[BreachExchange] How to Protect Your Data When Disaster Strikes

Inga Goddijn inga at riskbasedsecurity.com
Wed Sep 28 17:48:05 EDT 2016


http://www.cloudwards.net/how-to-protect-your-data-when-disaster-strikes/

Although I’m sure, everyone wishes they could, it’s impossible to keep up
with all the new cyber threats coming up every day.

Hackers, like viruses, continuously morph and devise new ways to bypass
developing security technologies, and attack data centers.

So, even when data gets protected by multi-layered security protocols,
there are always people working to find ways to crack it, and the more
complicated a security system, the better.

As a matter of fact, they even hold hacking conferences for the ‘most
brilliant’ hackers.

I’m relaying this information to discourage you from implementing security
measures.

On the contrary, I think you need to persistently review safety protocols,
ensure they are up-to-date (super important step), and reasonably effective
against the latest types of ransomware and other forms of malware.

However, you cannot rely on this methodology alone.

Even antivirus software vendors acknowledge that ransomware has infiltrated
well-protected systems.

And malware distributors are increasingly sophisticated when it comes to
luring end users into downloading their junk through fraudulent emails and
links.

Over the last one year alone, 95% of businesses
<https://fightransomware.com/resources/> have experienced disasters
unrelated to natural causes.

Most of the disasters suffered, as you might have already guessed, were
caused by malware (particularly ransomware).

And sadly, 93% of companies
<http://www.itispivotal.com/2012/08/10-backup-disaster-recovery-statistics-must-know/>
that failed to restore their data within 10 days ended up filing for
bankruptcy within a year.

So, can you protect your data in case of a disaster?

And more importantly, how can you comprehensively prepare a business to
effectively handle cyber disasters?
Conduct a Comprehensive Data Assessment

The first step in data protection is, of course, mapping out your entire
data center and separating high-value assets from the rest.

Customer data, for instance, is more important compared to temporary system
files.

You can afford to lose the latter, but not the former.

That’s why, you should first focus on protecting and backing up more
critical files, before proceeding to less important ones.

To simplify this process, consider leveraging a comprehensive data
governance software, which utilizes usage intelligence to classify data and
align it according to corresponding departments.

That way, you’ll be able to prioritize on what to protect and what not to.
Leverage Cloud Backup

There is an advantage to using hybrid cloud solutions, as they offer
off-premise and on-premise cloud backup.

That way, you can decide which data to keep in offsite backups, and protect
it separately from your onsite systems—which are vulnerable to a variety of
threats, such as:

Power outages

Hard drive failures

Floods

Theft

Godzilla

If ransomware gains access to an administrative account, all backed up data
could get encrypted along with the rest of your drives.

The best recovery and protection procedure, therefore, will be in the cloud.

Personally, I’ve integrated Carbonite into my overall data backup and
protection strategy.

To protect myself, I’ve scheduled backups to automatically occur every 24
hours.

In the case of a disaster, Carbonite provides a recovery management tool,
which will help me restore all my files from the most critical to the less
important ones — on a drive of my choice.
Control and Manage System Privileges

With the business environment progressively changing, endpoint devices,
have become an integral part of the IT infrastructure in most companies
today.

Unfortunately, through a 2014 State of the Endpoint study
<https://www.promisec.com/blog/2014-state-of-the-endpoint-study-an-infographic/>,
65% of IT professionals surveyed, had been victims of advanced persistent
threats via their endpoint devices that year.

And according to 71% of them, that, among other reasons, has made endpoint
security threats harder to mitigate.

Therefore, even when you employ water-tight measures to safeguard a system
against vulnerabilities emanating from the internet, there are potentially
greater risks from endpoint devices.

Making matters worse 66% of third-party applications are regarded as
threats to endpoint security.

In addition to implementing endpoint security measures, therefore, you
should adequately control and manage account privileges.

The main admin account should have minimal, if any, connection to endpoint
devices like:

Smartphones

Desktop computers

Laptops

Tablets

Printers

That way, any malware that attempts to penetrate your system can be
contained within the entry user account, without affecting the rest it.

Another strategy, especially when a disaster strikes, would be
disaster-proofing original files by encrypting them before they are
attacked.

Of course, the most important ones should be given priority, as you try to
contain an attack before it spreads to operation-critical data.

By minimizing exposure, you’ll also be protecting other files from
unauthorized access.

It’s pretty much like closing off all your valuables in a single safe room
when you notice an intruder in the home.
------------------------------
In Summary…

For all these measures to be perfectly aligned, you should have a disaster
recovery plan that includes:

Critical protection strategies

Off-premise backup

Restoration procedures

Subsequent recovery processes
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20160928/37bd92df/attachment.html>


More information about the BreachExchange mailing list