Data Is Your Most Valuable Asset. How Are You Protecting Yours?

Uploaded on 2021-10-05 in FREE TO VIEW, BUSINESS-Services-IT & Telecoms, TECHNOLOGY--Resilience

Ransomware is increasing exponentially, year on year, as hackers realise that they can use your most significant asset against you.

Having the ability to back up your data is a necessity, not just due to nefarious actors potentially locking you out of your systems by deploying Ransomware, but also to protect you if your data is lost or corrupted due to human error, system failure or natural disaster.

A secure BackUp offers peace of mind and reduces the risk to your business, see it as an insurance policy for data.

So, What Is BackUp?

BackUp is the ability to create a copy, or duplicate, of data and store it in a different location, such as Cloud, external hard drive, disk, or removable storage facilities. This can then be used to restore any data loss, deletion and corruption or, to recover data from an earlier time.

The National Cyber Security Centre recommends keeping multiple BackUps and to logically separate them - three copies stored on two different media, with one off-site.

But Is BackUp Enough?

To protect business-critical data, you need an integrated approach of cyber protection, extending your backup capabilities with features such as next-generation anti-malware and endpoint protection with control.   The latest backup solutions provide a wide range of protection outside the fundamentals of copying data. One such area is immutable storage, which ensures your data can never be changed by a Ransomware program, meaning it will always be available to you whatever the incident. Unfortunately, not all BackUp solutions provide this, which means you will never know where the malware is within your data, nor can you use your data for fear of the malware launching.

Another feature of these advanced backup systems is integration and automation to on-premises servers and endpoints, such as laptops and PC's, to provide increased productivity for IT support staff, as many of the day-to-day tasks are managed by the system and will reduce operating costs and complexity, giving a real return on investment. Furthermore, deploying endpoint controls can provide a full backup of an endpoint and if it malfunctions, a new unconfigured device can be shipped to the user and operating system with all of the data and company policies automatically configured remotely, by the central backup server. This brings the user back online quickly with minimal hassle for the IT department.

Securing all endpoints with next-generation cyber protection is proven to minimise the risk to the business. It dramatically reduces security incidents and breaches keeping the organisation compliant with the many data protection legislations in force. 

Working Alongside BackUp Is Disaster Recovery

Disaster Recovery focuses on the protection and restoration of data, files and systems should the worst happen to your business infrastructure and is a key element to the three pillars of cyber security - confidentiality, integrity and availability.

The main purpose of disaster recovery is to bring operations to a normal operating state with minimal data loss, recovering individual files, applications, systems, and access credentials, thus limiting business disruption. However, 70% of businesses are likely to suffer from business disruption in 2022, due to unrecoverable data loss, inability to trade/invoice for an extended time and even loss of market share.

When considering the value versus cost-benefit of a Disaster Recovery Plan you need to consider two things:

 1.  Recovery Point Objective (RPO): the last date a BackUp was taken and the decision as to how far back you want data to be made available. This will require you to consider the frequency of the backups required to run your business (once per day/every hour etc.) and the amount of storage needed to hold the data.

 2.  Recovery Time Objective (RTO): How long your business can operate without access to data or systems. Can the business survive for days or weeks or, do you need recovery in hours? This helps decide where the backed up data is held and if the connection to it can provide the speed of transfer needed to meet the RTO.

These two baselines will help you decide on how much data you are storing, how long it will take to install new servers/endpoints, the time needed to transfer your backed-up data onto the new servers/Endpoints and, to system test.

Having a robust disaster recovery solution can save a company tens of thousands of pounds and can be the difference between survival or business closure.

A common belief is that moving data to one of the global cloud service providers will provide all the backup and protection the business needs. However, none of the global players provide any guarantee about data recovery following a network outage. All they guarantee is service availability. 
 
It is the data owner's responsibility to back up their data, even cloud-based email and drives, and make it available in a form that can be deployed on other servers, whether cloud based with the current vendor, or to a new vendor.

Data has value, and needs devices to access and use it. Therefore, it seems logical to put in place a service that can protect that data, wherever it needs to be, and make it quickly available to anyone who needs it, even if their device has failed or, in the event of having to evacuate from a building. 
 
Simply having a copy of the data is not sufficient, you must wrap it around with a system that can protect and support it, everywhere.

Colin Tankard is Managing Director of Digital Pathways

You Might Also Read:

How to Protect Your Files From Ransomware:

 

« Facebook, WhatsApp & Instagram Suffer Massive Outage
Facebook Weakens Democracy & Harms Children »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 8,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Globalscape

Globalscape

Globalscape is a leader in secure data exchange solutions.

Prevalent

Prevalent

Prevalent takes the pain out of third-party risk management. Companies use our services to eliminate the security and compliance exposures that come from working with vendors and suppliers.

Carson & SAINT

Carson & SAINT

Carson & SAINT is an award-winning consulting firm with deep experience in cybersecurity technology, software, and management consulting.

Exein

Exein

Exein are on a mission to build the world’s first ecosystem for firmware security so that all different types of firmware are secure around the world.

SaltStack

SaltStack

SaltStack develops award-winning intelligent IT automation software. We help businesses more efficiently secure and manage all aspects of their digital infrastructure.

AnChain.AI

AnChain.AI

AnChain.AI's analytics platform proactively protects crypto assets by providing proprietary artificial intelligence, knowledge graphs, and threat intelligence on blockchain transactions.

SecuLetter

SecuLetter

SecuLetter is able to detect unknown attacks with hybrid approaches, static and dynamic analysis.

Crypto Valley Association

Crypto Valley Association

Crypto Valley Association is an independent, government-supported association established to build the world’s leading blockchain and cryptographic technologies ecosystem.

BotRx

BotRx

BotRx is the only AI-enabled, automated fraud protection technology that allows fast & easy deployment - continually keeping invisible bad bots and agents at bay, so you can rest easy.

Delfigo Security

Delfigo Security

Delfigo Security, a pioneer in intelligent authentication, provides a strong, multi-factor authentication solution to prevent identity theft and reduce fraud.

Beyond Encryption

Beyond Encryption

Mailock by Beyond Encryption is a secure email solution that allows businesses to exchange email securely, safe in the knowledge that their email can only be read by their intended recipient.

Technivorus Technology

Technivorus Technology

Technivorus is a deep-tech firm delivering customized Cybersecurity, Digital Marketing, Web & App Development, and multifarious IT services for businesses across the globe.

6WIND

6WIND

6WIND deliver virtualized, cloud-native, distributed high performance & secure networking software solutions to support new applications such as 5G, IoT, SD-WAN.

Vertex Cyber Security

Vertex Cyber Security

Vertex provide Cyber Security Services to small to large businesses including Advise, Consulting, Adding Security Partnership, Penetration Testing, ISO 27001-2 and Audits.

Alchemy Security Consulting

Alchemy Security Consulting

Alchemy Security Consulting specialise in offensive and defensive cyber security. We find the weak link in your security so you can patch it up fast and avoid being hacked.

Obviam

Obviam

Obviam specialize in providing security solutions tailored to meet the unique needs of each of our clients, no matter where they are in their security journey.