"Most Organizations do Not Follow Data Backup Best Practices"

Security researchers at Apricorn announced new findings from a survey, which revealed that while the majority of organizations have data backup plans in place, data for many are at risk.   The researchers surveyed almost 400 veteran IT security practitioners in industries such as healthcare, IT, education, financial services, and manufacturing about security practices around remote and hybrid work, focusing on data resiliency.  Most of the respondents (93%) say they have a ransomware readiness plan, but significant knowledge gaps exist with regard to adequate backup and cyber resilience practices.  The researchers stated that 26% of participants view the cloud as too risky for data backup, but only one in three back up to both the cloud and to encrypted hardware storage devices.  Most participants (82%) want their organizations to require encrypted hardware USB usage, but only 34% have mandated such a policy.  Additionally, only 20% back up in real time, and only 18% employ the long-established best practice for backup, the 3-2-1 method.  During the research, it was discovered that two years into the pandemic, 81% of respondents agree that remote and hybrid work are now standard practices within their organizations.  However, 20% are not circling back to address security holes that exist as a result of the rapid changes made to accommodate work-from-home and remote work policies at the start of the pandemic.  Of the 80% of participants that are going back to address pandemic-rushed policies, only 41% are addressing integration and enforcement of new technologies such as external USB storage devices, hardware storage, and encryption.  And only 34% have put a policy in place to mandate encrypted USB storage devices for protecting data on the move.  The researchers also found that 25% of respondents noted that the strict hybrid work policies they put in place are not being adhered to by employees, despite 82% of them continually reinforcing those policies to employees.  Additionally, 60% of respondents do not back up their data or devices in advance of working remotely.

Help Net Security reports: "Most Organizations do Not Follow Data Backup Best Practices"