Celebrate World Backup Day 2025 - Hear From Industry Experts : @VMblog

Article

Search:

Follow VMblog.com:

Improve end user experience in VDI, DaaS and physical endpoint environments

Celebrate World Backup Day 2025 - Hear From Industry Experts

world backup day

There's a "DAY" for almost anything these days, but here's one that should be on your calendar - World Backup day - taking place today, March 31. While techies might scoff at the notion of needing a dedicated day for backups, the reality is that data loss can strike anyone, anytime. From a hardware malfunction to a nasty case of ransomware, irreplaceable photos, documents, and work projects can vanish in an instant.

Whether its personal or business, World Backup Day is a prime opportunity to re-evaluate your backup strategy. Are you relying on a single, aging external hard drive tucked away in a corner? Is your cloud storage on autopilot, with no recent verification? World Backup Day serves as a springboard to explore robust backup solutions, ensuring your digital life is safe and sound.

Don't take my word for it. Hear from some of the brightest minds in the backup and disaster recovery industry for more commentary and expertise.

Sterling Wilson, Field CTO, Object First

Here we are, one of my favorite days, World Backup Day. For me World Backup Day is not about remembering to back up your data. It’s a call to be proactive, to review your data resilience strategy and ensure your ability to protect your data against the ‘ever-evolving’ threats. Where to start? The basics, of course.

True data resilience begins with data you can trust. That starts with immutable storage. Immutable storage protects your data from ransomware’s encryption or deletion, among other things. But that isn’t all. Certifying account separation between the backup application and the backup storage protects you from account compromise attacks. And of course, copies of your data in different resiliency zones/locations give you options should one path fail.

Ok, so data protection basics are covered, and your data is safe. What about bringing it back swiftly when the unthinkable happens? Exporting large amounts of critical business data and applications out of the cloud can take days, if not weeks, possibly bringing extra fees with it. Providing secure, on-prem storage as one of your resiliency zones lets you recover your data at the fastest speed possible no matter the status of your external connections. This is often overlooked as cloud adoption as grown but remains a key pillar in a successful resiliency plan.

So, on World Backup Day, let this be your reminder to be proactive. Make sure your data is truly protected and resilient by today’s standards. Starting with the basics, of course.

Simon Taylor, Founder and CEO, HYCU

Beyond Backup: Building a Resilient Data Protection Strategy for 2025 and Beyond this World Backup Day!

As we mark World Backup Day on March 31st, 2025—the day before April Fool's Day—we're reminded of an essential truth: only a fool would leave their valuable data unprotected in today's business and digital landscape environment. At HYCU, we believe World Backup Day serves as more than just an annual reminder or checkmark; it represents an opportunity to evaluate your organization's complete data protection strategy, and make sure you are doing what you can to protect your data regardless of location.

As we noted in our post celebrating World Backup Day last year, you can't have peanut butter without jelly to make a perfect sandwich, and similarly, you can't have backup without recovery to have comprehensive data protection. This year, we're emphasizing that this relationship goes beyond mere coexistence—backup and recovery form a continuous cycle that builds organizational resilience.

The true measure of data protection isn't how much data you've backed up; it's how quickly and completely you can recover when needed. With ransomware attacks continuing to evolve in sophistication and frequency, testing your recovery capabilities has never been more critical.

Make the Pledge: An Everyday Commitment

World Backup Day traditionally asks all of us to take "The Pledge" to backup data. At HYCU, we're extending this concept with our own commitment: "Protect Your Data: Not Just Today, But Every Day, Everywhere It Lives."

Pawel Staniec, CTO, Catalogic

Digital ecosystems are evolving at an unprecedented pace in 2025. Seeing that, World Backup Day is a great opportunity to reflect on both past and future data protection strategies. At Catalogic Software, and particularly through CloudCasa, we are witnessing how advancements in AI and self-hosted LLMs and virtualization in Kubernetes environments are reshaping backup approaches. The dynamic nature of containerized workloads now necessitates the augmentation of traditional disaster recovery methods.

Cloud-native data protection solutions that integrate seamlessly with Kubernetes have become essential, ensuring intelligent orchestration of virtualized environments. Moreover, seamless application mobility is crucial for Kubernetes workloads, enabling dynamic orchestration and real-time scaling across clusters and cloud environments.

It is important to remember that cloud-native solutions do not diminish the value of conventional backup techniques. Robust backup strategies remain critical for ensuring data integrity and enabling recovery after unexpected data loss or corruption. Together, these complementary approaches form a comprehensive framework that enhances operational resilience and secures the long-term viability of modern, containerized environments.

Martin Zugec, Technical Solutions Director at Bitdefender

As we recognize World Backup Day, businesses must address a growing, invisible epidemic: attackers leveraging living-off-the-land (LOTL) techniques to gain prolonged, stealthy access to environments. They don’t break in—they log in—using stolen, valid credentials to move silently mapping backup strategies and recovery plans before launching attacks. This extended dwell time allows them to manipulate or disable backup systems from the inside. Traditional backup practices were largely built to recover from hardware failures, natural disasters, or human error —not from sophisticated, malicious attacks originating from within the network. It’s now necessary to review backup procedures with the assumption that an adversary may already be present. Avoid reliance on easily compromised solutions, such as shadow volume copies. Instead, prioritize robust, isolated backups and strengthen access controls, recognizing that a single compromised account can threaten the entire backup system. It’s time to go beyond basic redundancy and make security an integral part of a modern backup strategy.

Gal Naor, CEO, StorONE

On this World Backup Day, it’s crucial to recognize that data loss isn’t a matter of if, but when. Ransomware attacks are more sophisticated than ever, often lying dormant within networks before striking. When they do, organizations face extended downtime, slow recovery, and operational disruptions. Traditional backup solutions, which copy data to secondary storage, frequently fall short, restoring data can take weeks, leaving businesses vulnerable.

The solution? Instant recovery through snapshots stored on primary storage systems. Unlike conventional backups, snapshots allow organizations to restore data within minutes, minimizing downtime and ensuring business continuity. However, maintaining numerous snapshots requires a storage infrastructure that balances both performance and cost.

Flash storage delivers the speed necessary for rapid recovery, but it comes at a premium. To optimize both efficiency and affordability, organizations must combine flash with traditional hard disk drives (HDDs). A hybrid storage approach leverages flash for instant access to critical data while relying on cost-effective HDDs for long-term retention, ensuring a scalable and resilient backup strategy.

This World Backup Day, rethink your approach to data protection. A smart backup strategy isn’t just about storing data, it’s about ensuring your business can recover quickly, operate smoothly, and stay ahead of threats.

++

Aron Brand, CTO, CTERA

Most of the world still treats backup as a daily ritual, as if we're stuck in the mainframe era , where losing a site means scrambling for tapes or off-site backups and waiting days to get back online. But why settle for that in 2025?

Today, you shouldn’t be looking at backup solutions; you should be thinking about cyberstorage: storage that’s inherently cyber-protected, with continuous data protection and instant recovery using hybrid cloud. The technology exists today, but we have to break free from legacy thinking. Backup shouldn’t be a safety net you fall back on—it should be built in, always on, and ready when you need it.

++

Mitch Seigle, Chief Marketing Officer, at Spectra Logic

World Backup Day serves as a reminder that data protection is essential to every organization. In a time when cyber threats are more aggressive than ever, a proactive approach to safeguarding critical information must be in place for everyone. A well-structured backup and archiving strategy ensures not just recovery, but business continuity in the face of disruption.

While cyber security tools continue to evolve, there is also a critical role for tape technology in safeguarding data. This tried-and-true technology offers an added layer of security, further enhanced by an air gap that keeps data physically isolated from online threats, making it a valuable part of a modern resilience strategy.

No single solution is foolproof but combining a strong cyber security solution with regular backups and layered security measures gives organizations their best shot at staying protected.

Cyber threats will likely continue to evolve, but businesses that prioritize overall cyber security can navigate the digital landscape with confidence. This World Backup Day, it is important to take a moment to assess whether your data protection strategy is truly built to thwart the next cyberattack.

Don Boxley, CEO and Co-Founder, DH2i

World Backup Day is a great reminder that just having backups isn’t enough. Sure, they’re critical for recovery, but they don’t keep your business running in real time. If something goes wrong - whether it’s a system crash, a cyberattack, or just someone making an honest mistake - you need more than a backup. You need a plan that keeps your data within reach and your business running like nothing ever happened.

Because here’s the thing… when downtime happens, waiting around for a backup to restore isn’t an option. Businesses need to stay up and running, no matter what. That means thinking beyond just storing copies of data and making sure it’s always accessible, secure, and easy to recover. At the end of the day, it’s not just about backing up - it’s about making sure you never have to hit pause in the first place.

++

Richard Copeland, CEO, Leaseweb USA, Inc.

Skipping backup isn’t just a bad idea - it’s a ticking time bomb. Many companies think they’re saving money by relying on hardware redundancy or high availability, only to get blindsided when their data vanishes. One wrong click, one system crash, or one ransomware attack, and suddenly, they’re in full-blown disaster mode, scrambling to recover what’s lost. No backup? No safety net. Just downtime, financial hemorrhaging, and a whole lot of regret.

A proper backup strategy isn’t some nice-to-have - it’s your last line of defense when things go sideways. The smart play? The 3-2-1 rule: three copies of your data, in two different locations, with one offsite or in the cloud. Don’t just assume your backups work - test them, because the worst time to find out your safety net has holes is when you’re already falling. Skipping backup might save a little cash upfront, but when disaster strikes, you’ll be paying for it ten times over.

++

Roger Brulotte, CEO, Leaseweb Canada

Imagine waking up to find your systems are locked, your data is inaccessible, and your customers are left in the dark – in other words, your business is at a complete standstill. Whether it’s a cyberattack, a hardware failure, or just plain human error, losing access to critical information can be catastrophic. Backup isn’t just a checkbox - it’s your safety net. Without a solid backup strategy, a single incident could cost you days of productivity, millions in revenue, and, in worst case scenarios, your entire business.

But here’s the kicker… not all backups are created equal. Cybercriminals know to target your backups first, embedding ransomware that lies dormant until it’s too late. That’s why businesses need to follow backup best practices. For instance, you can implement the 3-2-1 rule (three copies of your data, on two different media, with one stored offsite and if one or more of the backups are immutable - i.e., cannot be altered - all the better). This can be enhanced with what some refer to as CTAM, otherwise known as the Chevy Truck Access Method. All kidding aside, this step can make or break your backup strategy. You must make sure you keep an air-gapped offline backup that can be leveraged as a last line of defense.

A strong DR plan doesn’t mean just having backups - it means knowing they’ll work when you need them most. However, don’t worry – if this isn’t your forte, there are experts that can help you craft, implement, and/or manage your backup and DR. It is an investment that pays for itself many times over. After all, in today’s world, it’s not if disaster will strike, it’s when… when will be the first time, and the next, and the next…

++

Larry O’Connor, CEO and Founder, Other World Computing (OWC)

If you’re a creative or a business owner, your data isn’t just files; it’s your work, your ideas, your late nights and early mornings. It’s everything you’ve built. Now, imagine waking up one day and it’s all gone. No photos, no projects, no client records. Just… gone. It’s the kind of thing you assume won’t happen to you… until it does. That’s why World Backup Day is a good gut check. A solid backup plan isn’t about expecting disaster, it’s about making sure that no matter what - whether it’s a hardware failure, a cyberattack, or just a simple mistake - you don’t lose the work that matters most.

But let’s be honest… having a backup doesn’t mean much if it’s not reliable. That’s where the right tech and strategy come in. A well-planned and executed strategy for your backups mean you’re not relying on memory, and the right tech-enhanced with the right strategy ensures you’re protected no matter what. The goal isn’t just to back up your data; it’s to have a system you can actually trust and know it just works. Because when you know your work is safe, you can stop worrying about ‘what if’ and focus on doing what you love. So, if you haven’t checked your backup setup in a while, take a few minutes today. Future you will be grateful.

++

Rekha Shenoy, CEO of BackBox

World Backup Day's original focus on hardware-driven data loss has shifted. Backup is now a critical defense against ransomware, demanding immutable backups to prevent corruption. This shift reflects a broader change from perimeter defense to a holistic approach emphasizing data protection, threat intelligence, and resilience.

Today, cyber resilience extends far beyond simple backups. Network security teams must proactively assess risk through sensitive data scanning and categorization, risk recommendation, and remediation. They need tools that detect cyber deception, trigger early warnings, and facilitate comprehensive incident response planning, recovery point validation, and cyber recovery testing. In the event of an incident, recovery must include forensic analysis, clean point restoration and verification, and scalable recovery.

The modern IT security landscape demands a multi-layered, proactive approach, where robust backup is critical to a broader cyber resilience strategy.

Alexis Hancock, Privacy and Security Researcher, BigID

March 31st marks World Backup Day, an annual reminder that data resilience isn’t optional but essential. In today’s modern world, data has become the main driver for innovation, and losing access to that data can result in financial losses, brand damage, and legal repercussions. Cyber attacks continue to skyrocket yearly and can cost businesses millions in financial penalties, downtime, and recovery. Backing up your data and practicing data resilience is the best insurance against disruption.

However, backing up your data is only one part of ensuring your data is resilient. You also need to ensure that your organization can recover quickly from unexpected disruptions, aka having a disaster recovery plan. This is a step-by-step plan to restore operations after a cyberattack, hardware failure, or natural disaster. Part of this disaster recovery planning includes regularly backing up your data and storing copies of critical data in multiple locations to prevent permanent loss. Practicing data resilience can prevent data loss before it happens.

This day is a wake-up call to review your organization’s backup and recovery strategies. Ask yourself if your backups are frequent and automated, whether your backup is in a secure, offsite location, or even if you have a disaster recovery plan. If you answered “no” to any of these, now is the time to act. Data loss isn’t a matter of if, but when.

Sean Deuby, Principal Technologist, Semperis

The celebration of the 15th anniversary of World Backup Day serves as a reminder for individuals and businesses to reflect on their data protection strategies and ensure their data is adequately safeguarded. Quality backup is the linchpin of business resilience, shielding against data loss and ransomware threats, and ensuring swift recovery in the face of unforeseen challenges

Reflecting now on the massive ransomware attack against one of the largest healthcare providers a little more than one year ago, highlights the importance of cyber resiliency. As organizations face sophisticated threats growing in speed, size and accuracy, the need for robust recovery processes with reliable backups is greater than ever before.

When ransomware gangs successfully breach organizations, in 90 percent of attacks the identity system, most often Active Directory, is compromised. To significantly reduce recovery time and quickly resume normal operations, even after an attack, organizations need a dedicated Active Directory (AD) backup strategy. AD is used by more than 80 percent of businesses today as a fundamental system that both users and applications depend upon to function. But traditional backups that include AD don’t recognize AD’s special status in the enterprise and its unique recovery requirements. To quickly recover AD from a cyber disaster you need specialized, automated AD forest recovery that will return this identity system to a malware free, known secure and trusted state. Without AD-specific cyberattack recovery technology and processes, your business is at risk. AD-specific backups can speed up recovery and aid organizations in quickly returning to normal operations after a ransomware attack. What was once considered “nice to have” is now a “need to have” for organizations of all shapes and sizes around the globe.

Organizations should adopt an “assume breach” mindset and encourage them to prepare now for the inevitable. When organizations are prepared to be resilient against cyberattacks, and understand which systems are most critical to their business, they can take steps to reduce their most glaring vulnerabilities, make their infrastructure sufficiently difficult to compromise and recover much faster from a compromise. Companies should also monitor for unauthorized changes occurring in their AD environment, which threat actors use in most attacks, and have real time visibility to changes to elevated network accounts and groups.

Lance Ohara, Vice President, Endpoint Marketing, Seagate Technology

Data backups are about so much more than just the data. Your data includes precious photos and memories of your family vacations. For creative professionals and hobbyists, like photographers and musicians, their data includes years of creative work. For gamers, it’s hours of gameplay and entertainment. Without a backup, you risk losing this crucial data. World Backup Day is the perfect time to examine your data storage and make sure the information that matters to you is backed up. Our advice for customers includes:

Follow the 3-2-1 rule for data storage. This means keeping three versions of your data in a few different places – the original and two copies on two different media, with one offsite. For consumers, this means the original data on your laptop, a backup to a storage device, and a cloud backup.
Backup your devices to safeguard your data. A lost or stolen device is a stressful ordeal, but a recent data backup gives you peace of mind that your most precious data isn’t lost forever. Backups also make it easier to transfer your data, streamlining the process of setting up a new device with the information and settings you need. External data storage also gives users the option to free up space on devices to improve performance and speed.
Backups protect and speed your game play. Video games take up a lot of storage – an SSD backup is great for gamers who want to access their full gaming library quickly. And backups mean gamers don’t lose their hard-earned progress and achievements.

Molly Presley, SVP of Marketing for Hammerspace

World Backup Day emphasizes the critical role of data in various aspects of our lives and underscores the importance of protecting and maintaining our valuable digital assets and information, a topic of significant relevance today. It reinforces the importance of automation in protecting and backing up data across a company's global infrastructure is increasing with the rise of cyber-attack threats, data breaches, and unrelenting data growth, underscoring automation's crucial role in data management and cybersecurity.

Managing vast unstructured data across diverse storage systems, multiple global locations, and cloud platforms requires considerable effort and resources. Relying on manual processes is increasingly time-consuming and risky, exposing critical data to human error and missed backups.

By implementing global-level data protection services, organizations will defend global datasets and maximize their value through automated policies. As organizations become increasingly driven by artificial intelligence, where data is essential to accurate analysis and drive informed decisions and innovative breakthroughs, automation is becoming indispensable.

Automated data protection policies bolster enforcement across distributed geographies, strengthening an organization's data resiliency and business continuity. They also enable organizations to manage their global data environments and maintain the efficacy of their AI systems and data pipelines.

A streamlined, policy-driven data management approach can transform how organizations manage and protect data by distinguishing newly created data, ensuring global data protection across distributed locations, automating data copy creation controls and services, and enforcing compliance with corporate governance standards.

Paul Speciale, CMO at Scality

World Backup Day is a strong annual reminder for IT leaders of the critical importance of planning, defensive protection and readiness for data recovery. In an era where threats don’t just attack—they infiltrate, encrypt, and spread undetected—backup alone isn’t enough. The key to resilience isn’t just storing backup data—it’s embedding intelligence into the storage itself. AI-powered storage intelligence transforms backup from a passive, reactive safety net into an active defense layer, supporting an organization’s ability to proactively detect, predict, and respond to threats before they escalate. To build true cyber resilience, organizations must:

Deploy AI-driven anomaly detection services that can spot unusual data access activity before ransomware takes hold.
Use intelligent security alerting that flags misconfigurations, unauthorized or irregular access attempts, and emerging vulnerabilities in real time.
Optimize storage before performance bottlenecks occur to prevent downtime caused by overutilization and resource strain.
Automate compliance and retention policies to ensure backups remain secure, auditable, and corruption-free without manual oversight.

The future of backup isn’t just about recovery, it’s about resilience through intelligence. This World Backup Day, enterprises must recognize that the question has become more complex: it isn’t just whether your data is backed up, it’s whether your storage is smart enough to protect itself.

Jimmy Tam, CEO, Peer Software

World Backup Day serves as a crucial reminder that data resilience isn’t just about having a copy of your data, it’s about ensuring business continuity with minimal disruption. Many organizations still rely on centralized storage models, but these systems pose risks. A single point of failure, slow recovery from outages, and the increasing complexity of modern data environments demand a re-evaluation of storage strategies. The rise of distributed storage models, which keep data where it is created and used most, provides an opportunity to enhance resilience. However, simply decentralizing data isn’t enough. Businesses must also adopt robust data orchestration strategies to ensure efficient access, security, and performance. As data volumes grow and compliance demands become more stringent, companies must rethink how they store, manage, and protect their critical assets to minimize downtime and financial loss.

By understanding data flows, leveraging AI-driven storage optimization, and ensuring strong security measures, organizations can build a storage infrastructure that withstands disruptions and safeguards business operations. This World Backup Day, organizations need to take the time to evaluate their storage strategy because the cost of downtime is too high to ignore.

++

Dr. Thomas King, CTO of internet exchange operator DE-CIX

World Backup Day has traditionally carried a very simple yet powerful message for businesses: backup your data. A large part of this is “data redundancy” – the idea that storing multiple copies of data in separate locations will offer greater resilience in the event of an outage or network security breach. Yet, as workloads have moved into the cloud, and AI and SaaS applications have become dominant vehicles for productivity, the concept of “redundancy” has started to expand. Businesses not only need contingency plans for their data, but contingency plans for their connectivity. Relying on a single-lane, vendor-locked connectivity pathway is a bit like only backing your data up in one place – once that solution fails, it’s game over.

In 2025, roughly 85% of software used by the average business is SaaS-based, with a typical organization using 112 apps in their day-to-day operations. These cloud-based applications are wholly dependent on connectivity to function, and even minor slow-downs caused by congestion or packet loss on the network can kill productivity. This is even more true of AI-driven workloads, where businesses depend on low-latency, high-performance connectivity to generate real-time or near real-time calculations. Over the years, we have been programmed to believe that faster connectivity = better connectivity, but the reality is far more nuanced. IT decision-makers frequently chase faster connections to improve their SaaS or AI performance, but 82% severely underestimate the impact of packet loss and the general performance of their connectivity. This is what some refer to as the “Application Performance Trap” – expecting a single, lightning-fast connection to solve all performance issues. But what happens if that connectivity pathway becomes congested, or worse, fails entirely?

This is why “redundant” connectivity is essential. The main principle of redundancy in this context is that there should always be at least two paths leading to a destination – if one fails, the other can be used. This can be achieved by using a carrier-neutral Internet Exchange or IX, which facilitates direct peer-to-peer connectivity between businesses and their cloud-based workloads, essentially bypassing the public Internet. While IXs in the US were traditionally vendor-locked to a single carrier or data center, neutral IXs allow businesses to establish multiple connections with different providers – sometimes to serve a particular use-case, but often in the interests of redundancy. Our research has shown that more than 80% of IXs in the US are now data center and carrier neutral, presenting a perfect opportunity for businesses to not only back up their data, but also back up their connectivity this World Backup Day.

++

Dana Simberkoff, Chief Risk, Privacy, and Information Security Officer at AvePoint

World Backup Day offers a critical reminder to all security professionals of just how important flexible and robust data governance and backup policies are in today’s cybersecurity landscape. Over the past year, both government agencies and prominent multinational companies were affected by damaging ransomware attacks, including Change Healthcare, United Health, Snowflake, AT&T, Ticketmaster and many more – impacting millions of individuals across organizations. In 2025 and beyond, security leaders must make data governance and backup a top business priority. This means investing in data protection, risk intelligence, information lifecycle management, and migration solutions that give employees the tools and guardrails needed to collaborate and share data safely and effectively.

Joe Long, Director of Business and Operational Resilience, MorganFranklin Cyber

Our data, although often taken for granted, represents one of society’s greatest opportunities as well as one of our greatest threats. Whether in our personal lives or in professional settings, we consume data, we share data, and we’re constantly looking for ways to store our data safely and efficiently. But what happens when our data seemingly “disappears"…or we have a momentary lapse in recalling a password or personal identification number (PIN) to get access to our stored data?

We probably have all been there and are familiar with that brief sinking feeling in our stomach until we scan our mental archives and locate the password or PIN to regain access to our data. Now, picture a situation where a technology disruption or cyberattack creates an actual loss of data (multiple days or weeks), and you are faced with the real possibility of trying to restore from backup files…assuming the backups exist.

From a resiliency perspective, we recognize that having robust data backup strategies is critically important in protecting a company against major disruptions that result in data losses—but, given the tremendous ongoing cost of backing up and storing data in a near real-time environment, organizations may choose to accept a higher risk tolerance for potential data loss. At the end of the day, this choice is a business decision, and the goal of effective risk and resilience management is to provide the information to leadership to enable the best possible decision in line with an organization’s strategic objectives.

Greg Clark, Director of Product Management, Data Security, OpenText Cybersecurity

As AI implementation across industries continues to grow, businesses are becoming increasingly reliant on data for AI-driven decision making and model training. This continued technological advancement means organizations are generating and storing more data than ever, requiring them to proactively manage their data – starting with data minimization.

Backups are essential for organizations to maintain business continuity and respond swiftly in the event of a cyberattack. However, organizations must be mindful of the data they’re backing up. Not all data is critical – 33% is redundant, obsolete, or trivial (ROT). By identifying and eliminating unnecessary data and retiring outdated applications, businesses can significantly reduce their attack surface and bolster their security postures. Not only does data minimization ensure that organizations are more resilient in the face of security threats, but it helps improve operational efficiency by freeing up valuable storage and resources. Additionally, as AI adoption grows and regulations evolve, minimizing excess data gives businesses greater control over their sensitive information, reducing the complexity and cost of compliance and safeguarding operations across an organization.

Corey Nachreiner, CISO at WatchGuard

In a digital environment where 80% of organizations are vulnerable to ransomware attacks, implementing regular data backups across your organization’s critical components is key to your cybersecurity strategy. Backups significantly reduce downtime and accelerate recovery following an attack on your data or any other data-damaging disaster that a business might face. This practice prevents organizations from the severe financial losses and reputational damage that often come with experiencing data loss.

Consistent backups support data protection and business security. They can also ensure companies comply with regulatory requirements, which require backups. Good backups guarantee a business can survive a data loss event, like ransomware, and continue making business decisions based on its data. As an aside, you should also encrypt your data too. Backups can prevent data loss or destruction by offering a recovery option in the event of ransomware or some natural disaster that ruins data, but it does nothing to hide your data from unauthorized thieves. Encrypting your data should also prevent outsiders from using it in the case of a data breach.

However, you already know all that. The industry has talked about the importance of data backups for decades. So, while World Backup Day is an important reminder about backups, I suggest we change it to World Backup Testing Day. While many organizations implement regular systematic backups, many do not go back in time to test their work and make sure their backups actually recover properly when needed. A corrupted backup that isn’t discovered until you need it is as bad as no backup at all. I recommend you spend this World Backup Day making sure your backups restore and then continue backing up regularly.

++

Dale “Dr. Z” Zabriskie, Field CISO at Cohesity

While organizations should do all they can to try and prevent a data breach, the reality is that one is coming, and it’s only a matter of time. The size of the business, public or private status, industry vertical, and ‘do not pay’ ransomware protocols do not matter to a hacker; it’s the data they want. Data is the lifeblood of an organization, and hackers know companies are willing to pay to get the business back up and running. Therefore, protocols around maintaining and backing up databases are a critical component of a cyber resilience strategy. Quickly and efficiently restoring systems can significantly reduce downtime, safeguard reputation, and maintain trust with customers and investors. Work with your leadership team to determine a backup strategy focused on resiliency so when ‘that time’ comes, you’ll be ready and able to respond and recover.

Greg Virgin, Founder & CEO, Redjack

World Backup Day: Are You Backing Up What Matters Most?

As we recognize World Backup Day, it’s a good reminder that simply having backups isn’t enough—you need to be backing up the right things. Too often, organizations assume their backup strategy is sufficient, only to discover during an outage that critical business functions can’t be fully restored. The key question every business should ask is: does your backup strategy align with your business impact analysis (BIA)? If you haven’t mapped your IT assets to the business processes they support, you may be overlooking vital systems that are essential to keeping operations running.

An effective backup strategy starts with a comprehensive asset inventory. You can’t protect what you don’t know you have. With today’s complex IT environments—spanning on-prem, cloud, and hybrid infrastructure—it’s essential to have visibility into all assets and their dependencies. From there, map those assets to the business functions they support; this should be done in real time, and kept evergreen. Following this process ensures your backup priorities reflect actual business risk, not just technical assumptions.

Finally, don’t just trust your backups—test them regularly. A backup is only as good as your ability to restore it. Incorporate backup testing into a larger IT disaster recovery (DR) plan to validate that you can recover not just individual systems, but complete business functions. World Backup Day is a timely reminder to move beyond a “set it and forget it” approach. Treat backups as a core part of your resilience strategy, ensuring your business can recover when it matters most.

++

Sonya Duffin, Product Marketing Director at Smarsh

World Backup Day serves as a great reminder to evolve your backup strategies by adopting robust data management best practices. Today, backup is no longer just an insurance policy as data is an important strategic asset. Data fuels your business, particularly in AI innovation, better decision-making, and enhanced customer experiences. It must be easily accessible, leveraged cross-functionally, and efficiently governed, all while facing daily cyber threats. It's vital to adapt your systems to meet these new challenges.

The best approach is to build an intelligent data ecosystem and adopt the strictest data safeguards. This means encrypting your data both in transit and at rest, as well as storing it immutably so it cannot be changed or deleted. Zero-trust principles should also be adopted organization-wide, with additional security measures like access controls, strict password policies, and encryption keys. Adding multiple layers of data security ensures your data remains resilient and trustworthy across all data-driven projects and AI initiatives.

Michael Covington, VP of Portfolio Strategy at Jamf

Backup everything: In an age where data is hyper-distributed, develop a plan that includes regular backups for all sensitive data, regardless of where it lives. Laptops, phones, tablets, wearables, cloud services, and even flash drives all have the potential to fall outside the plan when teams are laser-focused on backup of the 'primary' data repository.

Don't backup blindly: Implement a backup retention policy, so it is clear what data to keep, and what is okay to delete. This is good for overall cost-management and to ensure that critical data can be quickly found when needed. When developing retention policies, IT leaders should be mindful of laws and regulations that govern their organization; working closely with other departments that will help to ensure the business consistently enforces and maintains compliance with all relevant global and regional policies.

Preserve evidence in the event of a breach: When confronted with a compromised system, creating a backup can help to facilitate further investigation. Forensically sound backups help to preserve evidence of an intrusion, such as logs and deleted files, that can aid researchers in documenting the attack. Even a basic backup can help recover data, though IT pros should take caution to protect any target systems receiving restored data to prevent further compromise.

Neil Jones, Director of Cybersecurity Evangelism, Egnyte

We find ourselves at an interesting crossroads on World Backup Day 2025. On one hand, published reports indicate that data volume is growing by nearly 20% per year, and threats like data wiping are becoming more powerful. On the other hand, infrastructure security and cyber training resources that we’ve taken for granted for years are facing sizable budget cuts, making it challenging for the average organization to stay informed.

In the New World Order, it’s imperative that organizations keep abreast of the latest cyber-threats, particulary since governmental budget cuts have made it more challenging to do so. And, proven best practices such as suring up data protection procedures, addressing data sprawl, and restricting users’ access to information on a ‘business need to know’ basis can significantly improve current and future data protection.

Additional time-tested and budget-friendly approaches include encouraging users to take proactive steps to back up company data and conducting quarterly user training sessions that are focused on the danger of AI-created phishing emails.

Big-picture, users can’t remain productive without immediate access to their data, and even brief periods without data access can impact a company’s productivity and its bottom line. To maximize productivity, your company’s backup environment also needs to be tested regularly, so that a potential cyberattack, technical malfunction, or employee error won’t make mission-critical data inaccessible.

Finally, frequently updated Business Continuity and Disaster Recovery (BCDR) plans are pivotal for timely recovery from successful attacks, as they discourage customer complaints, employee frustration, and negative social media buzz from overshadowing your recovery efforts.

By following these approaches, you’ll make data protection a way of life rather than a temporary project.

Travis Greene, Senior Director of ITOM Product Marketing at OpenText

To gain confidence that you can restore normal operations after a disaster means making sure you’ve backed up everything that needs it. One often overlooked but crucial resource for accurate backup coverage is the configuration management database (CMDB). A comprehensive discovery and CMDB solution stores an organization's asset configurations and automatically maps the relationships between them. For DR planning purposes, a CMDB can be used to determine the systems and applications that need to be included in the backup plan to restore normal operations, and provide a checklist for rehearsals as well as plan activation.

Rich Gadomski, Co-Chairperson of the Active Archive Alliance

Effective data management software can help organizations not only optimize storage and backup but also enhance cybersecurity. By moving inactive data onto active archive media, organizations reduce the risk of malware infecting their primary storage. Media technologies, such as tape, offer powerful, easy-to-deploy air-gap defenses where IT personnel can establish a literal separation from any online path to prevent unauthorized electronic access.

For many data centers, the archive copy is often the only copy of archival data exposing it in the case of a data loss event. Since the business value of untapped archival data is increasing, especially with the rapid rise of AI, creating a second, secure air-gapped copy in a different geographic location will soon become a standard data protection strategy.

Storage administrators often leverage the 2-1-1 Archive Strategy for backup, recovery, and disaster recovery to protect their primary archival storage:

Create a second (2) archival copy of the data
Ensure at least one (1) of the copies is stored at a different physical location
Store at least one (1) of the copies offline

While cybersecurity software serves as a first line of defense against malware, organizations must always be prepared for the possibility of a successful attack. As massive data growth expands the attack surface, having a robust data protection and backup strategy is essential to ensure your data assets remain secure, protected, and recoverable.

Jason Lohrey, CEO and Founder of Arcitecta

It’s estimated that there will be more than 180 zettabytes of data in the world by the end of 2025. With the scale of data continually growing, making it secure and resilient is becoming harder to achieve. How do organizations backup hundreds of petabytes of data? The answer is they don’t, with traditional backup, and that’s precarious. Vulnerabilities scale with data growth: corruption, malware, accidental deletion, mysteries, and the list goes on. Furthermore, the time it takes to find lost data with traditional backup systems increases with the amount of backup data stored. IT departments are constantly pulled into the task of data recovery. Data resilience for trillions of datums, and instant, self-serve data recovery is not possible with backup as we know it.

The process of recovery is not what it should be – it’s tedious and slow. Traditional backup works by scanning a file system to find and create copies of new and changed files. The problem is scanning takes longer as the number of files grows – so much so that it’s becoming impossible to complete scans within a reasonable time frame. They usually run during the night when systems are likely to be less volatile. The process occurs at set intervals, which means any change before the next scan will be lost if there’s a system failure. Traditional backup cannot and does not meet the objective of zero data loss.

New approaches are emerging that enable continuous data availability as a strong first line of defense against cyber threats, enabling organizations to recover compromised data easily and almost instantly. Continuous data availability is a game-changing form of protection that actively records every significant change in real-time for every file so a user can go back to any point in time to retrieve data - easily and without the assistance of IT. This approach merges the file system and backup as one entity. As a result, every change in the file system can be recorded as it happens, making it seamless to retrieve lost or deleted data, regardless of when it existed and across the entire time continuum. Organizations will increasingly leverage continuous data availability technology to protect data from loss and cyber threats.

Martin Kunze, co-founder and CMO of Cerabyte

In a world where every digital moment carries weight, World Backup Day is more than a reminder to protect our files – it’s a call to safeguard the digital legacy that shapes our era and our society. True data preservation isn’t just about storage; it’s about ensuring that today’s knowledge, culture, and discoveries remain accessible for generations to come.

Information is the spine of our society, and it is threatened more than ever. Preserving this legacy demands more than traditional backup methods. It requires a future-proof strategy that resists degradation, overcomes obsolescence, and guarantees permanent access. This isn’t just about saving data. It’s about securing digital immortality.

Emilio Sepulveda, Manager, Information Security, Deepwatch

World Backup Day, observed on March 31st, acts as a crucial reminder that data loss is inevitable, encouraging us to take proactive steps to protect our information. In today’s digital landscape, businesses rely heavily on data, yet many organizations neglect backup strategies until disaster strikes. Whether due to a ransomware attack, accidental deletion, or hardware failure, waiting until an incident occurs can be expensive.

Ensuring an efficient backup strategy is not just a checkbox on the compliance checklist; it is a critical business necessity. The ability to recover data swiftly can mean the difference between a minor setback and significant operational downtime. Adhering to the 3-2-1 rule (three copies of data, two different storage types, one offsite) provides a strong foundation, but it is not enough. Businesses must also account for modern threats such as misconfigured backups, cloud storage failures, and insider threats, which can render backups useless when needed.

Beyond simply having a backup strategy, organizations must regularly test their business continuity and disaster recovery (BCDR) plans to ensure they function as intended. A backup that fails to restore is no better than having no backup at all. BCDR testing should be conducted at least annually, with more frequent assessments for critical data, to validate recovery timelines, verify data integrity, and identify overlooked vulnerabilities. This World Backup Day, take the time to review your backup and disaster recovery strategies.

++

Ken Dunham, Director, Cyber Threat, Qualys Threat Research Unit (TRU)

Ransomware continues to rage, using tactics to discover and delete backups to force a payout. There has never been a stronger need for resiliency than in 2025, with a complex hybrid infrastructure of legacy, mobile, cloud, and Internet of Things (IoT) all connected to an enterprise and all requiring a data backup.

Don't just hope and rely upon your third-party cloud provider or tool to back things up; demonstrate and prove that it is backing up every month on every basis as part of a Disaster Readiness Plan (DRP) - it's worth it for the price of readiness should disaster strike! Find out, to the left of boom, if and how recovery actually works, if restoration performs as expected, and get your staff trained and used to performing backups to ensure you can and will successfully and efficiently recover with excellent resiliency.

The most mature organizations are implementing Zero Trust Architecture (ZTA) and immutable vault controls with all the essentials of backup and recovery operations (RO) to ensure they can recover from a crisis. Are your backups immutable, unable to be tampered with, or deleted by ransomware, intruders, or malicious insiders? How do you know? Have you stress-tested it with a penetration test? Trust but verify and be ready with a backup. For home users, it can be as simple as buying a USB-mounted drive, performing a backup of the operating system and files, and then disconnecting when done to achieve immutable backups at home.

++

Tim Roddy, VP of Product Advocacy, Zimperium

As organizations and individuals recognize World Backup Day, it’s critical to acknowledge that traditional backup strategies alone are not enough. Cybercriminals now take on a mobile-first attack strategy, targeting mobile devices with sophisticated threats, including mobile malware, phishing attacks, and zero-day exploits—putting sensitive data at risk before it can even be backed up.

To ensure data integrity, businesses must implement a proactive mobile security strategy that protects data at the source—on the devices and applications where it resides. AI-driven mobile threat defense, like Zimperium’s, helps detect and mitigate threats in real time, preventing attackers from accessing or corrupting critical business and personal data. On this World Backup Day, organizations should go beyond backups and reinforce their security posture with comprehensive mobile protection, ensuring that backups remain uncompromised and data stays secure.

++

Kelvin Lim, Senior Director, Head of Security Engineering (APAC), Black Duck

Data is the ultimate digital asset for organizations. Losing or corrupting data can severely disrupt workflows, obstruct decision-making, and even threaten the very survival of a business. As such, establishing a reliable data backup and recovery system is crucial as the ultimate safeguard against risks such as cyberattacks, human errors, hardware malfunctions, power failures, and natural disasters.

Additionally, in a time of increasing cyber threats, data backup plays a pivotal role in enhancing cyber resilience by facilitating quicker recovery. This minimizes downtime and operational disruptions caused by incidents like ransomware attacks. This not only saves financial resources but also ensures that critical data can be recovered promptly, minimizing operational downtime and disruption. Backups provide an effective strategy for combating ransomware, enabling businesses to restore their data without succumbing to ransom demands. This approach not only reduces financial losses but also strengthens organizational adaptability and responsiveness in challenging circumstances.

To maximize the effectiveness of data backup efforts, it is essential to follow established industry best practices:

Align backups with business and regulatory requirements: Ensure that your existing backup and restoration solutions meet the Recovery Time Objective (RTO) and Recovery Point Objective (RPO).
Secure backup copies: Store backups safely in a secured, climate-controlled environment and comply with retention period guidelines.
Encrypt backup data: Protect sensitive information by encrypting all backup data with strong encryption.
Verify recoverability: Regularly test backup data to confirm that the recovery process is error-free.
Differentiate between data backup and retention: Understand that these are distinct processes requiring tailored solutions.
Maintain detailed documentation: Keep comprehensive records of backup policies and storage media.
Account for proprietary formats: If backups are stored in a proprietary format, ensure you retain the tools needed to restore the data in the future.
Adopt the 3-2-1 backup rule:

Retain three copies of data: the original and at least two backups.
Use two different storage types, such as internal drives, external drives, tapes, or cloud storage.
Store at least one backup in a separate physical location from the primary data.

By adhering to these practices, organizations can enhance their data backup strategies and ensure resilience against potential risks.

++

Steve Petryschuk, Director, Product Market & Strategy, Auvik

You back up the data you know about, but what about the data you don’t see?

Shadow IT and shadow AI remain a major source of headaches for IT teams. Without proper oversight, sanctioned and unsanctioned SaaS applications can leave sensitive business information exposed. Companies are more likely to experience a cybersecurity incident if they can’t see where their data resides. When backups of sanctioned SaaS applications do exist, overlooked SaaS data often goes unprotected. To build a robust SaaS backup strategy, start by giving IT teams full visibility into the apps being used, so they can proactively secure, manage, and back up critical data.

Network data presents another crucial piece of the puzzle. According to the Auvik IT Trends 2025 Report, 61% of IT professionals update network configurations weekly, yet nearly half only document those changes monthly or less often. This creates a four-week window where documentation lags behind. This gap exposes businesses to unnecessary risk, especially when a simple, automated network backup solution can close it. Rather than building your own system, rely on established network management tools to automate configuration backups, track and highlight changes in real time, and alert you when unauthorized modifications occur.

By centralizing both SaaS and network management, IT teams will expand their data visibility and safeguard this often overlooked but critical data.

++

Stephen Kowski, Field CTO, SlashNext Email+ Security

Backing up data is crucial, but it’s only half the battle – you also need to protect your data from threats like phishing, BEC, and smishing that can compromise backups in the first place. Modern security requires real-time protection across all communication channels including email, mobile, and messaging apps to stop zero-hour threats before they reach users. The best defense combines advanced AI technology that can detect sophisticated attacks with a multi-layered approach that works across your entire digital ecosystem. With World Backup Day approaching, it’s the perfect time to remind everyone that comprehensive security and regular backups go hand-in-hand for true data protection.

++

Heath Renfrow, Co-founder and CISO of Fenix24

World Backup Day serves as a timely reminder that backups are more than a best practice—they are a business imperative.

We’ve rebuilt hundreds of environments after ransomware attacks, and time and again, the difference between recovery and ruin comes down to one thing: backup resilience. Ransomware attacks are faster, smarter, and more destructive than ever. Traditional detection-and-response strategies alone aren’t enough.

To truly withstand today's threat landscape, we advocate for our 5-4-3-2-1 backup methodology.

This strategy ensures data is not just duplicated, but hardened, diversified, and distributed in a way that aligns with today’s adversarial tactics. We’ve seen firsthand that even organizations with “immutable” backups are often vulnerable due to misconfigurations, exposed credentials, or lack of network segmentation. Backups must be redundant, isolated, and access-controlled. If threat actors can reach them, they will destroy them.

If your backups aren’t resilient, your business isn’t either. This World Backup Day, take a hard look at your strategy. It's not just about checking a box, it’s about surviving the worst day your organization might face.

++

Kurt Markley, Managing Director, Americas at Apricorn

With World Backup Day on March 31st, it's a great time to reflect on the strength of your organization’s backup strategy. Despite ongoing efforts to strengthen defenses, ransomware continues to surge—incidents increased by 11% globally in 2024, hitting 5,414 reported attacks worldwide. Even more troubling, Veeam reports that 96% of ransomware incidents specifically target backup repositories, underscoring the crucial role that robust backups play in cybersecurity.

But are businesses prepared? Apricorn’s recent US survey found that while 63% of IT decision makers successfully recovered data from backups after a cyberattack, nearly a quarter (23%) were only partially successful. Alarmingly, 3% couldn't recover anything at all due to inadequate backup processes. Moreover, nearly 12% admitted that their current backup solutions wouldn't enable quick recovery after an attack.

Clearly, there's work to be done. While US organizations are increasingly adopting automated backups and storing data in multiple locations, more aggressive steps are necessary. A foundational best practice is the 3-2-1 backup rule: keeping at least three copies of your data, stored across at least two types of media, with one copy secured offsite—ideally on an encrypted removable drive disconnected from the network. This ensures data availability even when facing ransomware attacks, hardware malfunctions, or unexpected disasters.

Cyber threats aren’t going away, but data loss doesn't have to be inevitable. Organizations need to prioritize data backups daily and consistently test their effectiveness to ensure complete and swift recovery. After all, robust backups aren't just good practice—they've become essential for cybersecurity compliance, with our research showing 58% of IT decision makers recognizing them as critical for maintaining cyber insurance coverage. Ensuring secure, encrypted backups is no longer optional; it's fundamental to surviving and thriving in today’s threat landscape.

++

Jon France, CISO of ISC2

Every day, we hear of the importance of having strong passwords, implementing multi-factor authentication, and downloading software updates, but the criticality of back-ups seems to get overlooked and even discarded as a given... but that doesn't mean we're doing it right.

The responsibility falls on the individual to protect their personal information, but organizations must ensure they have a backup strategy in place -- without one, security postures immediately become weaker, and attacks that could have been simple annoyances can become severe.

When people think about backups in their everyday life, they may think about the manual process of saving wedding photos to an external drive or keeping a copy of their personal records somewhere safe. It may sound like a burden and 'something that I need to get to eventually,' but with today's amenities like cloud services and automated backups, there really should be no excuse for businesses and individuals not to have a clear, executable backup plan.

Money is the number one reason for cyberattacks against businesses. Every business stores data, and cybercriminals know the damage they can cause by compromising that data. If you have no other way to retrieve stolen information other than paying a ransom -- with no guarantee that they will decrypt your files, by the way -- then your entire business could be in jeopardy.

But don't panic -- with today's solutions, backing up data isn't hard. You just have to make sure you do it on a regular basis and enforce the policies you put in place. There are also immense resources available to educate your employees on the value of backups. Give employees the resources and education they need to succeed, and organizations can rest easier knowing that when an attack hits, they can't be forced into a corner.

++

Ira Winkler, CISO at CYE

One of the major benefits of cloud computing and SaaS tools is that there is an automatic, offsite backup by default. Ensuring that you enable the backup capabilities, while also ensuring the capabilities of your providers. Backups have been built into most significant services by default.

That said, I personally described backups as part of what I called the Three Golden Rules with regard to cybersecurity back in 1996, and this has not changed despite advances in threats and technologies. Keeping regular backups is a failsafe to just about any type of incident. Whether a computer or device is lost, stolen, destroyed, corrupted, etc., whether from malicious or malignant threats, a backup will mitigate a significant amount of damage. Over time, backups have luckily become easier and frequently automatic. Cloud computing and storage, which is ubiquitous in many cases, makes backups ubiquitous as well. For data elsewhere at rest, World Backup Day serves as a great reminder to ensure regular backups.

++

James Van Patten, Director of Memory and Storage Product Lines for Crucial (Micron Technology’s consumer brand)

As we mark World Backup Day, we should all take a moment to appreciate the importance of protecting our digital lives. Data loss can hit out of nowhere and by any means. By proactively backing up your data, you shield yourself from the potential heartbreak and chaos that data loss can bring. It's not just about having a backup; it's about having a strategy with regular updates and secure storage solutions. Make data protection a priority by investing in reliable backup options, be it cloud storage, internal drives, or external drives.

Stephen Manley, Chief Technology Officer at Druva

Key Challenges in Multi-Cloud Backup

The biggest challenge in protecting and securing a multi-cloud environment is how to get centralized control while leveraging the best of breed technology to protect the environment. Organizations want to standardize functionality and processes to operationalize their protection. This leads to a “lowest common denominator” approach in which they run virtual appliances in the cloud to replicate their on-premises environment. Unfortunately, this is expensive, hard to manage, and does not provide the flexibility that cloud workloads need. On the other hand, organizations that try to use “best of breed” technology for each cloud end up with disparate environments that require multiple teams to manage. Even worse, the business gets different protection and recovery behaviors for each environment, which creates confusion and inconsistent results.

The second challenge is discovering what you need to protect. With so many cloud accounts and SaaS applications, the backup and security teams often do not find out what needs to be protected until data is lost, and by then it is too late. Therefore, it becomes critically important to have tools that can discover what is in the cloud and SaaS environments, so the backup teams can work with the business to make explicit decisions about what needs to be protected and secured.

Carl D'Halluin, CTO, Datadobi

This World Backup Day serves as a crucial reminder for organizations to prioritize data preservation and intelligent management. First, ensure you maintain a ‘golden copy’ of your data—an immutable, secure backup that protects against loss, corruption, or threats. Second, focus on understanding your data. In today’s digital landscape, every part of a business generates data, often managed in silos. You can’t protect what you don’t know exists. By implementing robust data management solutions, organizations can reduce risk and strengthen their operational resilience.

Randolph Barr, CISO at Cequence

World Backup Day is a great opportunity to remind people of the importance of securing important organizational and personal data by creating and maintaining a strong backup strategy.

Data leaks and breaches are becoming increasingly frequent due to a multitude of factors, including the higher skill level of attackers and the growing adoption of AI in cyber tactics and techniques. To mitigate these risks, organizations must prioritize data security. Creating backups and enforcing thorough data retention policies are key to protecting vital company information, such as user or customer data.

In the event of a breach, human error, or even natural disasters, having secure backups allows security teams to get back up and running faster, saving time and money for organizations. Data backups should be automated daily, and backups should be tested regularly to ensure that data can be restored successfully, and any weaknesses can be addressed promptly.

To defend against threats like ransomware, backups must be stored separately from primary systems ideally in isolated or offline environments – and protected with encryption at rest. These controls help ensure that backup data remains secure and accessible even if production systems are compromised, giving organizations a reliable path to recovery.

Cynthia Overby, Director of Strategic Security Solutions, zCenter of Excellence at Rocket Software

With rising ransomware threats, tightening regulations, and the soaring cost of downtime (up to $5 million per hour in high-risk sectors), data recovery has become a business-critical priority – not just an IT concern. True resilience goes beyond having a backup file. It’s about having the right data, in the right place, ready to keep up with the speed of business.

World Backup Day is a timely reminder that backup alone isn’t enough. A modern recovery strategy demands more – it relies on real-time data replication across mainframe, distributed, and cloud environments to maintain seamless access and business continuity. To keep pace with evolving systems, organizations must automate change tracking to keep data current and replicate from a single source to multiple targets to streamline operations and reduce costs. These capabilities must work in concert to enable a more efficient and resilient recovery process.

Backup isn’t a fallback – it’s a forward-looking strategy. And for organizations running mission-critical infrastructure, where downtime simply isn’t an option, it's the foundation of continuous operations.

Munu Gandhi, President of IT Solutions at Xerox

In today’s hybrid workplace, secure IT solutions are imperative. At Xerox, we understand that our clients are focused on driving productivity safely and securely, addressing concerns around their endpoints, infrastructure, and cloud-based environments. The foundation of this is maintaining the integrity of data. This World Backup Day, I encourage all technology and security leaders to assess their posture to ensure that they can address their business requirements for recovery and data integrity.

Stew Parkin, Global CTO, Assured Data Protection

Ransomware remains at the top the threat list as we mark World Backup Day 2025. With this in mind, having a robust backup strategy - especially one incorporating immutable backups - is no longer optional but essential.
Without an immutable backup in place, ransomware can encrypt or delete all copies of organizational data, including standard backups. This can result in the total loss of critical files, customer records, and operational data. As a result, business operations can be seriously disrupted for days or even weeks, causing significant delays in business processes, supply chain disruptions, and loss of productivity. Without an immutable data backup, restoring operations rapidly is almost impossible.

However, the post attack phase, when an organization is recovering from a ransomware attack, is likely to be marked by additional fallout. There’s a high risk of reputational damage and loss of trust, as clients and stakeholders may lose confidence in the organization’s ability to protect their information. Additionally, many cyber insurance policies require immutable backups - without them, claims could be denied.

With immutable backups in place though, it’s a very different story. Operations can be restored within minutes, without ever having to consider paying a ransomware demand.

Bob Fine, Quantum Senior Analyst Relations Manager, the LTO Program

Businesses rely so heavily on data now that it’s simply impossible to operate without it. And if you need data, you need to be able to store it securely. In a crisis – such as a cyberattack or a natural disaster – a backup of these data stores must be secure, safe, and recoverable to ensure that the IT teams can get the business back up and running as quickly as possible. The longer it takes to restore the backup, the greater the consequences, including both financial and reputational losses.

The best protection that businesses can give their backups is to keep at least two copies, one offline and the other offsite. By keeping one offline, an airgap is created between the backup and the rest of the IT environment. Should a business be the victim of a cyberattack, the threat physically cannot spread into the backup as there’s no connection to enable this daisy-chain effect. By keeping another copy offsite, businesses can prevent the backup suffering due to the same disaster (such as flooding or wildfires) as the main office.

Linear Tape Open (LTO) tape storage is a tried and tested example of a reliable airgapped storage system. As it celebrates its 25th anniversary this year, LTO tape storage is as popular as ever, as businesses are increasingly reliant on their backups. With research finding that a company falls victim to a ransomware attack every 14 seconds, and the UN Framework Convention on Climate Change reporting that the number of disasters has increased by a factor of five over a 50-year period, ensuring that your company has the right backup measures in place is a fundamental requirement of a successful business in 2025.

Simon Jelley, general manager & vice president of data protection at Arctera

Amid the rapid acceleration of artificial intelligence (AI) use and development, the technology has emerged as a tool for enhanced data security, monitoring and productivity. Along with these incredible developments, though, comes new risks as the technology has dramatically increased an organization’s data loss risk and accelerated cybercriminals’ ability to disrupt networks. Additionally, the ability to identify and exploit vulnerabilities using automated scanning and sophisticated phishing attacks introduces new challenges into an already complex and evolving cybersecurity landscape. It’s more complicated—and more important—for organizations to be on top of today’s threat landscape, which changes constantly. While traditional threats like ransomware, data breaches, natural disasters and human error remain constant, the use of AI by bad actors has amplified not only the frequency of these attacks but their intensity, sophistication and potential damage as well. World Backup Day 2025 provides a timely reminder that organizations cannot be complacent when it comes to security. Data protection is too complex today and data protection solutions are only built to empower data protection specialists. Instead, data protection should be accessible to all IT professionals – inclusive of those in new players in the IT field such as cloud and cyber security specialists.

Craig Sanderson, Principal Cyber Security Strategist, Infoblox

Backups are typically associated with protecting critical data – files, servers, databases – but what is often overlooked is the importance of regularly backing up network configurations, the blueprint dictating how an organization’s DNS, DHCP, and IP Address Management (IPAM) services operate. Together, these integrated services—known collectively as DDI—define how users and devices securely access network resources. But these configurations aren’t always effectively backed up, particularly if they aren’t managed together, leaving organizations vulnerable not only to equipment failure but also to human error, one of the most common causes of network outages.

Cybercriminals, particularly ransomware actors, understand this vulnerability well. They've learned to quietly infiltrate and remain hidden within networks, sometimes waiting patiently until existing backups – often limited to just a few months – are compromised or no longer provide clean restoration points. By regularly backing up DDI configurations and combining this practice with robust DNS-driven network visibility and threat detection, organizations can identify unauthorized changes early, limit potential downtime, and rapidly restore network integrity when breaches occur. This World Backup Day, businesses should treat DDI configuration backups not as an afterthought, but as an essential component of their cyber resilience strategy.

Jim Liddle, Chief Innovation Officer Data Intelligence & AI at Nasuni

The temptation to delete historical data as a cost saving or data storage tactic has been increasing particularly as IT now has to accommodate AI budgets, especially as data volumes expand exponentially due to the continued growth of unstructured data within the enterprise. However, deleting data can have several unintended consequences, resulting in inaccurate outputs from reduced historical data context— to even creating new challenges with regulatory compliance. Organizations can receive fines for not following proper data disposal timeline or process, which is quite common in industries like manufacturing and Architecture, Engineering, and Construction (AEC).

Rather than viewing data preservation as a single choice between deletion and saving, companies should consider implementing smart data management strategies that maintain valuable data assets while minimizing costs and clutter. For example, companies can consider more nuanced approaches to data storage and preservation such as smart archiving or privacy-preservation techniques. Smart archiving, for one, shifts data to lower cost storage tiers, enabling the preservation of high-value unstructured data while eliminating redundant or low-value information. Additionally, privacy-preserving techniques are those which employ anonymization and pseudonymization to maintain data utility while reducing regulatory burden.

No matter which strategy an organization decides to deploy, the key to success here is having a flexible infrastructure in place to allow for this type of data maintenance and mobility— giving organizations the option for safe and efficient data preservation, without having to delete their data.

++

Carolyn Duby, Field CTO and Cybersecurity Lead at Cloudera

AI thrives on data. The more data it has access to, the more powerful and valuable its insights become— making all enterprise data significantly more critical. However, as AI adoption accelerates, the risks tied to how AI handles and moves data proliferates— including higher risk of security and compliance breaches, as well as errors, biases, or outdated information being input that could reduce AI model reliability.

World Backup Day serves as a timely reminder for businesses to review how they secure and manage their historic and present data— especially when that data will be fed into AI models. It’s important that IT leaders understand that managing and securing data requires a holistic data protection approach. A modern data lakehouse architecture and a multi-cloud data management strategy empower enterprises with an infrastructure that can unify storage, governance, and backup across platforms to reduce the risk of data loss, ensure business continuity, and provide scalability.

++

Roger Williams, Partnerships & Community Manager, North America at Kinsta

The biggest mistake businesses make with website backups is assuming they’re covered without verifying. A backup is only as good as its restore process—if you can’t recover your site quickly, it’s not useful.

Website maintenance is often overlooked because it’s ‘out of sight, out of mind’—until something goes wrong. Many businesses see it as an IT task rather than a critical part of performance, security, and customer experience. The shift comes from recognizing that a well-maintained website means fewer disruptions, better SEO, and a stronger brand reputation.

Ilia Sotnikov, Security Strategist at Netwrix

World Backup Day is a good reminder that backups are more than just a checkbox in cybersecurity — they’re a lifeline. The primary goal of backups is to ensure business continuity, which makes them a crucial part of a resilient security architecture. To be truly effective, backups should be tailored to restore the most valuable data as quickly as possible, minimizing downtime. Therefore, organizations must regularly ask themselves a question: Are our backups designed to restore what matters most, fast enough to keep the business running?

Plan backups with recovery objectives in mind. Security teams should identify and classify their organization’s most valuable data, separate critical system components from less important ones, and establish different backup and recovery strategies for them in accordance with business goals and priorities. This approach helps save both money and time in backup operations. More importantly, it ensures that recovery of critical data and content is not delayed by restoration of less important systems.
Know where the organization can rely on service providers and where it cannot. Not everything is automatically backed up in the cloud. Software-as-a-service (SaaS) and infrastructure-as-a-service (IaaS) workloads use a shared responsibility model: While the service provider ensures uptime and availability, data protection may still fall on the organization. Organizations should track every cloud service they use, make sure they understand exactly what the provider is responsible for, and assess whether they need to implement additional backups.
Prioritize what to restore first after an incident. Restoring large volumes of data can take hours, days or even weeks. However, a targeted recovery approach can get the most critical operations running again much faster. The better the organization understands what data has been affected, the quicker the security team can restore it. Solutions for change tracking and system auditing can help detect unwanted changes, while recovery tools can roll them back efficiently.
Secure the organization’s backups. Ransomware gangs know that security teams have a Plan B for restoring data in case the primary defense measures are unable to block an attack. To maximize the chances of receiving ransom payouts, threat actors actively target backup systems to prevent victim organizations from restoring data on their own. Therefore, security teams should ensure their backups are rigorously protected. They should regularly test the organization’s backups, store copies offline where ransomware cannot corrupt them, monitor backup integrity, and implement strong security measures for identity and access management (IAM) to prevent unauthorized access.

Stephen Bacon, Vice President, Data Protection and Cyber Resilience, HPE

World Backup Day is an annual reminder to protect your data and, with that, your customers, your employees, and your organization. While the heritage of the day is backup, there is far more to data protection these days to address new threats, new workloads, and new regulations around the world. It is also about cyber resilience, rapid recovery from backup, and seamless disaster recovery to keep data safe and organizations operational no matter what.

This year, let World Backup Day serve as a crucial reminder that backupalone is no longer enough. Organizations need a comprehensive, multi-layered approach that spans from edge to cloud and source to target, including storage array-level ransomware protection, cyber vaulting, and disaster recovery everywhere your critical workloads run.

Chris Girard, Sr. Director of Product Management, VDURA

Today, on World Backup Day, we recognize the evolving landscape of data storage infrastructure within HPC. The industry's shift toward complex computational tasks and AI-driven innovation necessitates advanced approaches to data storage.

In HPC, efficient checkpointing is critical—allowing for immediate recovery and minimizing downtime during intensive computations. Equally critical in AI development, the primary form of backup begins at the model checkpoint, which must support frequent, rapid saves to avoid data loss and facilitate smooth model iteration. Prioritizing instant recovery minimizes downtime for clusters engaged in training next-generation AI, and these solutions expand to support the growth of AI development environments.

As AI continues to redefine the future, we must recognize the importance of speed of saving and retrieving data, and data resilience, keeping data available and durable for AI modeling.

Bruce Kornfeld, Chief Product Officer at StorMagic

One debate we’re currently seeing in the backup industry is agent-based versus agentless backup. In recent years agentless backup has become more popular, especially for virtual environments, because it doesn’t require backup agent software to be installed on each virtual server. With more complex environments than ever before, having agents on each VM can add administrative overhead to an IT department (the need to keep all of the agents updated). The biggest players in virtualization software – VMware, Microsoft, Nutanix – have all worked with many of the backup software providers over the years to develop custom integrations for agentless backup. It's become the norm.  
 
However, Broadcom’s acquisition of VMware nearly 18 months ago has led many customers to rethink their virtualization strategy and consider alternative hypervisors that deliver the capability they need but are much more cost-effective than staying with VMware. But moving to a virtualization solution outside of these “big 3" means considering a more open, agent-based approach to backup. The backup software providers don’t have the resources to work with alternative hypervisor providers to do the custom engineering work needed to for agentless backup integration. 

So what should IT departments do that want to save money and move off of VMware? They simply shift to an agent-based approach. This is how backup has been done for decades and, crucially, will work with any hypervisor. All backup software providers have agents available that typically deliver the same functionality as agentless for the same cost, making it a very valuable alternative with the flexibility and ROI that today’s businesses require.

Published Monday, March 31, 2025 7:30 AM by David Marshall