On Legacy Backup Systems. Q&A with Justin Ruiz

Q1. What are legacy backup systems?

Legacy backup systems are really about data backup and data recovery. Data backup is the process of copying physical, virtual files or databases to a secondary location for preservation in case of equipment failure or other disaster scenarios. Simply put, data backups guard against data loss. Backing up data is a crucial component of any disaster recovery (DR) plan. Backups provide a way of restoring deleted files or recovering files that are accidentally overwritten.

Data recovery is the process of restoring data that has been lost, accidentally deleted, corrupted or made inaccessible. Having a backup is good, but what about recovering the data from your backup? In general, data recovery refers to the restoration of data to a server or external storage system from a backup. Speed of recovery and being able to recover data with the least amount of data loss are particularly important in the data recovery process.

Q2. Do legacy backup systems protect you from cyber attacks?

Unfortunately, no. Backup is not equal to cyber recovery. Legacy backup was built on a storage foundation to keep copies of data in case of human error or natural disaster. Events like a flood or a fire. It was not built for cyber attacks. Plain and simple. Legacy backup was built with a full trust architecture which means that if somebody can get to the data, they can do anything to data. And the bad actors fundamentally understand that. This is why we are seeing attacks target legacy backup systems. Because once your backup is down, and production is attacked, there are really no options other than paying the ransom. Standing up to ransomware requires being able to successfully answer questions like what was the scope of the attack, was any sensitive data compromised, what point should I recover from to avoid reinfection, and what steps do I need to take to initiate the recovery. Successfully answering these questions is the difference between recovering within 24 hours and potentially never being able to fully recover.

Q3. What kind of threat are posed by using legacy backups?

First, legacy backup is leaving data at risk. Ransomware attacks target backups in order to delete or encrypt data, limiting the ability to recover. Attackers will also routinely discover backups that are accessible via standard protocols, and attempt to eliminate your last line of defense. Compromised credentials are also often used by attackers to gain unauthorized access to your backup system. Second, legacy backups often lack the insights to determine what files have been impacted during an attack and what sensitive data you have and where it resides. Without purpose built capabilities, gaining this level of insight can be time intensive and can dramatically prolong recovery. 

Q4. How can you provide critical insights or visibility into what data is at risk or what’s been affected when you’ve been attacked?

With Rubrik Security Cloud, you can automatically protect data from cyber attacks, continuously monitor data risks, and quickly recover data and applications. With Rubrik Data Observability, you can understand risks to your data. Proprietary data risk assessment and anomaly detection engines enable you to continuously monitor data risks like sensitive data exposure and detect cyber threats such as ransomware. Rubrik Anomaly Detection determines the scope of ransomware attacks using machine learning to detect deletions, modifications, and encryptions. Sensitive Data Monitoring reduces sensitive data exposure and exfiltration risk by discovering what types of sensitive data you have, where it lives, and who has access to it. Threat Monitoring and Hunting prevents malware reinfection by analyzing the history of data for indicators of compromise to identify the initial point, scope, and time of infection. And Data Security Command Center identifies security gaps, quantify data risk, and get actionable recommendations to improve data security posture.

Q5. Is it possible to simulate and test recovery?

Absolutely. Cyber attacks have emerged as a top threat to service and data availability for customers, partners, and employees. While natural disasters and user errors remain significant risks, the potential for data loss and downtime due to cyber attacks is now widely recognized as the most severe and pressing concern. Minimizing business impact, especially in a cyber attack scenario, is critical for organizations. However, the challenge for many organizations is they’re using legacy recovery solutions, which introduce operational complexity and are designed to protect mainly from disaster recovery, not recovery from a destructive cyber attack on data. Rubrik Cyber Recovery improves cyber readiness, response, and operational efficiency by easily testing, validating, and orchestrating recovery workflows. It enables customers to conduct forensic investigations and cyber readiness exercises in isolated environments. Organizations can test and prove that their recovery plans will work, including sequence, timing, and failure points. Rubrik Cyber Recovery also automates and unifies management of recovery workflows including the selection of clean recovery points to recover from. This unique approach empowers IT and Security teams to gain confidence in their ability to get business up and running quickly after an attack.

Q6. You are offering Rubrik Security Cloud. What is it and how an it useful for?

Rubrik Security Cloud is a data security platform that keeps data secure, monitors data risks, and quickly recovers data, wherever it lives. Built on zero trust architectural principles, Rubrik Security Cloud empowers organizations to preserve data integrity and keep data readily accessible to withstand cyberattacks, malicious insiders, and operational disruptions. Rubrik Security Cloud also reduces data risks by continuously monitoring for emergent cyber threats such as ransomware and sensitive data exposure. And lastly Rubrik Security Cloud surgically and rapidly restores impacted applications, files or objects by containing threats and orchestrating recoveries while avoiding malware reinfection. Rubrik Security Cloud, powered by machine learning, delivers data protection and cyber resilience in a single platform across enterprise, cloud, and SaaS applications. 

Qx. Anything else you wish to add?

Rubrik is on a mission to secure the worlds data. Rubrik secures more than 5,000 customers around the world and has surpassed $500 million in software subscription annual recurring revenue (ARR) with an audited net promotor score (NPS) of 82.

For those interested in learning more about Rubrik, I would recommend getting hands on with Rubrik Explore which provides guided product tours. You’ll have the opportunity to test everything from our retention locked SLA Domains and role based access controls (RBAC) to our Microsoft SQL protection.


Justin Ruiz

Sr. Product Marketing Manager, Databases


Over the last decade, Justin has dedicated his career to data. Justin started with the Internet of Things, helping legacy manufacturers become software companies. From there, he moved into the public cloud, helping Fortune 2000 enterprises migrate their data so they could lower costs, become more agile, and innovate faster. And most recently, at Rubrik, assisting organizations in securing their data from cyber threats like ransomware.

Sponsored by Rubrik.            

You may also like...