2024 Data Protection Trends & Predictions for SMBs
by Mike Andrews, on Jan 2, 2024 10:30:00 PM
As I sit here reading the various 2024 predictions from tech vendors, industry analysts, and experts that are popping up everywhere right now, I can't help but notice that this year's predictions are filled with Artificial Intelligence (AI) topics. AI to provide better insights, write world-class marketing materials, create not just images but movies, and so on. Don't get me wrong, AI has incredible value. But is that all we have to look forward to in 2024?
Personally, I believe that the companies we work with - mostly small and medium-sized businesses, IT and Managed Service Providers (MSPs) - will be less concerned with Artificial Intelligence and more concerned with some the following.
1. Growing IT Skills Gap and Smaller IT Teams
Much like skilled trades that require a specific set of qualifications and expertise, IT teams and Service Providers are experiencing a shortage of qualified personnel who understand storage systems, cybersecurity requirements, and data protection strategies. And we are not just talking about the latest technology advancements, but systems and tools that have been around for a while but are still considered best practices by many.
While automation can help with some of these shortcomings, dedicated staff training will be required to ensure that these systems continue to function properly. In addition, you should be able to rely on a vendor's support team that can help with the proper setup and maintenance of your IT infrastructure and, for example, its backup environment.
2. Fragmentation of IT Systems
A few years ago, it was all the rage to combine tools with similar purposes to reduce the number of vendors you had to deal with. Today, however, we see companies reversing that decision. Why is that? Many of our prospects and customers have told us that they currently have a combined RMM, security, and backup solution, and while these are good solutions, they're not great. Having to deal with workarounds due to missing features or not being flexible enough to adapt to specific needs are just a few of the arguments we hear.
That's why I expect to see more companies deploying specialized solutions for their RMM, cybersecurity, and backup needs, and then integrating them through the products’ APIs rather than using an all-in-one solution, giving them more flexibility to adapt to their unique needs.
3. Dedicated Cloud Backup Storage
Cloud security is going to be a huge topic, especially knowing that ransomware shows no signs of slowing down (see prediction #4). Using a hybrid backup strategy (also known as 3-2-1), organizations are already working toward a more thorough approach to data protection. But when it comes to offsite backup and the growing popularity of the cloud as the offsite backup destination of choice, it's important to separate production data from backup data on your cloud storage.
Having dedicated cloud backup storage that stores data in an encrypted format reduces the risk of anyone other than the backup administrator accessing and using the backup data in the cloud. It also prevents accidental deletions, such as a shared drive that syncs itself with local files (see the recent Google Drive fiasco). Either way, keeping your backup cloud storage separate from the cloud storage you use for your work data helps prevent accidental deletion of local files and reduces the risk of data theft by cybercriminals.
4. There is the AI – Ransomware
General AI is already playing a prominent role in ransomware. Deep fakes, social engineering, AI collecting data about you to help write the phishing emails - criminals are definitely getting creative with an otherwise exciting technology.
Like many, we expect ransomware attacks to continue to increase. But what's interesting going forward is the highly targeted approach that cybercriminals are taking.
For example, 73% of healthcare organizations reported that their data was encrypted in 2023 (the highest rate in 3 years). What we won't see in the news, however, is an increased attack on MSPs and smaller businesses across all industries. And not only will their production environment be under attack, but specifically their backup infrastructure will be targeted more often, making it even more important to have multiple copies - local and offsite - of your backup data.
5. Cyber Insurance Stepping up Their Game
With this increase in cybercrime, cyber insurance providers are tightening their requirements during the application and renewal process, requiring strong backup practices.
A recent Reddit post outlines what even small businesses with less than $1 million in revenue need to ensure to get a $250k coverage:
- The applicant backs up all applications, data, and systems daily/nightly?
- The applicant’s ability to successfully restore from back-ups is tested at least annually?
- The applicant stores the personally identifiable information (PII) on fewer than 5,000 unique individuals
- The applicant has engaged an IT services provider to address cyber security?
- The applicant’s cyber security controls include all of the following:
- Up to date firewalls & antivirus
- Physical controls on access to paper records
- Password protection on all devices
- All PII is encrypted
- All users are configured according to the least privileges principal
- Critical patches are pushed within 14 days
- A call back procedure is in place to verify all requests, including change requests, for any fund transfers?
Regular backups, ongoing restore testing, and working with an IT professional are becoming standard requirements for insurance companies, ensuring that experts are handling the protection of all business data.
6. Important Dates for 2024
While you will continue to receive updates through 2029, the end of mainstream support for Windows Server 2019 is scheduled for January 9, 2024, just shortly after the end of support for Windows 2012/R2 in October 2023.
Windows 10 will end support in October 2025. That's a long way off, but 2024 is as good a year as any to start preparing for all the upcoming upgrades of your customers' PCs to Windows 11 (you'll likely need that time).
And don't forget World Backup Day on March 31, 2024. We certainly look forward to that.
As you can see, 2024 will not be boring. But we will make sure that we are as strong as ever to help you protect your business-critical and valuable information throughout the year. And if you'd like to talk to one of our team members about your backup strategy, please don't hesitate to contact us.
Happy New Year from all of us at NovaBACKUP!