Cybersecurity has become a priority for companies, especially in the post-COVID world. Minneapolis-based Arcserve provides solutions to protect organisations’ digital assets. Founded in 1983, the company offers business continuity solutions to safeguard multi-generational IT infrastructures with applications and systems, in any location, on-premise and in the cloud.
Analytics India Magazine got in touch with Nikhil Korgaonkar, Regional Director, Arcserve India & SAARC, to gain insights on the inner workings of the company.
AIM: What are the critical steps companies can take to deal with cyberattacks?
Nikhil: The first step is to accept that cyberattacks are inevitable. If it hasn’t happened yet, it’s only a matter of time before your organisation experiences one. As Cybersecurity Ventures puts it, the frequency of ransomware attacks will be 11 per second by 2021.
Accepting that cyberattacks are inevitable narrows down the next plan of action; that is putting up a defence mechanism in your organisation’s network. At the very least, this could be a strong firewall gatekeeper that will not allow phishing attacks or suspected emails to enter the network. As one says prevention is better than cure, I would suggest organisations should take preventive steps also to curb or reduce cyberattacks. Best is to educate your employees about the dangers of cyberattacks. Train them to notice subtle differences in email IDs, unsafe attachments, and unknown links that can trigger ransomware installation into the network system.
Organisations should also have a swift response team on standby to minimise damage in case of a cyberattack. This response team should include representatives from all relevant business units like operations, communications, and IT departments — all with clearly defined roles and an action plan to follow if an attack happens. It’s vital that each team member knows their role and action items well in advance. Running regular drills is an effective way to test and improve your team’s response time and performance before an attack strikes.
It’s also important to understand the different types of cyberattacks an organisation can face. This helps in understanding the source of the breach, the size of its impact to implement the most effective action plan.
The most important thing to remember is to protect the enterprise data. Enterprises must adopt and implement an elaborate business continuity and disaster recovery strategy. An attack may not be prevented but data can be saved. And that’s what matters in the end.
AIM: What are the standard data protection practices companies should follow?
Nikhil: A data breach can happen for various reasons in an organisation. What’s important is to accept its inevitability and have a disaster recovery plan in place.
Systems, applications, and data, which are mission-critical and can affect business continuity must be protected at all cost. Start by assessing all systems, applications, and data, and document business requirements for each. This helps in identifying what needs to be available if an attack happens.
Use the 3-2-1 strategy which is quite effective in securing data. According to this strategy, an organisation should create three copies of data, store them on two different media (such as disk and tape) and store one copy off-site or on the cloud.
One can also go for data protection appliances. These are turn-key solutions that serve mid-market businesses and are both flexible and scalable.
AIM: What is your take on India’s data protection bill?
Nikhil: Organisations need to protect their data at any cost, irrespective of the origin of the breach which could be anything from an IT disaster to a cyberattack. Today, remote work has increased the threat vector for organisations several times. As I said before, ransomware threats have gone up to every 11 seconds, which translates to roughly three million companies worldwide under threat. Therefore, it’s important to spread awareness on cyberattacks on personal and corporate digital assets.
Unfortunately, that is not enough. Data is a unit that is continuously being exchanged between devices and networks and the Indian government needs to have guidelines and standards for organisations to follow. While the government has been taking COVID-awareness initiatives, it should also take urgent steps for data protection and cybersecurity.
In an information-driven economy, data protection and privacy are almost like a citizen’s fundamental right and the earlier the bill is released, the better it would be. And it should be an integrated effort between the government and India Inc.
AIM: What are the major trends in cloud and cybersecurity in 2021?
Nikhil: In 2020, we saw the rise of ransomware. In 2021, we expect it to increase in frequency. The new dimension of remote work has also added another vector for threat actors and new information security threats have emerged. The corporate attack surface has become scattered and widened. From privileged credential compromise to the use of mixed personal and professional networks, attackers are now hopping over the lower bars for entry. For instance, by compromising multiple, insecure home networks at the same time, attackers can manufacture massive-scale breaches of critical systems and services.
Rapid cloud migration happened during the pandemic, which propelled organisations to embrace digital transformation. Cloud-based security threats, including misconfigured cloud storage, reduced visibility and control, incomplete data deletion, and vulnerable cloud apps, will continue to disrupt businesses in the future ahead.
These trends highlight the importance of data protection. As perimeters have dissolved, remote work is an accepted phenomenon, and digital transformation is the way to go. Organisations will have to ensure they have an active data protection and disaster recovery plan all the time. In times to come, having a data recovery strategy and tools will become as imperative as having a cybersecurity strategY.
AIM: Tell us about Arcserve’s merger with StorageCraft
Nikhil: The Arcserve-StorageCraft merger brings together two complementarity companies that combine their products and channel partners to address a much broader global market. The merger will allow us to solve all customer data protection and business continuity needs with simplicity, agility, affordability, and scale.
The UDP platform is Arcserve’s flagship product that covers the whole nine yards of data protection. We have launched X series appliances, our fourth generation of appliances that can address enterprises’ needs with a single data volume exceeding 3PB. We also offer replication and disaster recovery functionality, cloud backup for Office 365, live migration and partners with Sophos for security, with cloud as a key area of interest.
StorageCraft offers OneXafe scale-out storage, ShadowXafe data protection, cloud disaster recovery as a service (DRaaS) and Microsoft Office 365 and G-Suite backup. StorageCraft’s products have a more service provider focus, with monthly billing and multi-tenancy functionality.
StorageCraft is US-focused. While it adds an MSP (managed service provider) network to the system, Arcserve supports its own cloud data centres. Arcserve’s solutions are platform-agnostic and protect physical, virtual, cloud and hybrid networks.
Together we will bring the much-needed business continuity, an exciting future roadmap, and certainty for our customers, who will continue to interact with their respective partner (Arcserve or StorageCraft) and access a larger selection of products and services.
AIM: What is Unified Data Protection (UDP) 8.0?
Nikhil: We recently launched Arcserve Unified Data Protection (UDP) 8.0, which is designed to protect organisations’ entire infrastructure, including hyperconverged, from data loss, cybercriminals, and persistent threats like ransomware. This has made us the only data protection vendor capable of delivering ransomware prevention across hardware, cloud, SaaS, and other environments. As ransomware and malware are among the most serious data threats facing organisations today, it is pivotal that they are addressed urgently.
We have been actively working with Sophos and other key partners to combat these challenges for businesses, enabling companies to protect their backup data, no matter where it’s stored. Due to our partnership with Sophos, we are at the forefront of vendors delivering these integrated solutions. Given the broad deployment of applications in today’s organisations, these solutions are to address core, cloud and edge environments, which is what Arcserve aims to do with the release of UDP 8.0.
Subscribe to our NewsletterGet the latest updates and relevant offers by sharing your email.
Srishti currently works as Associate Editor at Analytics India Magazine. When not covering the analytics news, editing and writing articles, she could be found reading or capturing thoughts into pictures.