In this article, we examine why it always pays to have a Cloud backup plan as part of your cyber security and data protection safeguards.
An uncomfortable truth
Ransomware is a hot topic right now. One of Europe’s largest consumer electronics retailers, MediaMarkt was hit by a massive ransomware attack in November 2021. The attack affected everything from thousands of servers to in-store POS (point-of-sale) systems.1 Designed to take your corporate data hostage, ransomware is a growing problem, and no one is safe. Globally, it’s estimated that ransomware affects another company every 40 seconds. Ransomware attacks doubled during 2021 compared with 2020 levels.2 Overall, cybercrime cost the UK economy £3.1bn last year. The statistics are alarming, but also hide an uncomfortable truth. Many organisations fail to take the most basic precautions to protect themselves.
Upgrades, patches and version control
Back in 2017, the WannaCry ransomware attack revealed just how many firms were still running old, unpatched, unsupported versions of Microsoft Windows. In 2016, it was found over 60% of UK SMBs placed themselves at needless risk by continuing to use old, unsecured versions of Internet Explorer (IE). Certainly, there is no such thing as 100% security. However, you are not powerless. You can mitigate the risks of becoming a victim. You can also reduce the impact of an attack, should the worst happen. Of course, malware isn’t the only threat you face. Security breaches and data loss happen for a variety of reasons such as human error, accidental damage and theft. Nevertheless, the consequences can be just as catastrophic.
Human error
While the multitude of threats from malware and hackers might cause sleepless nights, the real danger to your corporate data is closer to home. According to the Information Commissioner’s Office (ICO), human error remains the main cause of data breaches in the UK. Staff need much better training and greater awareness of everything from opening suspicious emails to using unsecured file-sharing apps.
Anti-virus
Although major ransomware attacks like Colonial Pipeline cause a media storm, the fact is that most enterprise-grade anti-virus applications, such as Webroot, can stop malware at the point of attack.3 The point here is having robust endpoint security policies and oversight of all the devices that connect to your network. How’s your BYOD policies? Do you know which employees use personal devices on your network? Naturally, anti-virus is only as good as the latest update, the consistency of its deployment, and your firm having an integrated approach to network security.
Advanced security
In the popular video game, Resident Evil the shadowy Umbrella Corporation creates a highly advanced, self-aware, and homicidal security system called the Red Queen. The Red Queen adapts, evolves and anticipates new security threats, making her a formidable adversary. Today’s advanced security systems might not be up to Red Queen standards yet, thank goodness, but they are evolving fast. Solutions such as Cisco Umbrella give organisations greater visibility and control of all Internet connected devices, over all ports, even when the users are off the corporate network. Umbrella does some clever stuff, learning from Internet activity to spot the tell-tale signs of a potential attack before it ever happens.
Backup plans
Regrettably, bad things happen, even to the most prepared organisations. Human error, hardware failures, malware attacks, power outages and natural disasters. When the worst happens, it pays to have a backup plan. That means multiple secure data backups of all your company information, so everything is quickly recoverable.
While 90% of businesses do backup their data only 41% do it daily. However, 68% still lose data because of accidental deletion, hardware or software failures, out-of-date or unreliable backup systems.4 The result is that critical data is either corrupt, out of date or missing when it’s needed most. Eliminating ransomware, for example, will require you to wipe your IT systems. So, you’ll need a companywide data backup plan to quickly recover from the attack. The more frequent the backups, the less data is lost.
Strategy
Whatever your industry, online data backup, archiving and recovery are critically important. You must develop a clear strategy. First, you will want to think about just how much data you’re going to generate, it’s probably a lot more than you would imagine. On the plus side, the costs of storage have fallen dramatically.
Redundancy
Next, you need to plan for redundancy. What happens if your backup fails? An on-premise server can instantly restore lost or corrupt data to the local network, but not if the building burns down, floods or collapses due to an earthquake. Then you will be glad of your Cloud backup. It means you can find a temporary office, recover your data and be back in business quickly.
Compliance
You will certainly want to think about your legal and regulatory obligations around data storage, Cloud backup and recovery. Highly regulated industries, for example, have rules around data handling, retention, disposal and auditing. Not all data is created equal, so you might want to adopt different data backup and retention policies for business critical and non-critical records.
Remote workers
Over 30% of a company’s data resides locally, on PCs, laptops and mobile devices. However, laptops are vulnerable to theft, damage, human error, mechanical failure and malware. Adopting an automated, secure Cloud backup service ensures the integrity of your data, wherever it resides, even outside the corporate firewall (security system), making it the perfect solution for remote workers.
Cloud-to-cloud
Finally, some firms rely heavily on Cloud-based applications such as Office 365 and Salesforce. Certainly, these services are highly resilient and secure. However, many Cloud-based applications have limited data retention periods, which is no good if you are a regulated industry that must retain every email and document for 7 years. Some vendors offer extremely limited liability when it comes to compensating you for lost, stolen or corrupt data. Only you know the true value of your data to your business. Of course, having all your data reside with one vendor gives them a lot of power and makes it harder for you to go elsewhere. Having a distributed backup solution gives you some leverage when renewing your service subscription and makes migrating to another service provider easier.
The reputational and financial cost of a high-profile cyberattack or data breach can be immense. Among the 39 per cent of businesses that identify a data breach or cyber-attack, one in five (21%) end up losing money, data or other assets. One-third of businesses (35%) reported being negatively impacted regardless, for example, because they require new post-breach measures, have staff time diverted or suffer wider business disruption.5 At Modern Networks, we understand the importance of having a secure, fully integrated data backup, storage and recovery strategy. We are always happy to discuss your business needs, provide expert advice and practical solutions. Contact us for more information.
Sources:
Images courtesy of Freepik.com