Kyoto University recently reported that as a result of a defective software update, 77 TBs of research data was wiped from its supercomputer. According to the university, 34 million files from 14 research groups were deleted and a third of the lost data will not be recovered due to lack of additional backup copies.
There is a common misconception that backups stored locally are somehow safer than backups that are stored in the cloud, and I assume that Kyoto University was storing their backups locally. Had those backups been stored in the cloud, and particularly in a cloud that offered immutable storage – which prevents data from being tampered with or deleted, even by an administrator – it is likely that backups would have been unaffected by the software upgrade and would have allowed the University to recover nearly all the lost data.
The modern threat landscape
The data loss at Kyoto University must be devastating for the scientists and researchers who may have lost years of work. It underscores the need for universities to modernize their IT infrastructures to protect against such massive data losses like in Kyoto, and other ongoing threats like ransomware, natural disasters that can destroy on-prem servers, and human error.
Ransomware is still the number one threat facing university data globally. Education institutions are now being routinely targeted, with the number of attacks against universities increasing by 100 percent from 2019 to 2020. Something that will always be true is that ransomware infections, more frequently than not, occur because of user error or carelessness. People are human and they make mistakes. They fall for scams, they get tricked into giving out their credentials, or they get tricked into clicking on and installing malware. Most of the security industry focuses on intrusion prevention and detection. But it’s a losing battle because the vulnerabilities are not just technical – they depend on people never making a mistake. And that’s not likely to ever be the case.
So rather than obsessing over the latest firewall technology or intrusion detection software, it’s often better just to have everything fully backed up. Restoring data is one thing, but in many cases the only way to get rid of ransomware is to wipe the computer’s disks and start afresh. That means IT teams have to reinstall operating systems and other foundational software, plus all of the applications in order to restore the data. This transition should involve moving away from on-premises data storage and towards the cloud.
Backing up data in the cloud
The vast volumes of research data and multiple departments requiring access to data, as well as sensitive personal information on students and faculty, make the data storage requirements for higher education institutions vastly different from other industries. And in the event of a massive data loss incident, universities need to be back on their feet in a matter of minutes, rather than days. With this in mind, the cloud has become a lifeline for many higher ed institutions as it promises the scale and capacity needed to archive, protect, and easily access data at a moment’s notice.
- Defining high-quality microcredentials for higher ed - May 20, 2022
- Modern lab equipment is key to revolutionizing STEM learning - May 17, 2022
- Is unbundling the future of higher education? - May 16, 2022