With cyberattacks growing in sophistication and frequency, well-intentioned security professionals rely on a variety of tools to help them be proactive in protecting and backing up data. As the arsenal grows, however, many issues arise \u2014 including interoperability, management, governance, and usability.\nAdopting multiple tools also doesn\u2019t necessarily improve security response, and may achieve the opposite effect, according to the Ponemon Institute\u2019s 2020 Cyber Resilient Organization Study. It found that organizations are averaging more than 45 different tools. Those using more than 50 ranked themselves 8% lower in their ability to detect an attack, and 7% lower in terms of responding to an attack.\nSo, what are the challenges with using multiple data protection tools and backup systems for cybersecurity? That\u2019s the question we posed to members of the IDG Influencer Network, a community of journalists, industry analysts, and IT professionals who contribute their knowledge and expertise to IDG clients.\u00a0\n\u201cThere are serious risks of using too many different products to protect and back up data,\u201d said Sridhar Iyengar (@isridhar), Managing Director at Zoho Europe. \u201cCompanies, therefore, need to have a well-defined strategy and specific areas of responsibility to ensure it is crystal clear how data is accessed and used, plus how it is stored, shared, managed, and protected across the enterprise.\u201d\nWanted: Tools that are easy and interoperable\nToo many cybersecurity tools can be overwhelming, say the experts:\n\n\u201cThe most interesting problem with using multiple data protection and backup systems is their tendency for conflict. For example, IT might use SVN to back up files to a check-pointed file system. If everything fails, do you restore the check-pointed file system first or the SVN repository? Generally, there should be only one backup system.\u201d \u2014 Brent Kirkpatrick (@DrBKirkpatrick), Cybersecurity Consultant and Researcher at Intrepid Net Computing\n\n\n\u201cMany of these systems are deployed for a special cybersecurity purpose. But enterprise IT ecosystems are so interconnected that every platform can provide a back door to enter another unrelated part of the system.\u201d \u2014 Frank Cutitta (@fcutitta), CEO and founder, HealthTech Decisions Lab\n\n\n\u201cIf the solutions are not integrated, it is difficult and time-consuming to get a holistic view and react quickly without jumping from console to console and adapting to every available functionality.\u201d \u2014 Candid Wuest, Vice President of Cyber Protection Research at Acronis\n\nSpecifically, using multiple solutions can increase the time it takes for incident analysis and security system maintenance, not to mention the learning curve.\n\u201cThis can also introduce compatibility issues, where data from one system may not be able to be read by another, requiring more manual work, or additional applications to enable some form of compatibility,\u2019\u2019 says Topher Tebow, Senior Cybersecurity Researcher at Acronis.\n\u201cThe more software you have, the more pieces there are in your security puzzle, and you may even find that a normally secure piece of code will become vulnerable if combined with certain other pieces of code being present on the system,\u2019\u2019 Tebow adds. \u201cUsing a single multi-layered solution can help to ensure compatibility and reduce the risk of adding unexpected vulnerabilities on your systems.\u201d\nThe Influencers also pointed to other concerns when organizations use an overwhelming number of data protection and backup systems:\n\nEase of use. \u201cMost businesses today must protect data residing in multiple databases, proprietary apps, cloud file systems, and SaaS, and are operating a hybrid cloud or multi-clouds,\u201d says Isaac Sacolick (@nyike), president of StarCIO and digital transformation leader and influencer. \u201cIt's a significant challenge to provide seamless access to authorized employees while protecting data at rest and in transit from ransomware, device vulnerabilities, and disasters.\u201d\n\n\nStaffing. \u201cCan a cybersecurity team find and keep the needed expertise internally to use those multiple systems? That can be a tall order in some markets today,\u2019\u2019 says Will Kelly (@willkelly), Technical Marketing Manager for a container security startup.\n\n\nTechnical debt. \u201cThere\u2019s also the audit and reporting debt when teams have to do added work for audits and reporting because they\u2019re using multiple tools and systems,\u2019\u2019 Kelly adds.\n\nMultiple headaches\nThe experts also had a lot to say about the issues multiple tools can cause with collaboration and data access:\n\u201cOrganizational collaboration is difficult when different data protection tools perform similar functions, as it may be unclear how to allow a collaborator to access or modify data. Something as simple as data classification and labeling becomes overly complex and a nuisance to end users if they need to set a label in multiple locations, particularly when the labels are not consistent across tools.\u201d \u2014 Kayne McGladrey (@kaynemcgladrey), Cybersecurity Strategist at Ascent Solutions\n\u201cWe found that we need multiple data protection tools because none of the tools fully meet our cybersecurity needs. Plus, all tools must be accessible for my staff that is using and implementing them. Often, the cybersecurity tools are not accessible. So we get limited, and sometimes not as robust, options when we select tools that our entire team can use.\u201d \u2014 Debra Ruh (@debraruh), CEO of Ruh Global IMPACT and Executive Chair of Billion Strong\nWith a multitude of tools and backup systems comes the need for proper coordination and management:\n\u201cThe main challenge is coordinating and normalizing all of the information from the various tools. While it is one thing to have a tool, the administrator must be trained and know how to use it to get any benefit from it. Multiple backups also need security. And if it is regulated data being backed up, there is a risk in just having that data, which is yet another reason for tokenization.\u201d \u2014 Ben Rothke (@benrothke), Senior Information Security Manager at Tapad\n\u201cThe key with any data protection plan is to make sure you have documented what data you are trying to protect. This would also cover what tools are protecting each data class. Using multiple tools and\/or vendors can be more complex and cause things to be missed or mismanaged if objectives are not clearly stated and processes not clearly documented.\u201d \u2014Adam Martin (@colttrickle), IT Director\nThere\u2019s also an impact on end users. \u201cOne of the problems workers always talk about is how they must interface with too many different systems,\u201d says Jeff Kagan (@jeffkagan), industry analyst columnist. \u201cMost workers are not IT workers. Yet, this is the world they are forced to work in.\u201d\nVisit Acronis to learn more about an all-in-one solution, and try it for yourself with a 30-day trial.