Are data protection budgets rising enough?

By Dave Russell, VP, Enterprise Strategy, Veeam

The response of businesses to the pandemic became a huge proof of concept for technology – with organisations forced to make immediate investments in digital which would have normally been staggered over several years. However, increased technology budgets are a long-term trend rather than a short-term fix. This reflects the fact that businesses are focused on building more resilient ecosystems and marketplaces. This trend will continue as enterprises become more agile and future-proof their business models against digital disruption.

The Veeam Data Protection Trends Report 2022 shows that businesses are facing a data protection emergency. The number of organisations failing to protect data is climbing. While this goes some way to explaining why data protection budgets are outpacing general IT spending, are they increasing enough to fully protect business continuity?

IT spending and platform diversity to rise

On average, IT leaders expect their organisation’s budget for data protection to rise by around 6%, according to the current Veeam research. While estimates understandably vary, Gartner’s most recent global IT spending forecast estimates the growth of around 5% in 2022 from 2021 – citing high expectations for digital market prosperity. We can draw at least two conclusions from this. Firstly, growth in data protection, as would be expected, continues to ride on the wave of mass digitisation and cloud acceleration. If one goes up the other must go with it. Secondly, businesses are playing catch-up when it comes to data protection. While 6% may not feel like a significant increase on 5%, every 1% is the equivalent of billions of dollars in real terms. So, why are data protection budgets outpacing general IT investments?

There are two answers to that question. The first is that, simply put, organisations can’t protect all the data they need to protect. According to our research, 79% of UK organizations have a protection gap between how much data they can afford to lose after an outage and how frequently data is backed up. The second answer is more complicated as it involves looking at causation. There is no single reason as to why businesses are finding protecting their data more challenging than ever before.

There are multiple reasons for this phenomenon. A prominent issue is that the platforms businesses store and use data on are changing, which means the necessary data protection solutions, protocols, and required skills change as well. In terms of platform diversity, we are surging at pace towards a new normal for modern IT with a 50/50 split between on-premises servers and cloud-hosted servers. Looking deeper, within the data centre there is a consistent expectation for both physical and virtual platforms, while within the cloud there is a healthy mix of both hyper scale and managed service provider (MSP) hosted infrastructures. The two key takeaways from these trends are that the data centre is neither dead nor dying. There are still as many good reasons to run a workload on-premises as in the cloud. Furthermore, data protection strategies must accommodate physical, virtual and multiple cloud-hosted options, as well as increasingly popular Kubernetes environments.

Data protection meets SaaS

One of the drivers of the accelerated use of cloud services is the trend of organisations consuming apps as a service. The ongoing explosion in Software as a Service (SaaS) changes the dynamic of how organisations protect data. One such nuance is the danger of IT admins assuming that SaaS apps are equipped with native backup and recovery solutions that meet the standards of a Modern Data Protection strategy. A good example of where such an assumption can prove costly is when using Microsoft O365. While in-built data protection capabilities can give businesses a certain amount of reassurance that most O365 data is backed up and protected, the only way to gain true peace of mind is via a third-party backup solution. Protecting SaaS data beyond built-in backup and recovery functions is imperative given that 42% of UK organisations reported accidental deletion, overwrite of data, or data corruption as a primary cause of IT outages.

The second impact the move to SaaS is having on data protection strategies is the sheer increase in data that needs to be protected. Data volumes are increasing all the time and cloud acceleration only facilitates this trend

further. To stop the gap widening further, businesses need scalable data protection solutions which provide the capacity to keep pace with rising volumes of data and apps. The answer to this is cloud-based backup and data protection. Two thirds of UK businesses currently use cloud services as part of their data protection strategy, and this will rise in the next 12 months. Furthermore, the ability to protect cloud-hosted workloads is considered the most important buying factor for enterprise data protection in 2022 by IT and business leaders. To summarise, organisations are using more cloud, they understand that they need to protect cloud data, and plan to deploy cloud-based data protection measures such as Backup as a Service (BaaS) and Disaster Recovery as a Service (DRaaS) to protect it.

Returning to the central question: are data protection budgets rising enough? The diplomatic answer is that there is currently a lot of ground to make up. The exponential rise in data volumes means there’s more data to protect while increasing platform diversity means data protection strategies are gaining in complexity. It is likely that data protection budgets continue to outpace general IT spending as businesses gradually look to close that gap between how much data they can afford to lose and how much data they can adequately protect. Of course, spending more isn’t the only answer. Modern Data Protection solutions leverage cloud-based backup and recovery will improve the economics of protecting data at scale – meaning businesses can back up more for less. So, organisations are best advised to work with an expert partner to devise a Modern Data Protection strategy that delivers the business continuity solution within an appropriate budget.

By Federica Monsone, founder and CEO of A3 Communications, the data storage industry PR agency.
By Amit Dhingra, Executive Vice President at NTT Ltd. Network Services.
By Dan Gora, Cloud Security Architect & Regional Discipline Lead at Eviden, an Atos company.
By Manu Puthumana, Vice President - Cyber Defense Services, Mphasis.
BY Alex Jones, Director of Kubernetes Engineering at Canonical.
By Robin Tatam, Senior Director of Product Marketing at Puppet by Perforce.
Zeki Turedi, Field CTO Europe, CrowdStrike