The new NIST list – what you need to know 

How time flies. It’s already been almost 10 years since the NIST (National Institute for Standards and Technology) Cybersecurity Framework was first rolled out to provide technical guidance for those responsible for critical infrastructure interests, including energy, banking, and public health. 

By early November, we can expect to see a sixth function officially added to the famous five functions of an effective cybersecurity program – namely: Identify, protect, detect, respond, and recover. 

And we’re glad to say that the final function is ‘govern’. 

It’s expected that the addition of the sixth function will expand the usefulness of the NIST framework to all those sectors outside of critical infrastructure and provide guidance to support their overall cybersecurity strategies.  

Celebrating the new NIST framework 

So, why does NIST 2.0 make us quietly happy? Possibly because it’s something we’ve taken to heart. 

From the Global Storage perspective, governance has long been the missing piece in the cybersecurity puzzle. Having gone through the intensive processes of earning ISO 27001 certification several years ago, it’s good to see NIST catching up with the technology partners (like us) who adopted ‘govern’ as a central premise to support and protect their customers more effectively. 

And the Australian Government obviously agrees. Its current principles of cybersecurity governance are grouped into four key activities: govern, protect, detect and respond. Govern: Identifying and managing security risks. Protect: Implementing controls to reduce security risks. Detect: Detecting and understanding cyber security events to identify cyber security incidents. Respond: Responding to and recovering from cyber security incidents. 

 In its discussion paper, “Strengthening Australia’s cybersecurity regulations and incentives,” the government is actively seeking views about how it can incentivise businesses to invest in cybersecurity, including through possible regulatory changes. The first of the proposed new policies up for discussion is governance standards for large businesses. Suggested governance approaches include alignment with international standards and frameworks (like ISO 27001 and NIST).  

Governance (and the associated reporting) is clearly a timely new focus for those non-critical infrastructure Australian businesses that haven’t yet fully developed a robust and all-encompassing cybersecurity plan. ASIC has started to actively fine businesses that fail to take remedial action after breaches – and they are unlikely to accept excuses based on size and lack of capability from the SMB sector.  

It’s been interesting for us to watch some of our larger customers, who previously aligned themselves with the ASD Essential Eight, now realigning themselves with NIST due to its depth, breadth and maturity. And we expect the addition of the ‘govern’ function to cement that move even more firmly. 

Catching the curve ball 

While we’d like to say we were ahead of the curve in becoming ISO 27001 certified, the reality is that many technology partners saw the writing on the wall. We could see that “govern” would be recognised as an important function over and above the five technical, control-based standards championed by NIST up until now – and that our commitment to going further should be sooner than later.  

What Global Storage’s ISO accreditation (and statement of applicability) means for our customers is that we keep the necessary governance records for them. So, if they are audited or even prosecuted, we can prove that the principles and controls of ‘govern’ were fully followed. In effect, they can leverage our external certification against their compliance requirements, making it easier for them to do business with confidence. And in turn, we leverage the certifications of our own ISO-accredited service providers.  

While committing to ISO 27001 five years ago was a market differentiator, it’s now a prerequisite for most partners like us. Now, from a sales perspective, it accelerates the conversations and removes roadblocks. Whereas ‘before’, our customers had no dedicated security resources, today’s organisations typically have multiple internal staff whose primary responsibility is security. But they are the lucky ones. With the huge global deficit in cybersecurity resources, they’re often lucky to be able to afford to hire and retain the people needed. All of which makes it even more important that a partner can offer the certified support needed.  

New framework, new challenges 

But going back to a cybersecurity framework that includes ‘govern’, for those already in a regulated industry (for example, health and banking), it shouldn’t pose too much of a problem – they are used to the requirement of being audited.  

In the case of non-regulated and often less mature industries, though, it will pose a challenge despite growing customer demand that they level up. For these organisations in particular, having a service provider that’s already got all those ‘govern’ boxes ready-ticked will alleviate the time, pain, and distraction of completing additional paperwork. 

As I’ve said, we’ve made a significant investment in ISO 27001, and that accreditation requires us to achieve and maintain precise standards and undergo a yearly external audit. It’s also shaped the way we run our business. We can’t afford mistakes; we put our reputation on the line daily. These days, saying “oops, sorry, my bad” isn’t good enough for us or our customers (and in our books, it never has been) – meaning we’re very prescriptive about how we run our cybersecurity functions and services.  

Feel good about the company you keep 

Like practically every company in the world, we’ve had cybercriminals trying to attack us – but every attempt has been detected, contained, and dealt with in keeping with our governance system. We’ve never had a breach. 

With NIST soon to be updated and the Australian Government looking likely to enforce governance for all organisations regardless of size, it’s critical these businesses can turn to a trusted service provider who has been there, done that – and actually lives and breathes the concept of “govern”. Only by doing that can they quickly and directly move forward and comply while reducing risk. 

Service partners like Global Storage are no longer just the clean-up crew when something goes wrong. We’re not just the people you lean on for (exceptional) backup and recovery as a service and disaster recovery as a service to provide 24/7 protection, but the in-depth reporting needed to keep you compliant, auditable, and accountable for everything cybersecurity.  

So, when your performance and strategy are held up against NIST standards, ISO standards, or government governance regulations, you can be confident that you, too, are ahead of the cybercrime curve ball.  

When it comes to cybercrime, you are not a unicorn.

At the risk of sounding like a broken record, cybercrime is only getting worse. And no matter how ‘special’ and ‘unique’ you are, you are unlikely to remain unscathed.

Ransomware is now the rule, not the exception

In Veeam’s 2022 Ransomware Trends Report, they summarised the learnings gained by interviewing 1,000 organisations that had all experienced ransomware attacks. So, not those living in fear of an attack, but those who had been through one and came out the other side in varying degrees of health. The researchers talked to security professionals, IT operations, backup administrators and CISO (or equivalent IT executives).

Veeam’s ransomware report dovetails with their 2022 Data Protection Trends report, where 76% of the 3,393 organisations surveyed had suffered at least one ransomware attack, and 24% had avoided or were totally unaware that they’d been attacked. As with the ransomware report mentioned above, the criteria for being included in this research was that each organisation must have experienced at least one attack in 2021.

Between these two pieces of research, two important trends were uncovered:

  1. Cybercriminals were double dipping. To quote Veeam: “Only about one in four (27%) organizations suffered just one attack, presumably with bad actors attempting to return for more ransom.”
  2. No unicorn is safe. Again, to quote Veeam: “Organizations of all sizes appear relatively equal in the persistence of attacks from small-to-medium-sized businesses (SMBs) (100–249 employees) to large enterprises (>5,000 employees). Said another way, just like any other disaster (fire/flood), ransomware attacks are universally pervasive.”
    Veeam also noted that ransomware survey respondents reported that an average of 47% of their data was encrypted by ransomware.

As a result of this research, one of Veeam’s primary conclusions was that “the best way to reduce the risk of a cyberattack like ransomware is to have a comprehensive and tested disaster response plan.”

Move your mouse away from that!

Despite our increased awareness and training, humans remain the greatest point of failure when it comes to inviting cyberattacks into our businesses. Phishing emails, malicious links and websites are still the most common point of entry for criminals.

One positive observation made by Veeam was that only 1% of their respondents reported they could not identify the entry point. In other words, 99% of the time, the monitoring and investigation tools they used pinpointed their vulnerabilities – human and otherwise – so they could be addressed.

Once a bad actor has gained entry into your environment, Veeam says that 94% of the time, your backup repositories are their primary target. And that 68% of repositories are impacted as a result.

Veeam adds:

“Specific production platform or application types were targeted in 80% of successful ransomware attacks, presumably based on known vulnerabilities within common platform types, such as mainstream hypervisors and operating systems or wide-spread workloads like NAS filers or database servers.”

We get it: Protecting your data isn’t simple

With organisational data often spread across multiple clouds and systems, as well as geographies and locations, it only adds to the challenge of ensuring your data is not only available and scalable – but also protected.

Faced with today’s cyber challenges (and new threats looming as AI becomes part of the baddies’ arsenal), your ability to be cyber resilient and recover to a business-as-usual state as quickly as possible is more critical than ever. No one can count on being the fairy-tale exception to the rule when it comes to ransomware attacks.

To rehash that well-worn saying: It’s not a matter of if your unicorn breaks its horn, but when.

According to Veeam’s 2023 Data Protection Trends report, “…many legacy IT environments are running legacy backup solutions that were designed for the physical data center era. This specifically hinders an enterprise’s ability to focus on cloud-based SaaS and IaaS, which puts your data at risk of data breach and can lead to unoptimized large-scale data management.”

Interestingly, Veeam reports that 52% of those organisations with encrypted data paid the ransom demand (mainly with the help of their cyber insurance policies) and successfully recovered it. As for the rest? 25% paid up but didn’t recover their data. The remainder undertook remediation to recover their data successfully, but this took an average of 18 days, which is a long time to be out of the business-as-usual loop.

It’s time to join the rest of the herd

While cybercrime is pervasive and seemingly unavoidable, it doesn’t absolve your business from taking its share of responsibility from a legal, commercial, and ethical standpoint.

It’s hard (and for some, impossible) to recover from a massive fine, the sense of betrayal experienced by your customers when their data is sold off to the highest bidder, or your employees are unable to work as every line of business application freezes. For days, weeks, and even months.

And yet, knowing this, only one out of every six organisations test whether their backup solutions work by restoring and verifying their data. So, when it comes to a ransomware attack, most businesses are still winging it when it comes to having backup that works.

Unicorn or not, the only certainty in life for today’s businesses is the importance of weathering that inevitable cyber storm. And that includes ensuring you have:

  1. Reliable, innovative, industrial-strength cybersecurity solutions
  2. A well-understood, committed and tested cyber resiliency strategy

Feel free to talk to us if you’re unsure about either. We’ll even throw in some love and rainbows.

Written in partnership with

Cyber resiliency in a multi-cloud environment – how hard can it be?

When data security is ranked as the leading challenge facing organisations that access and maintain data in cloud environments (above cost, complexity and lack of expertise), you know there’s an issue.

It’s one thing to rely on the standard backup and recovery tools available from a public cloud service provider (CSP), but what happens when most Australian organisations use three public CSPs on average? How do you juggle using three sets of tools effectively?

In truth, we believe you can’t – and you shouldn’t. Not if you value your business, and your data.

Why aren’t public CSP in-built tools enough to ensure cyber resilience?

While turning to a CSP’s in-built tools may appear to be a logical and cost-effective decision, they tend to offer only a basic level of coverage against the global flood of cyber-attacks, data theft and application outages. In addition, CSP backup and recovery offerings cannot scale, fully protect, or provide you with a unified view of your data across all your cloud environments.

With cyber resilience the new business imperative, it’s not a matter of safety in numbers. Having three times the tools doesn’t equate to three times the protection. Taking a fragmented approach to protecting your multi-cloud environment increases the opportunity for gaps to form in your security, backup and recovery efforts. As a consequence, organisational and reputational risk goes up – not down.

More frequent use of CSP tools is also associated with more operational downtime related to outages, application failures, human error, and even natural disasters. Despite 53% of Australian organisations agreeing that relying solely on CSP backup and recovery tools puts their organisation at risk, 55% use CSP tools all the time.

The only way to confidentially mitigate the impact of costly assaults on your multi-cloud environment is through third-party protection.

When it comes to CSP responsibility, you don’t likely know what you don’t know

Perception is a wonderful thing. But unfortunately, while you’d imagine that your CSP is responsible for protecting your data, that’s not the case.

Digging into the fine print of your end-user licensing agreement usually unearths that the CSP is only responsible for protecting the infrastructure, and that you are entirely responsible for protecting your data and workloads in that cloud environment. So, the offer of standard backup and recovery tools doesn’t even begin to cover your back – and your data – in case of a cyberattack. Times three.

Even using Microsoft or Office 365 doesn’t guarantee that your data is backed up in the cloud. Office 365 takes a shared responsibility approach. While they may store it, it’s your responsibility to control and protect it.

In our recent paper (2022 Research Report on Securing Your Enterprise in a Multi-Cloud Environment), we identified that 96% of Australian organisations didn’t realise who was responsible for what.

This brings us to the big question…

How can you be cyber resilient if you don’t have a handle on your cloud environments?

When you follow best practices for backup, data protection and disaster recovery, you are more cyber resilient. Best practice includes having a “3-2-1” backup strategy – one primary backup and two additional copies of their data, using at least two different storage mediums, with at least one copy offsite.

Backup timing is also critical – and this depends on what you’ve identified as your RPO (recovery point objective). For example, if you’re only taking data snapshots every 12 hours, can you afford to be without that data from 11hrs 45mins ago? Mission-critical data that hasn’t been backed up for more than 12 hours is more likely to be permanently lost in case of a ransomware attack or server failure. Yet, only 10% of Australian organisations are committed to continuous data backup, while 45% back up their data less frequently than every 12 hours.

While that ‘may’ work for some businesses, it certainly doesn’t for others. A case in point is law practice Colin, Biggers & Paisley, who says, “Losing even an hour of productive time costs a firm a great deal, and legal work never stops. It’s around the clock.”

Colin, Biggers & Paisley are just one of many Australian organisations that opt for solutions like Veritas NetBackup to ensure they are actively cyber resilient across single or multi-cloud environments. Such is the reliability of their Veritas backup and disaster recovery system that Colin, Biggers & Paisley proudly present the results of their twice-yearly data backup and DR audits to potential clients as a benefit of engaging with them.

In partnership with

Wondering if your leap to cloud was the right move?

There’s a right way of doing things, for all the right reasons.

And then there’s the other way. The kneejerk reaction to significant (and often scary) changes in the financial, business, and social climate. The one that keeps you up at night wondering if you did the right thing by jumping on the cloud transformation bandwagon, just because it was going past, rather than because it was going in the direction you’d already planned to take.

Despite the rush to the cloud prompted by COVID, Deloitte says that “46% of businesses are not quite ready for cloud technology, which means they are not set to maximise the business benefits that cloud can bring.”

While we’re all tired of (and even hate) technology buzz words and phrases like digital transformation, disrupt, pivot, and cloud, they are largely inescapable. And due to COVID (another word we want to put behind us) digital transformation has led most of us to the cloud, ready or not.

Cloudy outcomes

On the whole, moving to or accelerating adoption of cloud technologies has been a good thing. But it’s important to understand the difference between cloud transformation and cloud optimisation – and which part of the journey you are on. Here’s a quick 101 recap:

Cloud transformation is the process of transitioning all or some of your data, apps, and software to the cloud with the aim of becoming more efficient and adaptable, gaining the ability to quickly scale and flex at will, and improve your data security. And of course, it helps you save and manage costs as you wave goodbye to investing in physical infrastructures and on-premises software support and updates.

Then, there’s cloud optimisation.

This is the process of continuously eliminating cloud resource wastage so you’re not overspending. So, you have a strategy to judiciously select, provision, and right-size what goes where in the cloud, and which costly cloud features you consume. To put this in perspective, multiple cloud technology vendors are already reporting that 50-60% of organisations have said that optimising cloud costs is one of their goals for 2022.

A waste of cloud space and budget

When Forbes says that 30% of cloud spending is wasted, you can understand why cloud optimisation is such a hot topic right now with CEOs around the world.

So, what mistakes did so many make that backed them into an overly expensive cloud corner? What can we all learn from the mistakes of others – and ourselves?

  1. Failing to track unused instances. The cost of maintaining aging, or inactive instances in your environment can run up your cloud infrastructure costs, without even offering a ROI.
  2. Letting your instance size get away on you. If your cloud environment doesn’t have right-sized, strategically customised cloud instances, it can blow your budget out of the water.
  3. Saying ‘no’ to a hybrid or multi-cloud strategy. All clouds are not created equal, and some are more cost effective for some uses than others.
  4. Not showing orphans to the door. Orphaned volumes and snapshots of terminated instances, that is. Some cloud providers continue to charge you for keeping them handy.
  5. Expecting your IT team to keep track of everything – manually. Sorry, in this day and age, especially at an enterprise level, this just isn’t feasible. Automation exists for a reason.

Did you do it right to start with?

Now, backing up to one of our original points, did you make the right cloud transformation decisions to start with? Or was it just a matter of expedience hastened by COVID? And what wouldn’t you do again?

  1. Not adopting the right (or any) cloud strategy from the outset. You have several options when moving to the cloud, and they each impact the outcomes you experience. A cloud-first strategy means you put cloud solutions at the top of your shopping list, in preference to non-cloud solutions. Then there’s cloud-only, where you replace everything with cloud solutions regardless of whether, for example, a hybrid strategy which rationalises a balance of cloud and on-premises, makes more sense. Then there’s a cloud-workload strategy which focusses on your goals and existing application/data portfolio and to identify how and where these would be best served in terms of cost and performance). And lastly, a lift and shift strategy where legacy on-premises applications are virtualised and dropped into your cloud.
  2. You just weren’t ready. Ignoring change management and the need for training are dangerous shortcuts to take, as are failing to get top-down support or aligning the project to meet your business processes. Those are three big ‘nos’ in a row.
  3. Assuming you know everything about security. Public cloud breaches have almost all been driven by enterprise customers’ insecure configurations. And Gartner predicts that through to 2025, 99% of cloud security failures will be the fault of the customer’s security team.
  4. Perceiving cloud as a money-saving scheme. When, in fact, its potential for money making through improved productivity, efficiency, and superior analytics is far greater.

The right outcomes stem from the right decisions

While COVID certainly hastened the rush for the cloud, it also forced some businesses into making hasty digital transformation decisions which resulted in a less than stellar payback. This is apparent in the 70-95% failure rate cited by KPMG, McKinsey, BCG, and Bain & Company.

However, it’s reassuring to see Deloitte say that of the organisations surveyed for its Cloud Imperative paper:

  • Around 80% stated that ‘by implementing cloud they were better prepared to address future challenges and organisation needs’ and that ‘cloud enables them to innovate more quickly and frequently’
  • That 70% indicated that cloud allows them to instantly scale up or down.

The key, it seems, is to have a goal, a strategy, and a good dose of common sense. And a partner that knows the ropes.

Are you constantly playing ‘spot the difference’ with your cloud costs?

While the pressure is on for organisations to embrace the myriad benefits and opportunities for transformation and innovation that cloud brings, there’s also an undercurrent of despair. It seems that the much-touted predictability of cloud costs isn’t all it’s been made out to be.

A central failing of most cloud services is that they bill customers for resources that are never used or fully utilised – so costs spiral out of control. Gartner’s report on ‘How to Manage and Optimise Costs of Public Cloud IaaS and PaaS’ estimates that as much as 70% of cloud costs are wasted. (Take a moment to read that again: 70%!).

Many organisations reliant on their cloud infrastructures have learned the hard way to expect the unexpected – on a regular basis. They’re challenged by OPEXs that vary from month to month, unregulated cloud costs delivering surprising price hikes, and the need to scale their requirements up and down constantly.

If those challenges sound familiar, and you count yourself amongst those organisations looking for ways to reduce cloud costs and eliminate waste, you’re not alone.

A sharp new focus on cloud cost optimisation

It’s no surprise that the appetite for transformation using cloud technology continues to grow. The 2022 Cloud Infrastructure Report found that 63% of the IT and business decision-makers (all responsible for significant public cloud infrastructure investments) that they surveyed say that they plan to increase their use of cloud technology.

While many intend to ramp up cloud utilisation, 50% of respondents also called out optimising their cloud costs to improve ROI as a transformational goal for 2022. And 62% plan to focus on and improve cost management capabilities for their cloud infrastructure (which makes it one of the top priorities for decision-makers alongside security, automation, resource inventory, and utilisation).

However, this new determination to address organisational costs comes alongside a drop in confidence in visibility into public cloud costs. Last year, 31% were ‘very’ confident in their visibility. This year it’s dropped to just 21%. And the inability to monitor and optimise their public cloud costs is a major issue for 70% of those surveyed.

While signalling a clear intention to optimise their cloud spend, it’s clearly a struggle for many organisations to make headway. Although 91% use cloud purchase options, such as reserved instances or savings plans, most – and we are talking 68% here – report they aren’t using them effectively. For example, they are finding that committing for a 1- or 3-year period to the discounts promised through reserved instances can be a false economy. What may start by saving money now, may create significant inefficiencies later.

Likewise, spot instances which fire-sale spare computing capacity can offer dramatically lower prices (with discounts up to 90%), but availability can be terminated at short notice. Which isn’t ideal if your workload is critical. Rightsizing is another trap for even the savviest technology or business team and requires constant finetuning – especially in a complex, multi-cloud environment.

So, what are the options to effectively control cloud costs and eliminate waste?

FinOps, and why it’s so hot right now

In this cloud context, FinOps is the acronym for Finance and DevOps. The FinOps Foundation defines FinOps as “an evolving cloud financial management discipline and cultural practice that enables organisations to get maximum business value by helping engineering, finance, technology and business teams to collaborate on data-driven spending decisions.”

FinOps is a worldwide movement rather than a set of proprietary processes. It’s gained considerable traction in its first decade with its rate-optimisation analysis approach to technology, using real-time reporting and just-in-time processes in conjunction with teams working collaboratively.

The desired outcome of investing in a FinOps practice is to promote the cost accountability and business agility needed to control and optimise cloud costs without sacrificing speed or innovation.

So, what – when done well – does FinOps deliver?

A mature FinOps practice will help your organisation to accelerate how quickly you realise value from your investment. So, your ROI is faster. It will drive financial accountability and visibility, meaning you’ll always know how much you’re spending and where. It will provide transparency and granular reporting, enabling your organisation to optimise cloud usage and become cost-efficient.

And because FinOps is a cross-organisation initiative (from finance to product, to engineering and more), it builds trust and collaboration. Lastly, it identifies and controls the dreaded sprawl of uncontrolled (and often unknown) cloud spending.

This quote from the FinOps Foundation sums up successful FinOps outcomes beautifully: “If it seems that FinOps is about saving money, then think again. FinOps is about making money.”

You’re not alone

It must be noted that while 96% of all respondents in the report cited earlier acknowledge that they view FinOps as important to cloud success, in actuality, only 10% have a mature FinOps practice in place. So, there’s still a long way to go.

It doesn’t need to be a solo journey, though. In fact, it shouldn’t be unless you are determined to take your eye off the ball of what your organisation does to stay in business. (And we’d suggest that your future is probably not in cloud optimisation).

For those companies that have already adopted FinOps (whether it’s a work-in-progress or fully-fledged practice), 83% have chosen to leverage the skills, knowledge, abilities, and advanced optimisation technology of their Managed Service Partner (MSP). They look to their MSP to lead, support or collaborate with their internal teams in varying degrees, or in some cases, to manage the FinOps practice in its entirety.

Due to their investment in proven, innovative cost optimisation technology and years of expertise, your MSP can fast-track your FinOps practice’s ability to drive down cloud costs and eliminate overspending and waste – and start talking about a positive ROI.

Global Storage achieves Australian first with VMware disaster recovery as-a-service certification

Providing Flexible and Intelligent Cloud Solutions for Data Protection and Business Continuity

FOR IMMEDIATE RELEASE –

Global Storage is pleased to announce that they are the first Australian partner to have achieved the VMWare Disaster Recovery as-a-service certification. They are one of only six partners with this certification across Asia Pacific.

Gavin Hoffmann, Director of Sales and Marketing, says ‘This recognition from VMWare really highlights our commitment to providing exceptional disaster recovery services to our clients. We’re thrilled that we can showcase our skills and be the leader in ANZ for the development of these services in partnership with VMWare.’
As digital transformation initiatives and cloud adoption continue to accelerate, the need for business continuity, data protection and management has never been greater. The need to reign in data sprawl and extract business value match the enterprise’s quest for visibility, insight and desire to lower capital expenditures and cloud operating costs.

The new certification allows Global Storage to provide services enabling clients to replicate their data and virtual infrastructure to Global Storage cloud environments. The DRaaS model eliminates costly capital expenses and frees IT from spending valuable time on lengthy planning, acquisition, deployment and management cycles or business continuity.

“We are excited with Global Storage’s introduction of our VMware DRaaS solution to the many new markets served by our partner of many years. The combination of our leading solution and Global Storage’s market deep knowledge and innovative services offer reliable customer solutions and dependable local services backed by local expertise,” said Guy Bartram., Director of Product Marketing at VMware, Inc.

https://cloud.vmware.com/providers/draas-powered

About Global Storage

We go where the data is and deliver a comprehensive suite of enterprise cloud services for computing, backup, disaster recovery, storage, and regulatory compliance. With over two decades of data management experience, the Global Storage team is uniquely qualified to help companies of all sizes realize agility, efficiency and intelligent data management across diverse cloud environments.

Formed in 1997, we have 50+ staff across our branches in Melbourne (head office), Sydney, and Brisbane, and our satellite offices in the US. In 2021, Global Storage achieved ISO 27001 Certification through BSI Global.

How much is your customer data worth? And how much should you pay to protect it?

Modern businesses rely on data for every aspect of their operation. How you protect this data on a daily basis helps to define the operational integrity and success of your business. Along with intellectual property, financial data, and employee records, customer data demands special attention. While there is a cost associated with professional backup and disaster recovery services, it is minimal compared to the extensive losses associated with many data loss scenarios.

The real business value of customer data

The value of data is well-known, with an entire field of study called infonomics concerned with the economic value of information. However, despite the ability of data to transform every aspect of business, according to Gartner analyst Doug Laney, many companies manage their “office furniture with greater discipline than [their] information assets.”

According to Gartner, information has three foundational measures:

  1. Intrinsic value – How correct is your data?
  2. Business value – How relevant is your data?
  3. Performance value – How hard does your data work?

Customer data is particularly sensitive due to its high value across all three measures. The people who trust you with their data are largely responsible for your success, with data integrity offering a range of immediate and follow-through benefits. In order to measure the real cost of data backup and recovery services, it’s important to weigh up the direct costs with the following potential impacts of data loss.

Recovery Costs

There are a range of immediate and ongoing recovery costs associated with any data loss scenario. Lacking or incomplete backup solutions may cause data loss, with each accident or security incident needing to be analysed, corrected, and secured to ensure it doesn’t happen again. As you might expect, this can be an expensive exercise, with a single security incident enough to cause substantial damage to your balance sheet.

Loss of business continuity

In order to define the value of your customer data, it’s important to understand the opportunity costs associated with data loss. Whether it’s due to data theft, natural disaster, or human error, lost or compromised data has a range of potential impacts that threaten your ongoing productivity. Along with the immediate and direct costs associated with recovery, data loss is likely to compromise the continuity of your business operations.

Non-Compliance

Compliance is a serious issue for any business, especially when you’re dealing with private customer records. Depending on your industry sector and jurisdiction, non-compliance may have significant financial and legal implications. Professional third-party backup services allow you to meet stringent compliance obligations, including service-level agreements, reporting, and record-keeping. Non-compliance often comes with substantial fines, with prevention always better than cure.

Reputation damage

Integrated data backup solutions help you to avoid data loss and enable immediate recovery should a security event occur. Along with the immediate costs associated with recovery and non-compliance, and the long-term damage of lost business continuity, there are more indirect costs associated with reputation damage. A single security incident can threaten the hard-earned reputation of any business, with preemptive data backup and recovery measures needed to ensure a strong and enduring reputation.

Complete data backup and recovery solutions for Microsoft 365

From limited to substantial, from immediate to long-lasting, there are a number of real costs associated with data loss events. In order to secure your business and get it ready for the future, it’s important to look after your valuable data assets. Specialised third-party solutions are required for any business, especially those that rely on cloud-based software services such as Microsoft 365.


If you’re ready to take responsibility for your data, please download our white paper, Best Practices for Backing Up Microsoft 365

Announcing the Global Storage Partnership with NetApp

Global Storage are excited to announce their partnership with NetApp Australia Pty. Ltd. The five-year agreement will allow Global Storage to offer Managed Services now in partnership with NetApp using NetApp data management platforms.

“The NetApp partnership will showcase a number of options for storage management to customers wishing to adopt in cloud or on-premise managed services. Primarily we will be focussing on backup, disaster recovery, infrastructure and Office365 managed services, with additional products to follow.”
Gavin Hoffmann, Sales & Marketing Director – Global Storage.

The partnership with NetApp highlights Global Storage’s focus to strengthen its holistic approach to data management and protection. The joint teams will work together to ensure customers have superior options for data management, data protection, analytics, IOT and security.

As customers demand more freedom-of-choice in these areas, and consider the best outcome in terms of cloud, hybrid cloud and on-premise locality, the idea of a universal data management service becomes an ever more important value add to Business and to the protection of business critical data and operations.

NetApp is the data authority for hybrid cloud, providing a full range of hybrid cloud data services that simplify management of applications and data across cloud and on-premises environments to accelerate digital transformation. Together with our partners, we empower global organisations to unleash the full potential of their data to expand customer touch-points, foster greater innovation, and optimise their operations. For more information, visit www.netapp.com. #DataDriven

Get in touch with the Global Storage team now to learn more about how our full suite of data management solutions can help your Business achieve their data management goals.

Introducing Microsoft365 Backup As a Service

Have you been considering transitioning to Microsoft Office 365? Many businesses are transitioning to cloud, but whether this is a partial or full transition, businesses should be asking; is my cloud data properly protected?

Microsoft O365 protects from data loss using retention policies. These policies offer limited recovery capabilities and are not a long-term solution. Microsoft O365’s legal hold creates an archive copy of the data but not a backup, exposing the business and its data.

Exposure can come in the form of data that is corrupted, infected, accidentally or maliciously deleted.  Data is retained typically for a period of 30 – 90 days depending on the content (OneDrive, SharePoint, Mail, Teams). If businesses do not protect themselves for long-term backup and recovery strategies, they are at risk of data loss beyond the standard Microsoft offering.

Global Storage have recently launched a solution to this challenge, ensuring all critical business data is protected. Working under the existing Backup as a Service, Global Storage can now protect all Microsoft Office 365 data from data loss and offer simple recovery options.

M365 Backup Cloud Service is a managed service that provides backup and recoverability to your businesses data. Global Storage use market leading technologies to protect your data, ensuring it stays onshore in Australia in a geo-redundant data repository outside of the Microsoft tenancy.

Protection services are across Microsoft365 content, including Mail, Archive, SharePoint, Teams and OneDrive. Recover your lost data through a user portal managed by your IT Administrators or contact Global Storage for assisted recovery options.

Need more detail or technical information? Get in contact for a discussion with our team on your specific requirements.

Get in touch for a Free, No‑Obligation Consultation

Arrange a chat with our experienced team to discuss your data protection, disaster recovery, cloud or security requirements.

  • Arrange an introductory chat about your requirements
  • Gain a proposal and quote for our services
  • View an interactive demo of our service features

Prefer to call now?
Sales and Support
1300 88 38 25

This field is for validation purposes and should be left unchanged.

By filling out this form you are consenting to our team reaching out to you. You may unsubscribe at any time. Learn more by visiting our Privacy Policy

This field is hidden when viewing the form

© 2021 Global Storage. All rights reserved. Privacy Policy Terms of Service

The Global Storage website is accessible.

Download
Best Practices For Backing Up Microsoft 365

This field is for validation purposes and should be left unchanged.

By filling out this form you are consenting to our team reaching out to you. You may unsubscribe at any time. Learn more by visiting our Privacy Policy

Download
5 Myths About Backing Up Microsoft 365 Debunked

This field is for validation purposes and should be left unchanged.

By filling out this form you are consenting to our team reaching out to you. You may unsubscribe at any time. Learn more by visiting our Privacy Policy