Although I’m sure, everyone wishes they could, it’s impossible to keep up with all the new cyber threats coming up every day.
Hackers, like viruses, continuously morph and devise new ways to bypass developing security technologies, and attack data centers.
So, even when data gets protected by multi-layered security protocols, there are always people working to find ways to crack it, and the more complicated a security system, the better.
As a matter of fact, they even hold hacking conferences for the ‘most brilliant’ hackers.
I’m relaying this information to discourage you from implementing security measures.
On the contrary, I think you need to persistently review safety protocols, ensure they are up-to-date (super important step), and reasonably effective against the latest types of ransomware and other forms of malware.
However, you cannot rely on this methodology alone.
Even antivirus software vendors acknowledge that ransomware has infiltrated well-protected systems.
And malware distributors are increasingly sophisticated when it comes to luring end users into downloading their junk through fraudulent emails and links.
Over the last one year alone, 95% of businesses have experienced disasters unrelated to natural causes.
Most of the disasters suffered, as you might have already guessed, were caused by malware (particularly ransomware).
And sadly, 93% of companies that failed to restore their data within 10 days ended up filing for bankruptcy within a year.
So, can you protect your data in case of a disaster?
And more importantly, how can you comprehensively prepare a business to effectively handle cyber disasters?
Conduct a Comprehensive Data Assessment
The first step in data protection is, of course, mapping out your entire data center and separating high-value assets from the rest.
Customer data, for instance, is more important compared to temporary system files.
You can afford to lose the latter, but not the former.
That’s why, you should first focus on protecting and backing up more critical files, before proceeding to less important ones.
To simplify this process, consider leveraging a comprehensive data governance software, which utilizes usage intelligence to classify data and align it according to corresponding departments.
That way, you’ll be able to prioritize on what to protect and what not to.
Leverage Cloud Backup
There is an advantage to using hybrid cloud solutions, as they offer off-premise and on-premise cloud backup.
That way, you can decide which data to keep in offsite backups, and protect it separately from your onsite systems—which are vulnerable to a variety of threats, such as:
Hard drive failures
If ransomware gains access to an administrative account, all backed up data could get encrypted along with the rest of your drives.
The best recovery and protection procedure, therefore, will be in the cloud.
Personally, I’ve integrated Carbonite into my overall data backup and protection strategy.
To protect myself, I’ve scheduled backups to automatically occur every 24 hours.
In the case of a disaster, Carbonite provides a recovery management tool, which will help me restore all my files from the most critical to the less important ones — on a drive of my choice.
Control and Manage System Privileges
With the business environment progressively changing, endpoint devices, have become an integral part of the IT infrastructure in most companies today.
Unfortunately, through a 2014 State of the Endpoint study, 65% of IT professionals surveyed, had been victims of advanced persistent threats via their endpoint devices that year.
And according to 71% of them, that, among other reasons, has made endpoint security threats harder to mitigate.
Therefore, even when you employ water-tight measures to safeguard a system against vulnerabilities emanating from the internet, there are potentially greater risks from endpoint devices.
Making matters worse 66% of third-party applications are regarded as threats to endpoint security.
In addition to implementing endpoint security measures, therefore, you should adequately control and manage account privileges.
The main admin account should have minimal, if any, connection to endpoint devices like:
That way, any malware that attempts to penetrate your system can be contained within the entry user account, without affecting the rest it.
Another strategy, especially when a disaster strikes, would be disaster-proofing original files by encrypting them before they are attacked.
Of course, the most important ones should be given priority, as you try to contain an attack before it spreads to operation-critical data.
By minimizing exposure, you’ll also be protecting other files from unauthorized access.
It’s pretty much like closing off all your valuables in a single safe room when you notice an intruder in the home.
For all these measures to be perfectly aligned, you should have a disaster recovery plan that includes:
Critical protection strategies
Subsequent recovery processes
With those four measures in place, you can be at ease knowing that your data is as secure and recovery-ready as it’ll ever be.
What do you think about the state of cyber-security in 2016? And how would you go about securing data? Feel free to share your thoughts, opinions and comments with me down below.