IT Brief UK - Technology news for CIOs & IT decision-makers
United Kingdom
Guides
#
artificial intelligence
#
digital transformation
#
disaster recovery
#
hybrid & remote work
#
internet of things
Search
#
Firewalls
#
Data Protection
#
DR

Exclusive: Why every day should be World Backup Day

Yesterday
Author image
By Melania Watson, Interview Editor

Following World Backup Day, one cybersecurity expert is warning that data protection isn't just a once-a-year task - it must become a daily habit.

According to him, it takes only one compromised system to bring an entire business to its knees.

As organisations around the world marked the 15th annual World Backup Day on 31 March, Sean Deuby, Principal Technologist at Semperis, reminded business leaders that backing up data isn't just a calendar event - it's a critical, continuous practice.

"Every day should be World Backup Day for you," he told TechDay during a recent interview. "You can't think about backups once a year. You have to think about them all the time."

One of the biggest challenges companies face, Deuby explained, is business interruption - especially when they fail to back up systems like Microsoft's Active Directory (AD), which is foundational to most large organisations' IT infrastructure.

"If you don't regularly back up your data and you're attacked, you've lost access to applications the business depends on," he said.

"That translates to the stuff people care about - loss of revenue, impact to your suppliers and customers, and damage to your reputation."

Attackers go for backups first

Modern cyber attacks often follow a familiar playbook. Threat actors typically gain access by compromising identities through phishing, password spray attacks or stolen credentials from the dark web. From there, they escalate privileges - usually in Active Directory - and then target the backup systems.

"They go for the backups because if they can encrypt or destroy them, the organisation is more likely to pay the ransom," Deuby explained.

While backup systems have improved over time, many still rely on AD for access, which leaves them vulnerable. "Enterprise backup systems are becoming more resilient," he said. "They're moving away from using Active Directory credentials and are adopting separate authentication processes. They're also focusing on immutable backups that can't be altered or deleted."

For those unfamiliar with Active Directory, its centrality in organisational infrastructure cannot be overstated. "Identity is at the centre of modern security," Deuby said.

"If you compromise Active Directory, you've compromised everything - even your cloud architecture."

The nightmare of restoring AD

Recovering AD from a cyber attack is far from straightforward. "Active Directory is not like a file server or web application," Deuby explained. "It's a distributed system that replicates thousands of changes daily across multiple domain controllers."

Microsoft's official AD forest recovery guide outlines a 29-step process that spans 149 pages - so complex that most IT teams can't complete it successfully even in lab conditions.

"I actually printed it all out," he said. "Then I wrote a 14-page companion guide pointing out 25 problem areas. It's hard to understate how complicated and difficult the process is. That's why we automated it."

He added: "If someone in a workshop has gone through a forest recovery before, I always talk to them. They never want to go through that again."

Common backup misconceptions

Many businesses assume that traditional backup and recovery software is sufficient, but that's a dangerous misconception. "It simply doesn't address reestablishing trust in Active Directory after an attack," Deuby said. "And if you can't trust AD, you're in a world of hurt."

Another common oversight is assuming cloud data doesn't need backups. "Just because your data is in the cloud doesn't mean it's safe," he said. "Microsoft's shared responsibility model makes it clear—you're responsible for backing up your own data and configurations."

Advice for smaller organisations

For smaller organisations with limited resources, Deuby urged them not to delay. "Use Microsoft's free Windows Server Backup if you must," he said. "Back up at least two domain controllers per domain, and store the backup somewhere the bad guys can't reach—whether that's cold storage, a disconnected USB, or cloud-based immutable storage."

He continued: "Ideally, back up every day. There are enough changes in a week that recovery can be painful. Grown-ups do the risk analysis - the pain of doing it daily versus the pain of losing everything."

The future of data protection

Looking ahead, Deuby believes the landscape will only become more complex. "It's a cat and mouse game between threat actors and defenders," he said.

"Data protection solutions will keep evolving, using hybrid architectures and sophisticated cloud services. But it won't be quiet times."

So, what should every person and organisation take away from World Backup Day?

"Drop what you're doing, take a backup with whatever you have, and disconnect it from the network," Deuby stressed.

"That includes your personal equipment at home. People often forget about that - but there's no substitute for six feet of fresh air in your backups."

Related stories
Identity Management Day focuses on digital security future
Kaspersky discovers & patches zero-day Chrome flaw
ThreatAware unveils Version 3.0 of its cyber security platform
Exabeam unveils Nova AI agent for enhanced security ops
Sonatype reports rise in open source malware to 17,954
Top stories
Northern Data & Gcore to launch AI platform collaboration
Guidewire's Mammoth release to boost insurer agility
AI transforming manufacturing, boosting productivity by 188%
AI-driven coaching tools: debunking myths & benefits
Sophos report highlights urgency of active cyber defence