haven’t yet fully developed a robust and all-encompassing cybersecurity plan. ASIC has started to actively fine businesses that fail to take remedial action after breaches – and they are unlikely to accept excuses based on size and lack of capability from the SMB sector.  

It’s been interesting for us to watch some of our larger customers, who previously aligned themselves with the ASD Essential Eight, now realigning themselves with NIST due to its depth, breadth and maturity. And we expect the addition of the ‘govern’ function to cement that move even more firmly. 

Catching the curve ball 

While we’d like to say we were ahead of the curve in becoming ISO 27001 certified, the reality is that many technology partners saw the writing on the wall. We could see that “govern” would be recognised as an important function over and above the five technical, control-based standards championed by NIST up until now – and that our commitment to going further should be sooner than later.  

What Global Storage’s ISO accreditation (and statement of applicability) means for our customers is that we keep the necessary governance records for them. So, if they are audited or even prosecuted, we can prove that the principles and controls of ‘govern’ were fully followed. In effect, they can leverage our external certification against their compliance requirements, making it easier for them to do business with confidence. And in turn, we leverage the certifications of our own ISO-accredited service providers.  

While committing to ISO 27001 five years ago was a market differentiator, it’s now a prerequisite for most partners like us. Now, from a sales perspective, it accelerates the conversations and removes roadblocks. Whereas ‘before’, our customers had no dedicated security resources, today’s organisations typically have multiple internal staff whose primary responsibility is security. But they are the lucky ones. With the huge global deficit in cybersecurity resources, they’re often lucky to be able to afford to hire and retain the people needed. All of which makes it even more important that a partner can offer the certified support needed.  

New framework, new challenges 

But going back to a cybersecurity framework that includes ‘govern’, for those already in a regulated industry (for example, health and banking), it shouldn’t pose too much of a problem – they are used to the requirement of being audited.  

In the case of non-regulated and often less mature industries, though, it will pose a challenge despite growing customer demand that they level up. For these organisations in particular, having a service provider that’s already got all those ‘govern’ boxes ready-ticked will alleviate the time, pain, and distraction of completing additional paperwork. 

As I’ve said, we’ve made a significant investment in ISO 27001, and that accreditation requires us to achieve and maintain precise standards and undergo a yearly external audit. It’s also shaped the way we run our business. We can’t afford mistakes; we put our reputation on the line daily. These days, saying “oops, sorry, my bad” isn’t good enough for us or our customers (and in our books, it never has been) – meaning we’re very prescriptive about how we run our cybersecurity functions and services.  

Feel good about the company you keep 

Like practically every company in the world, we’ve had cybercriminals trying to attack us – but every attempt has been detected, contained, and dealt with in keeping with our governance system. We’ve never had a breach. 

With NIST soon to be updated and the Australian Government looking likely to enforce governance for all organisations regardless of size, it’s critical these businesses can turn to a trusted service provider who has been there, done that – and actually lives and breathes the concept of “govern”. Only by doing that can they quickly and directly move forward and comply while reducing risk. 

Service partners like Global Storage are no longer just the clean-up crew when something goes wrong. We’re not just the people you lean on for (exceptional) backup and recovery as a service and disaster recovery as a service to provide 24/7 protection, but the in-depth reporting needed to keep you compliant, auditable, and accountable for everything cybersecurity.  

So, when your performance and strategy are held up against NIST standards, ISO standards, or government governance regulations, you can be confident that you, too, are ahead of the cybercrime curve ball.  


When it comes to cybercrime, you are not a unicorn.

At the risk of sounding like a broken record, cybercrime is only getting worse. And no matter how ‘special’ and ‘unique’ you are, you are unlikely to remain unscathed.

Ransomware is now the rule, not the exception

In Veeam’s 2022 Ransomware Trends Report, they summarised the learnings gained by interviewing 1,000 organisations that had all experienced ransomware attacks. So, not those living in fear of an attack, but those who had been through one and came out the other side in varying degrees of health. The researchers talked to security professionals, IT operations, backup administrators and CISO (or equivalent IT executives).

Veeam’s ransomware report dovetails with their 2022 Data Protection Trends report, where 76% of the 3,393 organisations surveyed had suffered at least one ransomware attack, and 24% had avoided or were totally unaware that they’d been attacked. As with the ransomware report mentioned above, the criteria for being included in this research was that each organisation must have experienced at least one attack in 2021.

Between these two pieces of research, two important trends were uncovered:

  1. Cybercriminals were double dipping. To quote Veeam: “Only about one in four (27%) organizations suffered just one attack, presumably with bad actors attempting to return for more ransom.”
  2. No unicorn is safe. Again, to quote Veeam: “Organizations of all sizes appear relatively equal in the persistence of attacks from small-to-medium-sized businesses (SMBs) (100–249 employees) to large enterprises (>5,000 employees). Said another way, just like any other disaster (fire/flood), ransomware attacks are universally pervasive.”
    Veeam also noted that ransomware survey respondents reported that an average of 47% of their data was encrypted by ransomware.

As a result of this research, one of Veeam’s primary conclusions was that “the best way to reduce the risk of a cyberattack like ransomware is to have a comprehensive and tested disaster response plan.”

Move your mouse away from that!

Despite our increased awareness and training, humans remain the greatest point of failure when it comes to inviting cyberattacks into our businesses. Phishing emails, malicious links and websites are still the most common point of entry for criminals.

One positive observation made by Veeam was that only 1% of their respondents reported they could not identify the entry point. In other words, 99% of the time, the monitoring and investigation tools they used pinpointed their vulnerabilities – human and otherwise – so they could be addressed.

Once a bad actor has gained entry into your environment, Veeam says that 94% of the time, your backup repositories are their primary target. And that 68% of repositories are impacted as a result.

Veeam adds:

“Specific production platform or application types were targeted in 80% of successful ransomware attacks, presumably based on known vulnerabilities within common platform types, such as mainstream hypervisors and operating systems or wide-spread workloads like NAS filers or database servers.”

We get it: Protecting your data isn’t simple

With organisational data often spread across multiple clouds and systems, as well as geographies and locations, it only adds to the challenge of ensuring your data is not only available and scalable – but also protected.

Faced with today’s cyber challenges (and new threats looming as AI becomes part of the baddies’ arsenal), your ability to be cyber resilient and recover to a business-as-usual state as quickly as possible is more critical than ever. No one can count on being the fairy-tale exception to the rule when it comes to ransomware attacks.

To rehash that well-worn saying: It’s not a matter of if your unicorn breaks its horn, but when.

According to Veeam’s 2023 Data Protection Trends report, “…many legacy IT environments are running legacy backup solutions that were designed for the physical data center era. This specifically hinders an enterprise’s ability to focus on cloud-based SaaS and IaaS, which puts your data at risk of data breach and can lead to unoptimized large-scale data management.”

Interestingly, Veeam reports that 52% of those organisations with encrypted data paid the ransom demand (mainly with the help of their cyber insurance policies) and successfully recovered it. As for the rest? 25% paid up but didn’t recover their data. The remainder undertook remediation to recover their data successfully, but this took an average of 18 days, which is a long time to be out of the business-as-usual loop.

It’s time to join the rest of the herd

While cybercrime is pervasive and seemingly unavoidable, it doesn’t absolve your business from taking its share of responsibility from a legal, commercial, and ethical standpoint.

It’s hard (and for some, impossible) to recover from a massive fine, the sense of betrayal experienced by your customers when their data is sold off to the highest bidder, or your employees are unable to work as every line of business application freezes. For days, weeks, and even months.

And yet, knowing this, only one out of every six organisations test whether their backup solutions work by restoring and verifying their data. So, when it comes to a ransomware attack, most businesses are still winging it when it comes to having backup that works.

Unicorn or not, the only certainty in life for today’s businesses is the importance of weathering that inevitable cyber storm. And that includes ensuring you have:

  1. Reliable, innovative, industrial-strength cybersecurity solutions
  2. A well-understood, committed and tested cyber resiliency strategy

Feel free to talk to us if you’re unsure about either. We’ll even throw in some love and rainbows.


Written in partnership with Veeam.

Zero trust given. And why that’s a good thing for hybrid cloud environments. 

While it makes perfect sense to push your workloads to the public cloud, especially if they can be moved into SaaS environments, this doesn’t work for all legacy workloads. This is why we continue to see – and advocate – hybrid cloud environments.  

For many organisations juggling workloads is not a matter of taking a cloud-first approach but opting for cloud-fit instead. This involves finding the ideal cloud environment for each workload. One that’s cost-effective and ticks all the security boxes.  

But this is when it gets tricky. If you’re taking a cloud-fit approach, how do you ensure cyber resiliency across all your platforms? And what happens when your data is moving between those platforms? 

Data breach statistics aren’t getting any prettier, with a 26% increase in notifiable data breaches to OAIC in the latter half of 2022. Which is where zero trust comes to the fore.  

But first, let’s back up a bit – what is zero trust, why is it the hot new approach, and how do you get some? 

Trust no one, question everything 

Two of the best cybersecurity rules to live by are: 1. Trust no one. 2. Question everything. And those rules, in a nutshell, are the key to zero trust.  

Zero trust takes distrust of and questioning your users to a whole new level – but this is a good thing. Regardless of whether they’re inside or outside of your network, users are subjected to authentication, authorisation, and continuous validation for security configuration and posture. Only when they pass these conditions with flying colours are they a) granted access or b) allowed to have continued access to your applications and precious data.  

Importantly to those who have gone the cloud-fit route, zero trust assumes that there is no traditional network edge. So, networks can be local, in the cloud, or a combination or hybrid with resources anywhere, as well as users in any location. Regarded as ‘perimeterless security’ (just think of networks without borders!), the zero-trust security model is also known as zero trust architecture (ZTA), zero trust network architecture or zero trust network access (ZTNA). 

And while it’s so hot right now, zero-trust isn’t actually new. (You might like to check out this excellent article on the history of zero-trust here on TechTarget.) However, it is the way to go.  

In a 2022 Forrester Opportunity Snapshot, the renowned researcher reports that 83% of Australian and New Zealand firms say zero trust is the future of their organisation’s security. And in tech news publisher VentureBeat’s article on zero-trust trends for 2022, they include zero-trust becoming the foundation of more hybrid cloud integrations as one of the big four trends to watch out for.  

So, how and where do you get started? 

It’s all about leadership 

It’s important to remember that zero trust is a philosophy, not a product. And like most philosophies, it can take some effort to get everyone on the same page.
  
To quote John Engates, Field CTO for Cloudflare:

“To get zero trust across the finish line, some companies may appoint a zero trust officer. Showing leadership, demonstrating how important it is to the organisation, putting someone in charge of getting to a zero trust stance is really critical. No matter how you demonstrate that to your stakeholders, it’s really critical for someone to stand up and say, ‘We’ve got to do better at this; we have to do it comprehensively across the entire organisation. And we have to do it soon because the threats aren’t getting easier to deal with.” 

In their Opportunity Snapshot, Forrester agrees, saying it’s critical to “be a leader and communicator, not a technician.” They report that 48% of zero trust leaders in Australia and New Zealand said “their stakeholders struggled to understand the business value of adopting a Zero Trust approach. Only 41% listened and understood stakeholders’ criticism or feedback, then worked through their issues with the Zero Trust team, and returned with a solution.” Forrester concludes that this poses a challenge as zero trust leaders thought the most important trait in their role was to be technical (52%), compared to being communicative (13%). 

Despite the challenges, Forrester says that these same zero trust firms reported a more empowered employee experience, with 74% reporting more flexibility to work from anywhere or on any networks, 61% were relieved of the burden of security responsibility through password-free authentication, and 27% enjoyed an increased choice to work with any device or programmes.  

So, where to start? 

Engates from Cloudflare is a fan of making the zero trust goal manageable by attacking it in bite-sized chunks. He says that the important thing is to “get started and get moving.” And we agree.  

To help you address the challenges created by the shift to cloud hosting, remote work, and other modernisation, Zerotrustroadmap.org provides an excellent step-by-step vendor-agnostic roadmap, complete with an implementation timeline.   

Or you’re welcome to just talk to us.  


In partnership with Cloudflare, a global leader in zero trust services.  

Cyber resiliency in a multi-cloud environment – how hard can it be?

When data security is ranked as the leading challenge facing organisations that access and maintain data in cloud environments (above cost, complexity and lack of expertise), you know there’s an issue.

It’s one thing to rely on the standard backup and recovery tools available from a public cloud service provider (CSP), but what happens when most Australian organisations use three public CSPs on average? How do you juggle using three sets of tools effectively?

In truth, we believe you can’t – and you shouldn’t. Not if you value your business, and your data.

Why aren’t public CSP in-built tools enough to ensure cyber resilience?

While turning to a CSP’s in-built tools may appear to be a logical and cost-effective decision, they tend to offer only a basic level of coverage against the global flood of cyber-attacks, data theft and application outages. In addition, CSP backup and recovery offerings cannot scale, fully protect, or provide you with a unified view of your data across all your cloud environments.

With cyber resilience the new business imperative, it’s not a matter of safety in numbers. Having three times the tools doesn’t equate to three times the protection. Taking a fragmented approach to protecting your multi-cloud environment increases the opportunity for gaps to form in your security, backup and recovery efforts. As a consequence, organisational and reputational risk goes up – not down.

More frequent use of CSP tools is also associated with more operational downtime related to outages, application failures, human error, and even natural disasters. Despite 53% of Australian organisations agreeing that relying solely on CSP backup and recovery tools puts their organisation at risk, 55% use CSP tools all the time.

The only way to confidentially mitigate the impact of costly assaults on your multi-cloud environment is through third-party protection.

When it comes to CSP responsibility, you don’t likely know what you don’t know

Perception is a wonderful thing. But unfortunately, while you’d imagine that your CSP is responsible for protecting your data, that’s not the case.

Digging into the fine print of your end-user licensing agreement usually unearths that the CSP is only responsible for protecting the infrastructure, and that you are entirely responsible for protecting your data and workloads in that cloud environment. So, the offer of standard backup and recovery tools doesn’t even begin to cover your back – and your data – in case of a cyberattack. Times three.

Even using Microsoft or Office 365 doesn’t guarantee that your data is backed up in the cloud. Office 365 takes a shared responsibility approach. While they may store it, it’s your responsibility to control and protect it.

In our recent paper (2022 Research Report on Securing Your Enterprise in a Multi-Cloud Environment), we identified that 96% of Australian organisations didn’t realise who was responsible for what.

This brings us to the big question…

How can you be cyber resilient if you don’t have a handle on your cloud environments?

When you follow best practices for backup, data protection and disaster recovery, you are more cyber resilient. Best practice includes having a “3-2-1” backup strategy – one primary backup and two additional copies of their data, using at least two different storage mediums, with at least one copy offsite.

Backup timing is also critical – and this depends on what you’ve identified as your RPO (recovery point objective). For example, if you’re only taking data snapshots every 12 hours, can you afford to be without that data from 11hrs 45mins ago? Mission-critical data that hasn’t been backed up for more than 12 hours is more likely to be permanently lost in case of a ransomware attack or server failure. Yet, only 10% of Australian organisations are committed to continuous data backup, while 45% back up their data less frequently than every 12 hours.

While that ‘may’ work for some businesses, it certainly doesn’t for others. A case in point is law practice Colin, Biggers & Paisley, who says, “Losing even an hour of productive time costs a firm a great deal, and legal work never stops. It’s around the clock.”

Colin, Biggers & Paisley are just one of many Australian organisations that opt for solutions like Veritas NetBackup to ensure they are actively cyber resilient across single or multi-cloud environments. Such is the reliability of their Veritas backup and disaster recovery system that Colin, Biggers & Paisley proudly present the results of their twice-yearly data backup and DR audits to potential clients as a benefit of engaging with them.


In partnership with

VMWare elevates Global Storage to Principal Partner

In further solidifying our relationship with VMWare, Global Storage has recently achieved Cloud Verified and Principal Partner status.

To become a Principal Partner we have demonstrated continued efforts in becoming an expert in VMware solutions and service, and have taken the necessary steps through Master Services Competency (MSC) achievement—or the equivalent—as well as demonstrated a growing company sales performance. Principal partners are the most qualified partners in VMware Partner Connect and with this distinction, they demonstrate a broad range of expertise and the ability to best serve their customers’ needs. 

As a Cloud Verified Partner you know that Global Storage will expertly deliver cloud infrastructure as a service—so your cloud strategy will be flexible and resilient today, tomorrow and for years to come. 

Global Storage is also the first Australian partner to have achieved the VMWare Disaster Recovery as-a-service certification. They are one of only six partners with this certification across Asia Pacific. 

DRaaS is a Business Growth Strategy

Transformational changes, as we experienced in 2020, bring challenges and unforeseen business opportunities. Improving enterprises’ growth opportunities and ensuring business continuity are two areas where the cloud plays a vital role. Organizations that embrace the cloud transform into asset-light entities that are agile, more competitive and focused on the growth of their businesses. Cloud-based disaster recovery as a service (DRaaS) is the foundation of a sound business continuity strategy that keeps the company running, even in the aftermath of a disruptive event.

Enterprises with mature cloud adoption improved business resiliency and reliability as they reduced downtime by 58% and monthly critical incidents by 55% with cloud migration.1

Ride the waves?

It is always prudent to ride the waves of change than to fight them. New trends, including SaaS and IoT, have shifted enterprise data to the edge and the cloud. A recent IDC report found that only 30% of stored data is stored in internal data centers. It makes the most sense to have your backup applications near your data in the cloud.2

The rising cyberthreats serve as a constant reminder and a motivator for moving corporate data to the cloud to be better protected. Business continuity requires air-gapped backup copies that are readily available in the event of a disruption. DRaaS is the wise option for a full recovery and the lowest downtime.

Gartner predicted that cyberattacks were likely to impact one organization every 11 seconds by the end of 2021. Aside from being costly, breaches will damage an organization’s reputation and cause loss of customers and trust. Cyber-attacks tend to have a long tail, and their impact on enterprises lasts for years.3

DRaaS makes good business sense?

DRaaS is the most precious business insurance policy that one can find. The value of DRaaS is rarely appreciated until we need it, however it turns out that businesses need disaster recovery a lot. Gartner says 76% of organizations reported at least one incident in the past two years that required an IT DR plan.4 Let’s look at some of the business benefits of DRaaS:

  • Budget-friendly OpEx. The cloud model offers a utility consumption model where you pay for what you consume. The new model removes the expensive upfront CapEx investments and lowers operating expenses for simplified testing.
  • Free scarce IT resources. DRaaS frees IT teams to focus on more valuable business initiatives.
  • Maintain business continuity. Cloud-based backups are air-gapped and beyond bad actors’ reach, ensuring business continuity with the least disruptions.
  • Data protection. Cyberthreats are a constant danger that requires resources beyond IT teams’ abilities. About 81% of organizations consider security their top challenge.5
  • Continuous compliance. DRaaS enables enterprises to respond to audits and demonstrate compliance with proper reporting and documentation.

Learn more about how to grow your business with our cloud DRaaS by visiting: Global Storage

Sources:

  1. McKinsey Digital February 2021. “Cloud’s trillion-dollar prize is up for grabs.”
  2. Seagate 2021. “Rethink Data. Put More of your Business Data to Work from Edge to Cloud.”
  3. Gartner December 2020. “How to Cut Costs for Backup and Recovery Software, Now and in the Future.”
  4. Gartner April 2020. “Survey Analysis. IT Disaster Recovery Trends and Benchmarks.”
  5. Flexera 2021. “Flexera 2021 Stare of the Cloud.”

How much is your customer data worth? And how much should you pay to protect it?

Modern businesses rely on data for every aspect of their operation. How you protect this data on a daily basis helps to define the operational integrity and success of your business. Along with intellectual property, financial data, and employee records, customer data demands special attention. While there is a cost associated with professional backup and disaster recovery services, it is minimal compared to the extensive losses associated with many data loss scenarios.

The real business value of customer data

The value of data is well-known, with an entire field of study called infonomics concerned with the economic value of information. However, despite the ability of data to transform every aspect of business, according to Gartner analyst Doug Laney, many companies manage their “office furniture with greater discipline than [their] information assets.”

According to Gartner, information has three foundational measures:

  1. Intrinsic value – How correct is your data?
  2. Business value – How relevant is your data?
  3. Performance value – How hard does your data work?

Customer data is particularly sensitive due to its high value across all three measures. The people who trust you with their data are largely responsible for your success, with data integrity offering a range of immediate and follow-through benefits. In order to measure the real cost of data backup and recovery services, it’s important to weigh up the direct costs with the following potential impacts of data loss.

Recovery Costs

There are a range of immediate and ongoing recovery costs associated with any data loss scenario. Lacking or incomplete backup solutions may cause data loss, with each accident or security incident needing to be analysed, corrected, and secured to ensure it doesn’t happen again. As you might expect, this can be an expensive exercise, with a single security incident enough to cause substantial damage to your balance sheet.

Loss of business continuity

In order to define the value of your customer data, it’s important to understand the opportunity costs associated with data loss. Whether it’s due to data theft, natural disaster, or human error, lost or compromised data has a range of potential impacts that threaten your ongoing productivity. Along with the immediate and direct costs associated with recovery, data loss is likely to compromise the continuity of your business operations.

Non-Compliance

Compliance is a serious issue for any business, especially when you’re dealing with private customer records. Depending on your industry sector and jurisdiction, non-compliance may have significant financial and legal implications. Professional third-party backup services allow you to meet stringent compliance obligations, including service-level agreements, reporting, and record-keeping. Non-compliance often comes with substantial fines, with prevention always better than cure.

Reputation damage

Integrated data backup solutions help you to avoid data loss and enable immediate recovery should a security event occur. Along with the immediate costs associated with recovery and non-compliance, and the long-term damage of lost business continuity, there are more indirect costs associated with reputation damage. A single security incident can threaten the hard-earned reputation of any business, with preemptive data backup and recovery measures needed to ensure a strong and enduring reputation.

Complete data backup and recovery solutions for Microsoft 365

From limited to substantial, from immediate to long-lasting, there are a number of real costs associated with data loss events. In order to secure your business and get it ready for the future, it’s important to look after your valuable data assets. Specialised third-party solutions are required for any business, especially those that rely on cloud-based software services such as Microsoft 365.


If you’re ready to take responsibility for your data, please download our white paper, Best Practices for Backing Up Microsoft 365

Get in touch for a Free, No‑Obligation Consultation

Arrange a chat with our experienced team to discuss your data protection, disaster recovery, cloud or security requirements.

  • Arrange an introductory chat about your requirements
  • Gain a proposal and quote for our services
  • View an interactive demo of our service features

Prefer to call now?
Sales and Support
1300 88 38 25

By filling out this form you are consenting to our team reaching out to you. You may unsubscribe at any time. Learn more by visiting our Privacy Policy

Hidden
This field is for validation purposes and should be left unchanged.

© 2021 Global Storage. All rights reserved. Privacy Policy Terms of Service

The Global Storage website is accessible.

Download
Best Practices For Backing Up Microsoft 365

By filling out this form you are consenting to our team reaching out to you. You may unsubscribe at any time. Learn more by visiting our Privacy Policy

This field is for validation purposes and should be left unchanged.

Download
5 Myths About Backing Up Microsoft 365 Debunked

By filling out this form you are consenting to our team reaching out to you. You may unsubscribe at any time. Learn more by visiting our Privacy Policy

This field is for validation purposes and should be left unchanged.