Why Backup Shouldn’t Be Forgotten As A Vital Part Of Cyber-security
The Cyber-security industry is a changing landscape that has adapted to the world around it. Innovative technologies and threats a like, the cyber-security industry has had to come up with current ways of protecting users and their data. Existing threats such as ransomware have accelerated in volume and severity, becoming common place in the modern world, but there are existing solutions that shouldn’t be left gathering dust when it comes to combatting these threats.
Backing up all data is best practice that organizations of all sizes should adhere to. Industry regulations and legislation do a good job of ensuring this takes place a lot of the time, but when it comes to implementing new and complex technologies, backup should not be forgotten.
Fail to plan, plan to fail.
The main aim of cyber-security is to ensure that critical business data and systems are protected from threats that would result in downtime or a denial of service. One of the simplest ways to minimize downtime is through the implementation of a Business Continuity Plan. A Business Continuity Plan, commonly referred to as BCP, is a high-level plan detailing what approach an organization will take in an emergency. This should detail who is in the Emergency Response Team and also include a communications plan.
Following the global cyber-attack, GoldenEye, which took down many primary systems Maersk CEO, Soren Skou, commented that having no communications was a “shocking experience” and that with email systems out of use the company officials had to use WhatsApp on their private phones to continue operating.
The BCP should be detailed enough that it doesn't require regular changes, although it should be reviewed as and when new systems are put into place and on an annual basis to ensure that it is not outdated. Cyber-threats are difficult to anticipate and with the increasing volume of them it’s likely that most organizations will have to deal with one. If this happens, having an outdated BCP will do more harm than good.
Recovery in mind.
When struck with a cyber-attack the first step for any organization is to understand the impact and to isolate the attack as much as possible, taking infected systems off a network if possible. Stopping the infection from overtaking the whole network will save time, prevent downtime and reduce the chance of operations being completely postponed.
Recovering from an attack can work in different ways, the type of attack and scale of it will affect this and in some cases a BCP will have to be implemented. As would be the case daily, the first port of call for recovering data should be a recent backup. If a backup is kept securely away from the primary network it is very unlikely that it will have been infected too, the same can’t be said for network attached backup servers or systems. Backup effectively acts as an insurance policy for the digital assets of an organization, allowing critical information to be recovered should it be damaged or lost.
Recovering from a backup will often be the quickest method of recovering as well as the safest. Paying a ransom or working with cyber-criminals to get data back is no guarantee of the return of data and will leave systems open to the same threats time and time again.
How to choose a backup technology and vendor
The cloud backup and DR market is highly competitive and with so many organizations offering different services, can easily cause confusion when looking to review or refresh systems. With organizations having such varied environments to protect, manage and secure, finding one solution to fit all can be near on impossible. Consumers can be forgiven for thinking there are too many options available. Some of the areas to consider when selecting a cloud backup provider include:
- Internal requirements
- Security and compliance
- Certification and reputation
- What’s the implementation process
For a quick guide on what to consider when choosing a backup provider, watch the video here.