Security breaches are an ongoing threat in the digital landscape. The impact they pose on a data-driven business can be catastrophic. Being able to access sensitive personal or corporate data, compromise it, and take parts of your business offline while it is held to ransom, is something that no organisation can afford to experience.
By Kate Mollett, regional manager for Africa South at Veeam
With organisations of all sizes now embracing a hyper-available approach to data, renewed attention should be placed on keeping that data safe. The recent Liberty ransomware attack here has put the spotlight on what measures must be taken by South African businesses to mitigate the risks associated to data being available and accessible on a variety of platforms.
New technology, old tricks
It is inevitable that as companies move into an online environment and become increasingly cloud-based, the security requirements will be quite different from traditional ones that are easier to lock down. As attacks continue to evolve and target connected devices as entry points into the data network, the cyber security approach needs to adapt accordingly.
The reality is that there is no single solution that can secure every entry point into the business and protect against every piece of malware that is out there. Instead, businesses need to view this as an ongoing process to manage data and its security in the connected world with a variety of solutions and processes.
Organisations are struggling to effectively counteract the threat posed by ransomware; many simply don’t have the right defences in place, but sometimes even the basics haven’t been covered. For example, organisations I have engaged with still haven’t spoken to staff about malware in emails and clicking links they aren’t familiar with.
Others haven’t educated staff on how to recognise social engineering tactics by attackers, whereby the victim is tricked into clicking accept or giving the attacker physical access to a device.
Cybercrime: An industry in its own right
The cybercrime industry has become an extremely lucrative one. Ransomware attacks are still growing in volume for a simple reason – they work and generate significant revenues for the attackers. In the past, attacks generally tended to focus on damaging systems or defacing corporate websites. However, as data has become the lifeblood of any organisation irrespective the industry, company size, or geographic location, the financial benefits of holding files to ransom or selling information to competitors have become too good to pass up on.
This has seen the need to adopt security that better aligns to data governance and compliance, with GDPR and POPI going a long way to bring these concerns to the most senior leaders in a business. Plans should encompass the auditability of, and the access to data, as well as how quickly the business can recover when disaster strikes, and then notifying victims if their data has been affected.
Being hyper-available means a business cannot afford to lose access to its data. The disruption it can cause impacts not only the financial bottom-line but also the reputation of the company. A business therefore requires a robust security strategy that reflects the need to continually test its disaster recovery measures and examines the impact on productivity when there is downtime.
Solutions need to be put in place to ensure the ‘disaster recovery playbook’ of the business is up to date and reflective of the needs of a hyper-available society.
Addressing downtime
Working with data availability specialists that have a trusted partner network in place, can go great strides in combating the scourge of cybercrime. The security solutions that are put in place need to scale according to the needs of the business. It incorporates disaster recovery, business continuity, cybersecurity, and other elements designed to put safeguards in place dedicated on ensuring hyper-availability.
Some of the more innovative solutions out there, include features that provide a form of copy data management, enabling enterprises to use replicated operations data for development and testing. For example, this can be done to test recovery speed, security resilience or to develop new business processes, applications and systems. It also means companies can test patches before they are rolled out across the business environment on an exact copy of operational or production data. This will help determine whether the patches are effective or whether they affect other processes, without impacting the business’ operations.
Adhering to the 3-2-1 backup rule will also reduce the impact of a ransomware attack being successful. The rule recommends that organisations make three copies of all data; that they store those copies in two different environments, such as on-premise and in the cloud, and that they keep one backup copy offsite to keep it safe from any environmental issues. But, time and time again we see human error as the entry point for ransomware and businesses must educate their staff on the hazards posed by seemingly innocent emails, or social engineering tactics. A simple one-hour training session for staff can minimise a ransomware threat significantly.
All told, the hyper-available business of today requires equally a combination of cybersecurity solutions that adapt to the changing risk landscape as a first line of attack, and a comprehensive intelligent data management platform as the rear guard, focused on maintaining the integrity of and access to corporate data, even when disaster strikes.