Why data backup isn’t optional anymore

Harrison Wood, Pax8 Continuity Solutions Consultant

Learn how to convince clients why it’s critical to deploy backup solutions to protect their data.

In today’s digital world, data is more than a resource for businesses of every size, it’s a currency. Yet somehow, the need for data backup and continuity solutions can be a hard sell. Without truly understanding their exposure, clients just see another monthly IT expense without any immediately visible ROI.

The Data Download

The perception gap around the risk of data loss is troubling. While 89% of MSPs are “highly concerned” about the ransomware threat, a whopping two-thirds of senior decision-makers at SMBs do not believe they are likely to be targeted by cyberattacks.

How can MSPs change this misjudgment? Maybe try taking a page out of insurance companies’ playbooks. From the “Mayhem” character acting like a raccoon in the attic in Allstate commercials to the Farmers Insurance professor telling a “Hall of Claims” story about a moose rampaging through an RV in Farmers Insurance commercials, the best insurance ads make the risks in the world tangible so that consumers realize “I need protection in case this happens to me.”

In many ways, backup is like insurance for business data – when the worst happens, continuity solutions help companies reverse the loss, recovering their data so they can get back to business as quickly as possible. As a trusted tech advisor to your clients, it’s up to you to paint a picture that illustrates the potential catastrophe that data loss can inflict on the business.

Below are five angles you can use to help your clients understand that data backup solutions are no longer optional in our threat-heavy cyber landscape.

 

Data is valuable – and not just for its resale value.

One common objection that MSPs come across with SMB clients is the idea that they are too small to be targeted and that they don’t have data anyone would want. This is far from the truth. ALL businesses generate valuable data every day — from credit card numbers to customer and employee personal identifiable information (PII) that can fetch a large price on the black market, not to mention sales and financial information and proprietary IP that competitors would be eager to get their hands on.

And when it comes to ransomware, attackers don’t even need to monetize the stolen data. They just need the data to be worth enough to the victimized business for them to pay to get it back. In fact, 58% of businesses who paid a ransom in the last 12 months, did so because the cost of the ransom was less than the cost of lost productivity from downtime due to the attack!

Data is vulnerable. From bad people, but also from your people.

There are so many threats to data out there. Malicious attacks such as ransomware and phishing have been rapidly increasing in volume and sophistication, but data is at risk from other sources as well.

In fact, user error (i.e. employees) is the #1 cause of data loss, whether it’s someone mistakenly overwriting a document or a well-intentioned departing employee trying to “clean” their file systems before leaving. Hardware failure, lost or stolen devices, natural disasters, and power outages are also ways that data can be lost, damaged, or corrupted. You never know what life might throw at you — one MSP anecdote claims that a cat knocked an external hard drive off a shelf, leading to valuable data being lost!

All it takes is something as simple as an accidental click of a mouse, and crucial business files could be lost forever. Is your client willing to take that risk?

Remote work exposes data vulnerabilities.

The 2020 surge in remote work left IT teams scrambling to enable remote productivity within quick turnarounds. Remote work inherently poses more security challenges as employees work outside the safety of the corporate firewall, connecting to company resources on multiple devices via insecure home networks.

The rush to roll out remote work solutions inevitably left some of these security vulnerabilities exposed – which coincided with a rapid increase in cyberattacks as cybercriminals hurried to exploit the pandemic. By mid-2020, the FBI reported that cyberattack complaints were up by 400%, Microsoft reported that pandemic-themed phishing and social engineering attacks jumped by 10,000 a day, and cybersecurity experts reported that ransomware attacks were up by 800%.

The double whammy of a weakened security posture colliding with a flood of cyberattacks brought the consequences of data loss home to many companies. In fact, in a 2020 report from Malwarebytes, 24% of surveyed IT leaders said they paid unexpected costs to address a cyber breach or attack following the move to remote work in March.

2020 has changed the “new normal” of work forever, and remote work isn’t going anywhere. Businesses must find ways to protect company data while empowering remote work, making backup and continuity solutions key components of modern remote work strategies.

The consequences hurt beyond the financial cost.

The most obvious impacts of data loss are calculated in time and money. Ask your client decision makers how long their business can tolerate downtime due to data loss before facing consequences such as lost sales, angry customers, or compromised PII.

When surveyed about the impact of an outage, 54% of businesses reported loss of customer confidence, 38% reported damage to brand integrity, and 37% reported loss of employee confidence.

You can use a cost-of-downtime calculator to bring in hard numbers to help your clients face the facts. The stats vary, but it’s estimated that unplanned downtime can cost between $926 and $17,244 per minute — and with 40% of surveyed SMBs saying that they experienced 8 or more hours of downtime due to a severe security breach in the past year, those dollars add up fast.

There are intrinsic costs to consider as well, including loss of customer trust, damage to brand reputation, weakened employee morale, threat of legal action, and possible compliance fines and penalties. Make sure your client considers the full picture when it comes to the consequences of data loss.

It can happen to anyone — and stats indicate it WILL happen to you.

We all prefer to avoid thinking that bad things can happen to us, so it’s natural for an SMB to want to think of ransomware and data breaches as things that happen to other businesses. But the truth is that, based on statistical likelihood, most SMBs will experience a cyberattack or major data loss at some point. And your clients need to be prepared for the worst.

No security solution is 100% foolproof — and as we established, a lot of data loss is not malicious, but accidental. So, if the day comes that critical files are held hostage by ransomware or mistakenly deleted by an employee, your clients need a “rewind” button to bring back their data. That’s why backup and continuity solutions are so critical for modern businesses as a last line of defense to protect data and become more cyber resilient.

Put the Decision on Their Shoulders

When you decline insurance, whether for a rental car or a plane ticket, you typically have to sign a waiver indicating that you understand the risk and acknowledge that you are making the choice to proceed without that protection. In the same way, once you’ve educated clients on the risks of data loss using stats, stories, and downtime calculators, it’s time to put the decision directly on them.

If you have clients who still don’t want a backup solution after you’ve done your best to lay out all the risks, having them sign a liability waiver can be a final wakeup call to get them to realize the mistake they are making — and that the responsibility for that decision now lies with them.

The MSP’s Guide to Selling Backup Solutions includes a sample liability waiver you can use for these scenarios. It also offers more in-depth advice for positioning backup, continuity, disaster recovery solutions to your clients, as well as an email template to help you sell.

Get the guide