Protect the data and the unique configurations, programmatic settings and integrations or workflows for IT/network programs, applications, and endpoints.

Data reduction (deduplication, compression) reduces the overall size of files and eliminates redundancy among stored blocks. Making movement, management and storage more efficient.

Today’s solution should easily integrate with hyperscale clouds, such as AWS or Azure, to protect IaaS workloads, store backups for long-term retention requirements, and enable disaster recovery.

Reduce risks via fewer touch points or attack surfaces.

Admins should be able to choose how backups are scheduled, either by entering a specific schedule or by using intelligent, policy-based scheduling technology.

Considering solutions that offer global deduplication across the entire backup volume will enable more efficient storage utilization than job-based duplication, which reduces blocks on a per-job basis. Since the probability of having duplicate data on VMs with the same OS are relatively high, per-job deduplication misses out on efficiency unless you put all VMs into a single backup.

A cloud provider offering a dedicated cloud provides a turnkey solution specifically tuned to meet the needs for long-term retention and disaster recovery. Key functions are delivered as a service, thereby reducing the reliance on internal IT to develop DR as a core IT competency.

Your solution should be flexible in how you can recover assets as well as where you can recover the data to. Look for solutions that support a wide range of recovery modes including physical-to-virtual (P2V), V2V, V2P and replicas.

Bare metal restores enable application recovery across servers from different vendors and hardware configurations.

Utilize intelligent tools that simulate different disasters and outage scenarios to determine what types of and how much data would be lost in a downtime event so you can refine your strategy and ensure RPOs are being met.

If a server, VM or data center rack goes offline or fails, your appliance should be able to orchestrate failover to bring applications back up from your most recent backup with a near-zero RTO.

A single user interface should provide you with a global view to manage the protection of on-premises assets, remote offices, SaaS apps, and endpoint devices.

Leverage deep application testing to identify, simulate, and test the multiple steps required to recover complex applications to ensure RTOs and uptime SLAs are being met.

Computers and servers should be in secured, locked locations. An alarm system should be in place for after-hours security as well as continuous visual security for office systems.

Identify, authenticate, and authorize every person trying to access any IT resources.

Consider a solution written in hardened Linux. Ransomware targets Windows applications and common utilities (i.e., VSS writers) due to their popularity and the fact that Windows is an open architecture.

Empower employees to defend against phishing and account takeover attacks. Solutions that provide visual cues (i.e., banner notification) alert employees to external senders, spoofed, and/or imitated users and enable them to quarantine suspicious emails, which helps to automate workflows and feedback loops to streamline IT review.

Computers and servers should be password protected. Passwords should not be viewable by visitors and office goers.

AES encryption secures data privacy both at rest and in-flight. In addition to data backups, office email should be secured and any Personally Identifiable Information (PII) sent via email should be encrypted. Any removable storage devices (HDDs, USB drives) should be encrypted. Staff should be trained adequately in encryption procedures.

Your solution should use machine learning to detect in near real-time, an active infection. Artificial Intelligence (AI) establishes a baseline of heuristics, such as change rate prediction, data entropy and randomness, to identify anomalies in data that antivirus and firewalls do not catch. Automatic notifications alert admins, enabling them to take immediate action to slow the spread and speed up recovery efforts.

Secure servers, data, and networks with an AI-augmented solution that identifies threats, such as misconfigurations, unauthorized logins, new devices being added to the network, gaps in backups and admin rights being granted, that firewall and antivirus solutions cannot detect.

When dealing with highly proprietary data, not all backup and recovery users may require access. A solution that limits the scope and capabilities of admins and other users ensures that backup schedules and/or recoveries are only performed by authorized personnel.

Immutable logs and routine monitoring ensure that the data being handled by your backup and recovery systems is being appropriately handled and accessed by staff.

Depending on your state, you may be required to retain records (such as tax records) for several years. Your solution needs to be able to accommodate long-term data retention, whether locally, to a cloud location or a secondary target (i.e., NAS device or tapes).