Identity Has Always Been Critical But Now It’s a Primary Risk

Jason Reid on April 13, 2026

Identity is now the control point for everything …

Identity has always played a central role in IT environments. From Active Directory through to modern identity providers, access control has long been a core part of how organisations manage systems and users.
What has changed is not the existence of identity. It is the role it now plays and the level of risk attached to it.

Across all IT environments, identity sits at the centre of access. Users connect to SaaS platforms like Microsoft 365 and Salesforce, cloud and on-premises infrastructure, and business-critical applications, all through identity.

That means identity is no longer just a layer within the architecture. It is the control point for it.

If identity is compromised, attackers do not need to bypass infrastructure controls. They can simply log in. And when they do, they do not just gain access to live systems. They gain access to the tools and data organisations rely on to recover. Backup infrastructure, recovery points, response capabilities. All of it becomes a target.

That is why immutability and covert protection, core capabilities within Assurestor’s NG platform, are so important. Ensuring backup data cannot be altered or deleted, regardless of who has access, removes one of the most critical leverage points an attacker can exploit.

The attack surface has changed …

For a long time, protection strategies focused on infrastructure. Servers, storage, networks. That made sense because that is where the risk lived.

But environments have changed, and so has the way attacks happen. Today, most successful attacks do not break through walls. They walk through the door using stolen or compromised credentials. They target identity platforms directly. They escalate privileges quietly, moving through systems without triggering the alerts that traditional infrastructure controls were built to catch.

This changes what organisations need to think about. It is no longer just about keeping attackers out. It is about what happens when someone is already inside, using access that looks completely legitimate.

The recoverability gap …

Identity resilience is the ability to back up, recover and restore identity configurations, access policies and user data quickly after a breach or outage. Yet one of the most common conversations we have with organisations is around a belief that because identity sits within a major SaaS platform, it is automatically protected. It is an understandable assumption, but it is one that leaves a lot of organisations exposed.

According to Gartner’s 2024 IAM Leadership Survey, 54% of organisations have seen an increase in identity-related breaches, with one in three experiencing business interruptions, financial loss or regulatory penalties as a result. The gap between assumption and reality is not just a security problem. It is a business risk.

Most identity platforms are built to handle authentication, availability and access management. What they are not built to do is provide independent backup of identity data, recovery of configurations, rollback of changes, or protection against actions that are accidental or deliberate.

That creates a gap. Not in access control, but in recoverability. An identity platform being available is not the same as it being recoverable. Configurations, policies, roles and access rights can be changed, corrupted or deleted. Without independent protection, restoring them to a known good state is not straightforward. In a real incident, that gap can significantly extend recovery time and the overall impact on the business.

“Assurestor’s latest Next Generation (NG) platforms include broad support to protect the key identity providers used by modern organisations, including Microsoft Entra ID, Okta Identity Cloud and AWS IAM.”
Jason Reid, Managing Director, Assurestor

Identity is now a resilience issue …

Identity has traditionally sat within the security function. But in practice, it now touches far more than that.

When identity is compromised, the consequences spread quickly. Access to SaaS platforms can be disrupted, data can be altered or deleted, and privileges can be escalated across multiple systems. In serious cases, entire environments can be affected before the incident is even detected.

At that point, the challenge is not prevention. It is recovery. And recovery requires more than good security tooling. It requires the ability to restore identity to a known good state, quickly and with precision. That is why identity now sits at the intersection of security, data protection and disaster recovery, and why organisations that treat it as a resilience issue are in a much stronger position when something goes wrong.

“Identity is no longer just a security concern, it is a business resilience one. Organisations that protect and recover their identity systems with the same rigor as their critical data are the ones that stay operational when things go wrong.”
Andy Fernandez, General Manager of AI and Cyber, HYCU

What organisations should be thinking about …

Protecting identity properly means treating it as part of a broader resilience strategy, not a separate workstream. That means ensuring identity data and configurations are protected independently, that recovery is fast and granular, and that identity is included in wider backup and recovery planning alongside SaaS, cloud and infrastructure.

The organisations getting this right are not necessarily the ones with the most tools. They are the ones that have closed the gaps the obvious tools leave behind. Find out how Assurestor’s NG platforms can help close those gaps.

Join the conversation …

We will be exploring identity risk and modern data protection in more detail in our upcoming session with HYCU.

Webinar: Identity and Modern Data Protection
7th May – 3.00 pm
We will be covering how identity risk is evolving, where traditional approaches fall short, and what organisations and partners should be thinking about next.

Register Here

Final thought …

Identity is not a new concept. But the role it plays, and the impact it can have when things go wrong, has changed significantly.
Protecting it properly is no longer optional. It is part of protecting everything else.

Strengthening Cyber Resilience for NetApp ONTAP with Backup2Cloud NG

Jason Reid on March 6, 2026

Unstructured data continues to grow rapidly across enterprise storage environments, and NetApp ONTAP platforms are no exception. File shares, application data, and user content all add value to the business, but they also increase the attack surface for malware and ransomware.

As cyber threats become more sophisticated, it is no longer enough to focus solely on protecting production systems. Organisations must also ensure that the data they rely on for recovery is clean, trusted, and free from hidden threats.

That is why we are pleased to announce a new capability within Backup2Cloud NG, powered by HYCU HCE, that enhances cyber resilience for NetApp ONTAP environments.

Malware scanning for ONTAP file data, without disruption
Backup2Cloud NG now supports malware scanning for NetApp ONTAP file data using YARA rules, enabling organisations to detect hidden threats without impacting production systems or backup operations.

This approach allows security and infrastructure teams to gain deeper visibility into their data while maintaining the performance and availability their users expect.

Unlike traditional antivirus tools that rely on scanning data as it is accessed, this capability operates out of band, meaning it does not interfere with live workloads or introduce delays during backup windows.

Why unstructured data is a growing risk
Unstructured file data often contains information that is infrequently accessed but highly valuable, such as historical records, shared documents, and application outputs. These files can remain unchanged for long periods, making them an ideal place for malware to persist unnoticed.

In many cases, organisations only discover infected files during a recovery event, when time pressure is highest and options are limited. Restoring compromised data can reintroduce malware into the environment, undermining recovery efforts and increasing business risk.

By proactively scanning file data for known indicators of compromise, organisations can identify and address threats earlier, before they have the chance to spread or resurface during a restore.

What YARA‑based scanning delivers
YARA rules are widely used by security teams to identify malware based on known patterns and behaviours within files. Rather than relying solely on file metadata or access activity, YARA examines file contents to detect malicious indicators that may otherwise go unnoticed.

With Backup2Cloud NG, this capability is applied directly to NetApp ONTAP file data in a way that is operationally safe and efficient. There is no requirement to pause production systems, no impact on user access, and no disruption to backup schedules.

Key benefits for ONTAP environments
This enhancement enables organisations to:

✔ Scan ONTAP file data for hidden malware without touching production systems

✔ Maintain normal backup performance and operational processes

✔ Detect threats earlier in the attack lifecycle

✔ Reduce the risk of restoring infected data after an incident

✔ Improve confidence in recovery outcomes

The result is a more resilient data protection strategy that focuses not just on recoverability, but on recovering clean, trusted data.

A practical step forward in cyber resilience
Cyber resilience is not achieved through a single tool or technology. It requires a layered approach that combines reliable backups, secure storage, and intelligent threat detection.

By extending malware scanning into NetApp ONTAP file data, Backup2Cloud NG helps bridge the gap between backup and security, giving organisations greater assurance that their recovery data can be trusted when it matters most.

If you would like to learn more about how Backup2Cloud NG can strengthen cyber resilience across your NetApp environment, please get in touch with the Assurestor team.

Introducing Assurestor NG: The Next Generation of Data Protection

Jason Reid on February 20, 2026

The data protection landscape is changing faster than ever. SaaS sprawl, cloud modernisation and the ongoing shift away from legacy virtualisation platforms are forcing partners to rethink how they protect customer data, and how they monetise it.

That is why we recently launched Assurestor NG, our next generation data protection platforms, built in partnership with HYCU and designed specifically for the way modern IT environments actually work today.

In the launch webinar, we introduced what Assurestor NG is, why we built it and how it opens up new opportunities for partners. Here are the key takeaways.

Why Data Protection Needed a Rethink
Three major industry shifts are reshaping where partners win.

1. The SaaS Explosion
SaaS backup is no longer just about Microsoft 365. Organisations are now running hundreds of SaaS applications, many of them mission critical. Yet protection remains inconsistent or missing entirely.

The result is increased cyber risk, data loss and compliance exposure, but also a huge and largely untapped revenue opportunity for partners.

2. Virtualisation Disruption
Recent changes in the virtualisation market have triggered widespread platform reassessment. Customers are renewing reluctantly, migrating to alternative hypervisors or modernising workloads into cloud or SaaS.

Each path creates complexity and demand for flexible, purpose built data protection.

3. Cloud Modernisation
As workloads move into public cloud and cloud native services, traditional backup models break down. Partners still need account control, predictable recurring revenue and a way to protect and monetise new cloud workloads properly.

These shifts do not happen in isolation. Many customers are dealing with all three at once.

What Is Assurestor NG?
Assurestor NG is delivered as two next generation platform services, both fully managed and supported by Assurestor and powered by HYCU technology.

Backup2Cloud NG
Built on HYCU Hybrid Cloud Edition, this platform focuses on protecting infrastructure workloads across VMware, Nutanix, Hyper V, Azure Local and public cloud environments.

It goes far beyond basic backup, delivering:
✔ Backup and recovery
✔ Disaster recovery
✔ Malware scanning and cyber resilience
✔ Mobility and workload migration
✔ Long term retention and archive
✔ Application discovery and compliance insight

All delivered as a fully inclusive service covering software, compute, storage and support.

SaaS2Cloud NG
Powered by HYCU R Cloud, this platform protects data across more than 75 SaaS and cloud services today, with coverage expanding continuously.

This goes far beyond Microsoft 365, extending to identity platforms, developer tools, collaboration services and other SaaS applications that often hold an organisation’s most valuable data.

Built for Partners, Not Complexity
Assurestor NG follows the same principles that Assurestor has been built on for 14 years.
✔ Wholesale consumption model, start small and scale fast
✔ Simple SKU based pricing with no smoke and mirrors
✔ Secure by design, with MFA, credential management and compliance built in
✔ Competitive positioning without a premium price penalty
✔ Fully managed by Assurestor so partners can focus on selling, not running platforms

Our partners do not need to worry about infrastructure, upgrades or platform operations. We handle that so they can focus on customers and margin.

Why SaaS Protection Is the Next Revenue Engine
The numbers tell the story.
✔ The average organisation runs 139 SaaS applications.
✔ 65 percent experienced a SaaS related breach in the past 12 months.
✔ 87 percent admit at least one SaaS application is inadequately protected.
✔ The average cost of a SaaS cyber incident is 2.3 million dollars.

SaaS data is everywhere and often nowhere near as protected as customers think.

Assurestor NG enables partners to protect infrastructure, identity and intellectual property across on premises, cloud and SaaS environments through a single ecosystem.

Why HYCU?
HYCU brings deep native integration across modern platforms, industry leading coverage for Nutanix and cloud workloads, SaaS first data protection at global scale and an industry leading Net Promoter Score of 91.

They were built for modern environments and that alignment made them the right partner for Assurestor NG.

HYCU has also been recognised as a leader in SaaS data protection, reinforcing the strategic direction behind Assurestor’s next generation platforms.

The Bottom Line
The modern data estate no longer stops at infrastructure, and neither can data protection.

With Assurestor NG, partners can protect more than 125 workload environments, differentiate in the fastest growing segments of IT, open new recurring revenue streams, retain account control as customers modernise and move faster with confidence.

The world of IT is evolving at pace. Assurestor NG is how we help our partners keep up and stay ahead.

Watch the Webinar

Assurestor Announces Next-Generation Data Protection Services Powered by HYCU, Delivering Unmatched Coverage Across the Hybrid Enterprise

Jason Reid on February 5, 2026

New Cloud and SaaS Data Protection Services Provide Partners with Powerful Backup and Disaster Recovery Options to Protect Data Regardless of Location

London, Feb. 5, 2026 – Assurestor, the total protection and data recovery company, today unveiled its next-generation data protection services, powered by industry-leading HYCU R-Cloud technology. Designed to meet the evolving needs of modern IT environments, these newest services provide comprehensive backup and disaster recovery across an exceptionally wide range of data sources, whether on-prem, in hybrid infrastructures, or across multi-cloud environments.

“Our partners need flexibility and depth of protection in order to protect and recover mission-critical data across their modern IT environments,” said Jason Reid, Managing Director at Assurestor. “Backup2Cloud NG and SaaS2Cloud NG help us expand our mission to bring the most comprehensive, yet easy-to-use, data protection solutions to our MSP and reseller partners. These new solutions represent a significant step forward for our portfolio and reinforces our commitment to deliver simple, powerful, and scalable data protection services so our partners can protect their customers’ data wherever it resides, across SaaS, Cloud, virtual, and physical environments.”

As a channel-only organisation, Assurestor is dedicated to equipping MSPs and resellers in the UK, and globally, with best-of-breed technologies that enable them to protect and manage their customers’ critical data with confidence.

The newly introduced Backup2Cloud NG and SaaS2Cloud NG platforms deliver advanced data protection capabilities that span the full spectrum of enterprise workloads.

Protect All Your Critical Data, Wherever It Lives

Leveraging HYCU R-Cloud’s modern, SaaS-native architecture, Assurestor’s next-generation offerings can safeguard:

✔ Cloud-native SaaS applications: including leading productivity and collaboration platforms used by organisations worldwide. HYCU has built extensive connectors to protect data hosted in SaaS environments such as Microsoft 365, Google Workspace, iManage Cloud, Salesforce, service management systems and many more applications.

✔ Virtual machines and hypervisor environments: comprehensive support for virtual workloads running on Nutanix, VMware, Hyper-V, Xen Server and other virtual infrastructures.

✔ Public, private and hybrid cloud workloads: unified protection for cloud instances and services across AWS, Microsoft Azure, Google Cloud and other major cloud providers, without compromising visibility or control.

✔ Physical servers and endpoints: robust backup for traditional physical systems, ensuring legacy and modern workloads are protected under one platform.

✔ Databases and enterprise applications: specialised support that enables backup and recovery of complex application data alongside file-level and image-level protection.

✔ On-premises infrastructure and data stores: complete coverage for in-house systems that remain critical to business continuity.

This breadth of coverage reflects HYCU’s leadership in delivering automated, scalable and secure data protection across hybrid and multi-cloud environments a capability that Assurestor now makes available to the channel ecosystem with its latest platforms.

By combining Assurestor’s channel-centric approach with HYCU’s broad source support and cloud-native engineering, these next-generation services set a new standard in data protection for modern businesses.

For more information on Assurestor, visit www.assurestor.com and connect with us on LinkedIn.

About Assurestor
Assurestor is a UK-based, channel-only backup and disaster recovery service provider focused on enabling MSPs and IT resellers to deliver enterprise-grade data protection services through a fully managed, service-led model.

Media Contact:
Lou Eddy
Louise.Eddy@assurestor.com