By Sudharsan Aravamuthan, Head – Systems Engineering, Pure Storage India
March 31, celebrated as World Backup Day, is an important reminder for businesses to reassess their data protection strategies amidst an ever evolving, ever-growing threat landscape. Given the valuable and sensitive nature of data, backups should be made regularly, and not just once a year. Indian businesses lag their global counterparts in this regard. A study in 2024 suggested that the percentage of businesses who make regular or daily data backups is lower in India than in developed economies such as the US, the UK, Germany, and Japan.
Malware is a leading cause of data loss, and ransomware is among the most common forms of malware today. A survey by Sophos revealed that 64 percent of Indian organisations had faced ransomware attacks in 2024 and that the impact of these attacks was more severe than in the year before. Worryingly, more Indian organisations were willing to recover data by paying ransom than by using backups. [2] The real number of attacks is probably higher than the officially reported figure. There are fears that 2025 could be a record-setting year for ransomware attacks. Businesses must take proactive measures for protecting their data in compliance with cyber and data laws and regulations.
Downtime is the costliest aspect of a ransomware attack, as any outage can result in severe financial and reputational consequences. It’s vital that organizations put technology and processes in place to minimise downtime. How can they do this?
Safeguard Data to Secure Business
Backing up data isn’t enough; companies should implement advanced data protection capabilities to plan better for, and recover quickly from, ransomware and cyberattacks. This requires a two-pronged approach—taking regular, immutable, indelible copies of data, and establishing the necessary infrastructure to rapidly restore from backups at scale in the event of a cyberattack or any other event that compromises data or disrupts operations. Immutability and indelibility mean that these copies cannot be changed or encrypted or deleted, even if someone tries to do so using administrator credentials. This ensures resilience and reliability in the event of a cyberattack.
However, even reliable backups have limited effectiveness if operations cannot be restored quickly. There are advanced flash-based storage solutions that dramatically increase the speed of data restoration. The leading solutions can recover hundreds of TBs per hour, enabling organizations to restore systems in hours and resume normal operations with minimal impact.
The ability to swiftly restore critical services is mandatory in some regulated industries in some regions. The EU’s Digital Operational Resilience Act, for instance, requires that critical banking systems should be recovered in less than two hours of a disaster. India, similarly, has a National Critical Informational Infrastructure Protection Centre, Computer Emergency Response Team (CERT-IN), a National Cyber Coordination Centre, and the recently enforced Digital Personal Data Protection Act. However, more can be done to secure critical sectors against cyber threats.
Ransomware Recovery SLAs Now Part of The Solution
After a ransomware attack, the affected storage arrays are often locked down for forensic investigation by cyber insurers or law enforcement personnel. This prevents organisations from accessing or restoring data. Without an alternative data storage solution in place, businesses can find themselves at a standstill, unable to recover quickly.
Fortunately, there are solutions to address this risk. Some vendors offer ransomware recovery service-level agreements (SLAs) as part of an existing Storage-as-a-Service (STaaS) plan. These services ensure a clean, operational storage environment, including bundled technical and professional support, after an attack. So, even if your original storage arrays become unavailable, you can have a fully functional replacement up and running in just a few hours. This helps businesses recover swiftly and securely.
World Backup Day reminds us of the necessity of implementing advanced data protection strategies every day of the year. By investing in future-proof IT infrastructure and implementing a robust, modern data protection plan—one that includes efficient processes for safeguarding and recovering data—companies can mitigate the risks of cybersecurity breaches, minimize costly downtime, and enjoy peace of mind amidst an increasingly insidious threat landscape.
