Keeping Data Secure in the Always-On World

Written by

The nature of the modern business is to keep systems ‘always-on.’ As competition rises across all industries, maintaining customer service and experience is of the upmost importance. This means no downtime and no outages; however this plan is often disrupted when a cyber attack hits and organizations are forced to take applications and operations offline to combat attackers.

With news of breaches affecting nearly every sector and breaking almost weekly, it’s clear that all organizations face the same omnipresent threat of hacking and ransomware. While these threats are causing many CIOs to intensify their security efforts, the reality is that almost all computer systems are fallible to breach.

The effects of a data breach have a lasting impact on businesses. Not only does application downtime cost organizations millions of dollars in lost revenue and productivity, data breaches can also cost organizations their customer base and their reputation. When service slips, many customers will quickly start looking for alternatives if they don’t feel what they’re paying for lives up to their expectations.

How can organizations protect their data, while also keeping systems on to provide the best platform for employees so they can help their organization stay as agile as possible?

Implement disaster recovery plan to prevent downtime

Throughout the year, maintaining customer service standards during busy periods can easily fall by the wayside. Unfortunately, the threat of cyber-criminals and software bugs don’t go away just because security has slipped on the priority list when things get busy. Data theft is a booming business and an organization that does not back up their data is putting themselves at major risk.

Businesses should look to proactively protect their data with a strong and reliable backup and disaster recovery solutions. Leaders should start with an impact assessment to get a clear understanding of where disaster recovery fits within their overall strategy. Identifying the apps and processes critical for maintaining consistent quality of service will help determine things like ideal recovery targets.

Preparing for the worst – ransomware requests

With new research indicating that the cost of ransomware attacks more than doubled between Q3 and Q4 in 2019, organizations need to have a specific plan in place for these attacks.

The damage ransomware can inflict on businesses is staggering. For businesses who feel they have no choice but to pay cyber-criminals in order to unlock their files, they not only put their money at risk (as there is no guarantee their data will be returned), but also put their reputation at stake (as other criminals may see the business as a potential soft target).

The best remedy for a security breach is prevention. Offsite and offline backups not only mitigate the effects of ransomware, but when combined with the right security suite and employee awareness training, can help prevent the problem altogether.

There are a whole host of ways to externally backup data, from system disks and removable hard drives, to offline tape devices and cloud backups. Whichever option a business chooses, the backup repository itself must be protected against attack.

Safeguard data to remain compliant and operational

Despite the proliferation of sophisticated cyber breaches, always-on availability is a consideration many IT leaders are not prioritizing. For example, did you know that most organizations do not deliver on IT availability service level agreements (SLAs) or test backups to see if they can recover from an outage due to an attack? What’s more, today many teams are bogged down with administrative tasks. Lengthy reporting processes and internal emails prevent teams from focusing on valuable activities and initiatives, including backing up data.

A progressive business takes safeguarding data seriously not only to remain operational but also to remain compliant with data protection legislations like the California Consumer Privacy Act (CCPA) and General Data Protection Act (GDPR). Putting reasonable measures in place to safeguard data is now a basic expectation of data controllers by the Information Commissioners’ Office. The 3-2-1 approach, which involves keeping three copies of data on two different media, with one offsite, has been a common rule of thumb for good reason.

Ensuring that digital infrastructure is always accessible, active and backed up is vital for the health and success of an organization. Digital services are how modern organizations are reaching their customers, securing orders and innovating.

One cyber-attack can change everything: businesses should refocus their IT strategies to balance security and availability. The right backup solution should protect your data against unauthorized access, ensure data remains unchanged during storage and promise accessibility when and where it’s needed.

What’s hot on Infosecurity Magazine?