SecurityBrief Asia logo
Story image

The importance of knowing your data to be secure

20 Mar 2018

Security is a complex business. Last year, we witnessed a number of highly disruptive cyberattacks that impacted business operations, resulted in financial loss, and even harm (or continue to harm) the reputations of affected organisations. These high profile incidents, alongside increasing government legislation, highlight the need for organisations today to put security at the top of the business agenda in order to protect their most valuable asset – data.

The reality is, all enterprises have a responsibility toward their data – they have to be able to protect it, at all times, from all risk. Risk comes from a range of different places; internal, external and increasingly through technologies like cloud. But it’s impossible for businesses to protect themselves if they don’t know what they are protecting, and that’s not always as simple as it sounds.

Understanding where data is stored, and for what purpose, has therefore quickly become essential for businesses to bolster their security. Organisations must seek to understand what data they have – be it in the cloud or elsewhere – in order to better plan their cybersecurity strategies.

Where to start? Backup?

Businesses will often find themselves preoccupied with implementing security measures in a bid to keep attackers out, but it should not be their sole concern. While security is critical, it is widely acknowledged that attacks will occur and organisations will be breached. Therefore preventative security measures are only part of the picture. Being able to recover from a seemingly inevitable breach, or minimise the damage, is actually the mission critical part.

Data back-ups are able to protect businesses against internal and external threats by ensuring the minimisation of data loss scenarios. Having a secondary copy of data empowers information-driven organisations to strengthen their business continuity plans, minimises down-time, and enables a quick and fast recovery that provides businesses with a competitive edge when battling cyber threats today.

Don’t keep all your eggs in one basket

With 93 per cent of organisations using cloud services in some form, it is evident that the cloud has made a positive impact on businesses in today’s digital economy. However, business leaders should not rely on a single data storage type, or a single provider.

When an organisation’s cloud provider is targeted, attackers may choose to focus on the business’ administration control and quickly cut the victim off from their data in the cloud. This gives attackers the option to delete snapshots and backup copies of data at their leisure, eliminating all critical information and disrupting the business.

Business must take the additional step to keep data protected – that includes storing data in both on-premise and in the cloud. However, having multiple copies of data with good practices, still needs to be managed. Organisations that employ exceptional data management hygiene will always know where their data lives – across public or private cloud(s), on-premises or co-location sites – and will have specific data backups and processes in place to protect it. When an emergency occurs, data recovery for these organisations is fast and automated.

Last thoughts

Organisations must know everything about their data in order to keep it secure. Taking the time to understand the ins and outs of their data; including its whereabouts, uses and characteristics, whilst adhering to good data practices, is the only way organisations can avoid the long-term consequences of cyber attacks. At the same time, these practices have added benefits including improving redundancy, and assisting in developing a clear and automated disaster recovery plan.

Article by Commvault principal architect - APAC, Chris Gondek.

Story image
Users becoming more savvy with COVID phishing scams
“With COVID-19 being around for over a year now and employees becoming more aware of the types of scams that have come out related to the pandemic, cyber criminals are having less success with related phishing attacks."More
Story image
Kroll completes Redscan acquisition, expands cyber risk portfolio
With the addition of Redscan and its extended detection and response (XDR) enabled security operations centre (SOC) platform, Kroll expands its Kroll Responder capabilities to support a wider array of cloud and on-premise telemetry sources.More
Story image
New wormable Android malware discovered through auto-replies in WhatsApp
Check Point Research has discovered new malware on Google’s Play Store that could spread through WhatsApp messages. More
Story image
Egnyte ensures greater security across Microsoft 365 with latest integrations
The new integrations are aimed at helping mid-sized organisations prevent data loss, address a growing number of regional privacy regulations, and simplify the overall management of content with minimal administrative overhead.More
Story image
Five things ANZ businesses should know about storing customers’ data
Businesses need to correlate events intelligently across multiple threat surfaces, application layers, and time spans to connect event A, to event B, to event C — even if they are months apart.More
Story image
Financial malware activity dropped in 2020 as creators honed their wares
Cybercriminals used the time to plan more malicious propagation techniques, both new and evolved from previous methods.More