Security is a complex business. Last year, we witnessed a number of highly disruptive cyberattacks that impacted business operations, resulted in financial loss, and even harm (or continue to harm) the reputations of affected organisations. These high profile incidents, alongside increasing government legislation, highlight the need for organisations today to put security at the top of the business agenda in order to protect their most valuable asset – data.
The reality is, all enterprises have a responsibility toward their data – they have to be able to protect it, at all times, from all risk. Risk comes from a range of different places; internal, external and increasingly through technologies like cloud. But it’s impossible for businesses to protect themselves if they don’t know what they are protecting, and that’s not always as simple as it sounds.
Understanding where data is stored, and for what purpose, has therefore quickly become essential for businesses to bolster their security. Organisations must seek to understand what data they have – be it in the cloud or elsewhere – in order to better plan their cybersecurity strategies.
Where to start? Backup?
Businesses will often find themselves preoccupied with implementing security measures in a bid to keep attackers out, but it should not be their sole concern. While security is critical, it is widely acknowledged that attacks will occur and organisations will be breached. Therefore preventative security measures are only part of the picture. Being able to recover from a seemingly inevitable breach, or minimise the damage, is actually the mission critical part.
Data back-ups are able to protect businesses against internal and external threats by ensuring the minimisation of data loss scenarios. Having a secondary copy of data empowers information-driven organisations to strengthen their business continuity plans, minimises down-time, and enables a quick and fast recovery that provides businesses with a competitive edge when battling cyber threats today.
Don’t keep all your eggs in one basket
With 93 per cent of organisations using cloud services in some form, it is evident that the cloud has made a positive impact on businesses in today’s digital economy. However, business leaders should not rely on a single data storage type, or a single provider.
When an organisation’s cloud provider is targeted, attackers may choose to focus on the business’ administration control and quickly cut the victim off from their data in the cloud. This gives attackers the option to delete snapshots and backup copies of data at their leisure, eliminating all critical information and disrupting the business.
Business must take the additional step to keep data protected – that includes storing data in both on-premise and in the cloud. However, having multiple copies of data with good practices, still needs to be managed. Organisations that employ exceptional data management hygiene will always know where their data lives – across public or private cloud(s), on-premises or co-location sites – and will have specific data backups and processes in place to protect it. When an emergency occurs, data recovery for these organisations is fast and automated.
Organisations must know everything about their data in order to keep it secure. Taking the time to understand the ins and outs of their data; including its whereabouts, uses and characteristics, whilst adhering to good data practices, is the only way organisations can avoid the long-term consequences of cyber attacks. At the same time, these practices have added benefits including improving redundancy, and assisting in developing a clear and automated disaster recovery plan.
Article by Commvault principal architect - APAC, Chris Gondek.