Theft, ransomware and vandalism- Securing your data is getting tougher

(Image credit: Image Credit: The Digital Artist / Pixabay)

This Sunday marked the 8th year of World Backup Day. What began as a light-hearted campaign to encourage end-users to create secure copies of their treasured photos and files is slowing morphing into a message for the business community: without data there is no business.

Most UK businesses are now part way through digital transformation, which is fuelled by data. Almost every business decision is based upon the data held, yet losing that data is worryingly easy. From equipment theft and accidents to security breaches and simply failing to backup, businesses have to work hard to safeguard their data. And with the growing sophistication of cyber attacks, both the prevention measures and the price you pay for failure are increasing.

In February, hackers breached the servers of a US email provider, wiping the data from its US servers in what was termed an ‘attack and destroy’ incident. The firm did have backup measures but they weren’t secure enough to prevent the attackers from infiltrating their backup servers. No ransom, just an act of vandalism that put the company out of business overnight.

This senseless attack illustrates the point: we cannot overestimate the importance of data or its security. Fortunately, there are steps all businesses can take to protect their most precious asset.

Understand the value and location of your data

Your critical data is not just in your datacentre. It’s likely to be dispersed right across the organisation, from HR and marketing to sales databases and financial systems. It could be a spreadsheet attached to an email, but if that’s the only copy, and that data has a high value to the organisation, then that spreadsheet is critical data.

Understanding where the data is located and knowing its value is essential to determining your data protection policy. It’s not feasible to back up every single piece of data, so knowing what matters is crucial. This is where data discovery and classification do the heavy lifting, increasing your visibility of where data resides on the network, the endpoint and in the cloud, and allowing you to create scalable security solutions to protect that data.

Arm yourself against ransomware

While it’s not an uncommon occurrence for organisations to lose servers or for data centres to go down and return without their data, most businesses do now have their most important data backed up. This has historically been used as protection against ransomware, a form of malware which locks the user out of their device or files and then demands a monetary ransom to restore access. However, cyber criminals have evolved their malware to search out and encrypt backup servers as well as the primary data store so it is important to ensure backup systems are adequately protected from attack.

In 2018 there were 4.7 million ransomware attacks, down 50 per cent from the previous year, but still alarmingly high. And while attacks have decreased, they have become more targeted meaning Enterprises and SMBs alike need to do more to protect their data.

Backup is critical as it enables lost or ransomed data to be restored and business disruption minimised. Encrypting data will protect against data theft but without appropriate protection for the data backups, corporate data can still be destroyed or rendered inaccessible during a cyber attack. Making sure backup systems are suitably distanced from the primary data is critical, if there is a link, cybercriminals can find a way in.

Put the right policies in place

It bears repeating that businesses must understand the value of their data and where it’s located. Discovery and classification enable a security policy to be applied to data and provides a platform for automated backup policies.

In order to build the most effective defences, you need a policy which delivers a level of protection that is appropriate to the value of the data. The policy should dictate different levels of resilience for your tiers of data. For really critical data, the best line of defence is to keep it secure on a completely different, non-digital system.

Don’t forget your role in cloud security

If you put your data into the cloud, don’t be fooled into thinking your cloud providers are responsible for security. They will, of course, ensure your data is secure from external attacks, but they can’t control your access policy. If you get breached internally then criminals can get access to your cloud-stored data. Poor user awareness and lax password policies can leave the door to the cloud wide open, so security must be made a high priority.

As with any security threat, internal training can create an extra line of defence. By training employees to spot and stop phishing emails and other forms of social engineering, organisations can prevent accounts becoming compromised and protect their data and backups from attack.

Your data is a valuable commodity and should be treated as such. By understanding its value, taking steps to remove links between your operating environment and your backup servers, and by protecting your business from ransomware attacks, you know you’ve done the best job you can.

Alastair Broom, Security Practice Director, Logicalis UK
Image Credit: The Digital Artist / Pixabay