Veeam Research Finds IT Leaders in MENA Region Feel Increasingly Unprotected
Veeam Software today released findings of the company’s fourth annual Data Protection Trends Report to better understand how data protection is evolving in a digital world. The survey found that companies are challenged with more complex hybrid IT environments and are raising budgets to fend off cyberattacks as well as keep up as production environments continue to diversify across various clouds. The result is that IT leaders feel they aren’t sufficiently protected. A top priority of organisations this year is improving reliability and success of backups, followed by ensuring that Infrastructure as a Service (IaaS) and Software as a Service (SaaS) protection is equitable to the protection they rely on for datacenter-centric workloads.
In late 2022, an independent research firm completed their survey of 4,200 unbiased IT leaders and implementers on a variety of data protection drivers, challenges, and strategies – including 368 in Middle East & Africa (MEA).
The IT landscape and sentiment in 2023 in the MEA region
Hybrid IT continues to be the norm, with a relatively even balance between servers within the data center and those that are cloud hosted.
- This year, organisations in the Middle East & Africa reported:
- 29% physical servers within data centers
- 25% virtual machines within data centers
- 46% cloud-hosted server instances
- Serverless or container-centric workloads continue to grow in popularity, with 49% of respondents running containers in production in 2022.
Mohamad Rizk, Regional Director, Middle East & CIS at Veeam comments, “Following the adage of, ‘When you modernise production, you must modernise protection’, data protection strategies must be equally inclusive of physical, virtual, and cloud-hosted workloads. In addition, one should plan for workloads moving across clouds and even back on premises; and again, the data protection strategy should accommodate that fluidity.”
Protection and Availability Gap in the MEA region
- 78% have an “Availability Gap” between how quickly they need systems to be recoverable and how quickly IT can bring them back.
- 79% have a “Protection Gap” between how much data they can lose and how frequently IT protects their data.
“The MEA findings of the Veeam Data Protection Trends Report 2023 largely mimic the global results, which find that there is a big chasm between business expectations and IT delivery, when it comes to data protection. In an era of hybrid cloud, it is important to recognise that some cloud-hosted offerings are natively durable; implying that in certain circumstances, the availability gap might be closing. Meanwhile, the protection gap still exists as much, if not more in cloud services as it does within the data center because most cloud providers do not back up their ‘subscribers’ data,” continues Rizk.
“To be fully transformative, enterprises in Middle East & Africa need to optimise every dollar of their IT budgets and make sure the right workloads and applications are prioritised and protected, and a simple, flexible, reliable and powerful modern data protection solution is in place – one that protects all environments – Cloud, Virtual, Physical, SaaS and Kubernetes. Only then can enterprises ensure they’re sufficiently protected and ready for turbulent times ahead.”
Ransomware in the MEA region
Ransomware attacks continue to be more frequent.
- Only 14% experienced no ransomware attacks in 2022.
- 18% experienced only one attack.
- 48% experienced two or three attacks.
- And 21% experienced four or more attacks in 2022
- 45% of organisations stated that ransomware (including both prevention and remediation) was their biggest hindrance to Digital Transformation or IT modernisation initiatives, due to its burden on budgets and manpower.
- When organisations were asked about their most significant attacks suffered in 2022:
- 39% of their entire production data set was successfully encrypted or destroyed.
- Only 55% of the encrypted/destroyed data was recoverable.
“Ransomware is indiscriminatory – every business is a target. Rather than be gripped with fear at the prospect of being attacked, organisations must focus on what they can control – their defence. The fundamental principles of how to prepare defences against even the most sophisticated and powerful ransomware stay relatively the same. The first is the practice of impeccable digital hygiene. All employees must be trained to identify suspicious content and be warned of the impact that malpractice using work devices can lead to. Secondly, all businesses must prepare for their defences to fail. Concepts such as zero trust and deploying techniques such as two-factor authentication can be useful for restricting the access an attacker has to data. The best way to protect data is to ensure that it has been securely backed up and is fully recoverable before an incident takes place with the 3-2-1-1-0 backup rule – there should always be at least three copies of data, on at least two different types of media, at least one off-site and one immutable or offline, with zero unverified backups or errors,” says Rizk.
“Without secure, trusted backups, organisations risk data loss and increase the possibility of a ransom payment. To avoid these worst-case scenarios, the speed of data recovery is critical, which is why Veeam provides the fastest recovery options in the industry, allowing enterprises to get back to normal business operations without reintroducing threats into the environment. Veeam also has the people to help with every step of the way, including onboarding services, account management, and a specialised ransomware SWAT team to assist in the event of a ransomware attack.”
Business Continuity and Disaster Recovery (BC/DR) initiatives in the MEA region
- Every facet of IT continues to be candidates for cloudification, with data protection being a common scenario.
- 84% of the Middle East & Africa organisations anticipate using Backup as a Service (BaaS) or Disaster Recovery as a Service (DRaaS) to protect at least some of their servers over the next two years.
- That said, cloud-based storage is not misunderstood as the “tape killer” that early pundits tried to sell it as. When discussing the media used within their backup systems, the Middle East & Africa organisations reported that in addition to disk-based protection:
- 64% of production data is stored in a cloud at some point in its lifecycle.
- 52% of production data is stored on a tape at some point in its lifecycle.
- 86% organisations consider their cyber and (traditional) BC/DR initiatives to be either mostly or completely integrated. To achieve that among organisations in the Middle East & Africa:
- 41% want to orchestrate recovery workflows, instead of relying on manual processes.
- 25% will leverage on-premises infrastructures for their BC/DR
- 41% will leverage cloud infrastructures for their BC/DR, using IaaS or DRaaS
“It is no surprise that BaaS and DRaaS is becoming so popular among regional organisations. They provide viable alternatives to managing everything. It can be more cost-effective to outsource backup and disaster recovery needs instead of hiring and training in-house resources. A BaaS provider can ensure backups are not only successful, but regularly tested and restorable. A DRaaS provider can support with as little as an off-site replication or fully manage your complete disaster recovery plan from testing and execution to failing over and failing back, should an unplanned event occur,” says Rizk.
“Veeam understands these changing market dynamics and data protection needs of enterprises today. From critical workloads running on-premises to the sprawl of data in the cloud and at home offices, Veeam-powered BaaS and DRaaS service provider partners offer the off‑site backup, monitoring and management, and disaster recovery services organisations need to stay resilient in the face of any threat.”