In today’s digital-first world, data is the lifeblood of nearly every organization. Yet, many businesses still treat data protection as something to check off a list rather than a strategic imperative. Our CEO, Richard Brown, says this mindset is soaked in risk.
“Some companies are checking a box that, in essence, says, ‘Yeah, we’re backing up some data,’” Brown explains. “But they don’t take data protection seriously enough; it’s much more than just backups.”
Begin With the End in Mind
Brown emphasizes the importance of planning for disaster recovery from the outset. Too often, organizations fail to consider how they would recover their business operations in a crisis—be it a cyberattack, natural disaster, or system failure.
“They don’t think about the end or what happens in an actual disaster, which goes back to planning for that disaster and doing test runs or tabletop exercises,” he says. These simulate real-world scenarios, helping companies identify gaps in their incident response and disaster recovery plans and improve their response times.
The 3-2-2 Rule of Data Protection
One of the foundational principles Brown advocates for is the updated 3-2-2 rule: three copies of data, stored on two different media types, with two copies offsite—ideally in geographically diverse locations.
“The old standard was three copies of the data: your primary production copy, a second copy, and an offsite copy,” Brown explains. “With today’s connectivity and public storage options, we can easily move a couple of copies offsite.”
Cybersecurity: The New Disaster
While traditional disasters like fires and floods are still threats, Brown notes that most data loss incidents today are cyber-related.
The rise of AI-generated malware has made it easier for less sophisticated attackers to launch devastating ransomware campaigns. Unlike the organized crime groups of the past, today’s threat actors often lack any incentive to leave you alone.
“They’ll ransom you the first time to get your data decrypted, then ransom you again to stop them from posting the data, and then they’ll ransom your employees or customers,” Brown says. “They’re relentless—and expensive.”
The Role of Immutability
To combat these threats, Brown stresses the importance of immutability. “This means that once you write data somewhere, it cannot be erased for a period of time,” he explains. “That gives us some time to manage things if something occurs to the data.”
However, immutability comes with trade-offs. Due to storage limitations, keeping everything forever isn’t feasible, so businesses must strike a balance between security and cost.
Flexibility and Trade-Offs
According to Brown, Emerge’s ability to adjust to each customer’s needs sets it apart. Ultimately, data protection is about making informed trade-offs. Brown likens it to choosing a restaurant based on price.
“Are you looking for the one-dollar sign option or the two-dollar option?” he asks. “We can give you the most secure solution ever, but it will cost more.
“We have a lot of flexibility in the data protection solutions we can deliver,” he says. “Depending on whether the customer is more budget-conscious or protection-and-recovery-conscious, we can provide different options.”
This flexibility extends to recovery time objectives (RTO) and recovery point objectives (RPO). For example, a business might not be comfortable with a two-to-five-day recovery window until it sees the cost of shortening it.
“You say up to five days to most people, and they’re like, ‘Oh, that sounds like a long time.’ And then you show them the cost to make it shorter, and they’re like, ‘You know what? Two to five days is just fine’,” Brown says.
Emerge helps clients find the sweet spot between affordability and security, ensuring that their data protection strategy aligns with their business needs and risk tolerance.
A Plan is Nothing Without Practice
Emerge doesn’t just build plans—it practices them. Brown describes how his team runs regular “fire drills” to ensure they’re ready to respond to any incident.
“We take time, usually twice a year, and we run through our plans as a leadership team,” he says. “Everybody knows where to go and what to do when that alarm gets pulled.”
That way, when an actual response is called for, the team can get right to work with the help of open communication bridges, real-time dashboards, and clearly assigned roles, all of which contribute to faster, more coordinated responses.
The Bottom Line: Protecting Your Bottom Line
Brown’s message is clear: data protection isn’t just about having backups—it’s about having a plan and practicing that plan so you’re ready to protect your business when disaster strikes.
“Your disaster recovery plan is only as good as the practice you put into it,” he says. “If you don’t test it, you don’t know what you’re missing.”
Of course, you also need a team with the right skills. “At Emerge, we have exceptional engineers who like to run toward the fires and fix things,” Brown says. “This sort of attitude and in-depth experience are invaluable during a data crisis.”
In a world where data is constantly under threat, preparation and experience can make all the difference—and save your company countless sums.
