Rymden - stock.adobe.com
Driven by the COVID-19 pandemic, more people are working remotely than ever before. This means working from a range of laptops, desktops, smartphones and tablets that might not be provided -- or even managed -- by IT.
The shift to work from anywhere compounds the problem of endpoint data protection. For example, backup jobs and malware scanning tend to slow down system performance, leading users to cancel them or turn them off.
These vulnerable endpoint devices on which users are accessing, creating and editing corporate data are especially a threat as ransomware attacks continue to surge. A solid endpoint backup strategy is necessary for IT to address security, compliance and recovery requirements.
What makes a good endpoint backup strategy?
Data on endpoints must be protected at recovery points that are sufficient for the business. However, backup jobs must not impede user productivity. This means that backup admins should perform both scheduled and automated data backups.
Incremental backups are important for reducing hits to system performance due to backup tasks because they reduce the amount of data to be backed up. Local or client-side deduplication is another means to cut down on the amount of data being backed up, but it must be compute-efficient to avoid a performance impact. Self-service recoveries further improve user productivity.
Cyber threats make security capabilities table stakes for endpoint protection. These capabilities include immutability, encryption of data in transit and at rest, the ability to use machine learning and analytics to detect indicators of a ransomware attack, and integration with antimalware software. IT must be able to remotely locate and wipe endpoint devices if they are lost or stolen.
Access controls are key, including role-based access control, multifactor authentication, network access controls, and integration with single sign-on platforms. Bad actors target production and primary backup environments, so the ability to support an isolated, air-gapped storage environment for the protected information is a best practice. The ability to apply legal holds and detect compliance risks is also critical, especially for heavily regulated industries, such as healthcare.
Implementation tips and challenges
To implement an endpoint backup strategy, IT first must identify what endpoint data it needs to protect, as well as the recovery point and recovery time objectives required by the business. They then need to evaluate for gaps in any existing data protection implementations that they must address. IT teams may decide to continue working with existing providers or procure new ones in order to meet requirements. Following the deployment of any additional technologies, any new tools should be tested on an ongoing basis for their ability to meet recovery requirements.
IT may face some challenges, including the need for mass deployment -- and, ultimately, protection -- of endpoint devices. This may require migrating end-user data and settings when a user adopts a new device or leaves the organization. If there is IT staff at remote sites to oversee backup and recovery operations, a centralized portal for configuration, management, insight into the status of backup jobs and the ability to execute recoveries is required. For security reasons, IT needs to regularly update and patch software across the fleet of protected endpoints.