News

Why Backup Shouldn’t Be Forgotten As A Vital Part Of Cyber-security

Tue, 11/07/2017 - 06:27
Redstor_Why_backup_should_not_be_forgotten_blog
Data Backup , Data Protection

The Cyber-security industry is a changing landscape that has adapted to the world around it. Innovative technologies and threats a like, the cyber-security industry has had to come up with current ways of protecting users and their data. Existing threats such as ransomware have accelerated in volume and severity, becoming common place in the modern world, but there are existing solutions that shouldn’t be left gathering dust when it comes to combatting these threats.

Backing up all data is best practice that organisations of all sizes should adhere to. Industry regulations and legislation do a good job of ensuring this takes place a lot of the time, but when it comes to implementing new and complex technologies, backup should not be forgotten.

 

Fail to plan, plan to fail.

The main aim of cyber-security is to ensure that critical business data and systems are protected from threats that would result in downtime or a denial of service. One of the simplest ways to minimise downtime is through the implementation of a Business Continuity Plan. A Business Continuity Plan, commonly referred to as BCP, is a high-level plan detailing what approach an organisation will take in an emergency. This should detail who is in the Emergency Response Team and also include a communications plan.

Following the global cyber-attack, GoldenEye, which took down many primary systems Maersk CEO, Soren Skou, commented that having no communications was a “shocking experience” and that with email systems out of use the company officials had to use WhatsApp on their private phones to continue operating.

The BCP should be detailed enough that it doesn't require regular changes, although it should be reviewed as and when new systems are put into place and on an annual basis to ensure that it is not outdated. Cyber-threats are difficult to anticipate and with the increasing volume of them it’s likely that most organisations will have to deal with one. If this happens, having an outdated BCP will do more harm than good.

 

Recovery in mind.

When struck with a cyber-attack the first step for any organisation is to understand the impact and to isolate the attack as much as possible, taking infected systems off a network if possible. Stopping the infection from overtaking the whole network will save time, prevent downtime and reduce the chance of operations being completely postponed.

Recovering from an attack can work in different ways, the type of attack and scale of it will affect this and in some cases a BCP will have to be implemented. As would be the case daily, the first port of call for recovering data should be a recent backup. If a backup is kept securely away from the primary network it is very unlikely that it will have been infected too, the same can’t be said for network attached backup servers or systems. Backup effectively acts as an insurance policy for the digital assets of an organisation, allowing critical information to be recovered should it be damaged or lost.

Recovering from a backup will often be the quickest method of recovering as well as the safest. Paying a ransom or working with cyber-criminals to get data back is no guarantee of the return of data and will leave systems open to the same threats time and time again.

 

How to choose a backup technology and vendor

The cloud backup and DR market is highly competitive and with so many organisations offering different services, can easily cause confusion when looking to review or refresh systems. With organisations having such varied environments to protect, manage and secure, finding one solution to fit all can be near on impossible. Consumers can be forgiven for thinking there are too many options available. Some of the areas to consider when selecting a cloud backup provider include:

  1. Internal requirements
  2. Security and compliance
  3. Certification and reputation
  4. What’s the implementation process

For a quick guide on what to consider when choosing a backup provider, watch the video here.

Recent Articles

Redstor_Alternative_accountancy_strategic_blog Redstor

Redstor Accounting For Financial Data Backups at The Alternative Accountancy Strategic IT Conference 2018

Continuing from a series of events in the first two months of the year, Redstor will be in attendance of this years, Alternative Accountancy... read more

February 20, 2018
Redstor_CryptoJacking_blog Data Protection

Crypto-jacker Leaves ICO In Its Wake

Cyber-attacks and ‘hacks’ made regular headlines throughout 2017, and in the UK the Information Commissioner’s Office (ICO), was there to oversee all... read more

February 15, 2018
Redstor_100Days_to_GDPR Data Protection

100 Days To Go…

Wednesday 14th February 2018, valentine’s day, but more significantly it’s 100 days until G-day. May 25th, 2018, the day on which The General Data... read more

February 14, 2018