Best Practices to Avoid Data Breaches

July 18, 2016 Damien Garvey

Most businesses do not have a pre-defined strategy to follow when sensitive information is stolen from their system. The complexities caused by data breaches are underestimated. Companies follow fortress approach and use encryption security, firewalls and proxies to keep intrusion away from sensitive data. However, once a data breach has taken place, what counts is the work done prior to the breach. It would be very difficult to do much after the breach.

Preparation

Companies need to plan ahead and get ready to answer the important question: “What do we do after a data breach” well ahead of time. Companies need to avoid data breaches, but if they find themselves in the unfortunate situation of a data breach, they should not underestimate the effects of the breach.

Remember that cyber attacks are not what they used to be a decade ago, they have evolved, but information governance programs have not changed much.

Triage and Mirage

It is an essential part of an information governance policy to make arrangements against data breaches. For an effective information governance policy, companies must have an all-inclusive understanding of their sensitive data, so that they can be proactive throughout the data breach. Knowing where sensitive data resides will prove to be very challenging, as companies have a lot of data in their network systems, but data breach readiness does not need an all-or-nothing approach.

There is no need to create data map as companies are bound to work at the content level to recognise things such as payment card information, personal health information, and personally identifiable information. When mission critical information is used or updated, make certain that the data is placed in specific repositories with backup options, as well as security provisions. Data masking, dual factor authentication and strong password are significant security layers that can be used. Moreover, masking can scramble data in order to make social security numbers or credit cards invalid, acting as deterrent and traps against cyber attackers.

Careful Data Sharing

Controlling user access privileges to data repositories is equally important as data breach preparedness. File sharing improves collaboration and efficiency, but makes the data available to potential breaches and also makes the data accessible to all, including unauthorised people. File sharing is one of the least secure locations in the network, as permissions are not strictly enforced in many cases. At times, file shares are made available to everyone by default, allowing everyone in the company to access those files.

Permission forms, compensation statements, account numbers, customer records and HR records could easily be exposed to the wrong person if shares are not properly setup. Therefore, caution should be exercised when file sharing is setup, including the ability to automatically purge out files after a period of time.

Manual or Automated Approach

Though breach preparedness appears to be a straightforward procedure, businesses need to know about automated scanning and human approach. If AI and scanning technology are used on computers that are not connected with in the network, it can allow companies to lock down, move or find sensitive files. Obviously, you can not trust all employees, and as a result, the likelihood of insider threats is much more higher than an outsider threat.

Despite the fact, employees play a central role in breach preparedness, and therefore, they should be given a regular training to cope with various situations. Companies need to arrange training courses for fresh employees and refresher courses for experienced staff.

In the long run, awareness and education help people in understanding how and when shadow IT (cloud storage and restricted access to data) can be used. While working on an information breach preparedness plan, organisations should adopt a careful attitude so that employees cannot use shadow IT and other risky applications inappropriately.

During and after a data breach, experienced and qualified employees are expected to perform their jobs immediately. In case, emails are not accessible due to data breach, users often select, though not recommended, Gmail, Google Drive, or other public email clients to continue business activities. The company management is responsible to inform employees not to use any third party system while the company’s servers are down because of the breach.

Disaster Recovery as a Service (DRaaS) Vs. Traditional Disaster Recovery (DR)

July 13, 2016 Callum Huddlestone

Disaster Recovery (DR) systems are difficult to operate, harder to configure. They also get quickly outdated, and cost much more than just backups. To the contrary, DRaaS is a cloud based service, which offers testing flexibility, costs much less than DR, easier to deploy, keeps pace with the company changes and strategies, and offers the ability to test the ongoing plans on a regular basis.

How Do You Make a DR Plan?

You can make DR plans with the help of cloud based methods. You will need to consider the potential threats present to data centres while devising and testing disaster scenarios. Such threats as employee sabotage, hazardous weather, systems downtime, hackers, breaches and power outages should be outlined as potential disasters. Identify the most common apps that need to be restored immediately. Go over the list again and prioritise by importance. You are also suggested to make the plans to limit the activities against the data centre and its efficiency. Users can develop the basic infrastructure with the help of servers, network connections, applications, software and storage devices. All these parameters have vital roles in the development of good infrastructure for disaster recovery.

Appointing staff having relevant professional experience can help in the development of DR plans and infrastructure required. IT professionals know how to manage according to the requirements of clients. IT departments spend more time for the development and maintenance of DR plans. New applications and approaches are invented by developers working on disaster recovery options and protocols. IT admins also test these DR plans in order to find the best efficiency level for optimised performance.

Developing New DRaaS Solutions:

Cloud always provides better options for the data protection and recovery. The cloud is most efficient, providing latest updates in order to create better data recovery and storage. The cloud has introduced modern automation and virtualisation for high level flexibility.

Cloud’s Limitations:

DRaaS might have limitations, especially, when cloud vendors do not have complete system redundancy. Suppliers can’t justify the cost of building new data centres that cater to the needs of each user’s infrastructure setups. As a result, they cut corners. A good DRaaS will develop systems that resist outages to some degree.

Even though cloud based DR increases the company network bandwidth, it is better than conventional options. The users are also required to choose the right DR plans favourable for their business and activity. It is no longer a question of how cloud backup service providers can assist the clients in the matter of disaster recovery.

Is it Safer to Backup Data in the Cloud?

July 11, 2016 Rob Mackle

Data backup and protection is an important matter; and it becomes more sensitive when you try to backup data to an offsite server with the help of cloud based services. Although the concern is understood, cloud based data is automated, very safe, efficient, and the data is backed up to geographically dispersed locations, typically far away from the origin. As a result, natural disasters, such as tornadoes, wild fire, floods, etc. won’t affect it. The system is also efficient because it doesn’t require hardware changes and more storage space is always available for the users. But, is it safe for everyone? Is there any chance of hacking? I will give answer of these questions below.

Keep in mind that not all cloud backup services are the same. They differ in technology, years of experience, and management. But, one thing is clear that you must know your wants and needs when it comes to protecting your data.

Where is the Data Stored?

The cloud has become more popular, but most don’t seem to know what it actually means. Most of the people have concept that using the data storage service is risky because they think that all the data in the cloud usually go to a cyberspace where hackers can easily go and access it without any problem.

Well, this could be true if you are not using reliable data storage services. Cloud is a very simple service with data servers in data centres, connected with the main storage and user’s personal account. Internet is a network of servers that carries the data to and from data centres, just like a highway is for vehicles.

Data centres are very protective areas where highly skilled and reliable workers are appointed for the management of servers. In most of the cases, only a few reliable persons are given access to these data centres. The workers are allowed to access the data centres with several physical security options and with the permission of users, who provide the secret PIN to open the storage vaults. Video surveillance system is used for 24x7x365 in order to ensure security of data. Many do not label their data centre as “Data Centre”, for security reasons; they are just typical buildings that blend with the neighbourhood buildings.

Data centres can not be physically robbed. We have never heard such stories. However, it has a cyber-based system linked to the computers of users. No doubt that there is a minimal risk of cyber-crime or data hacking, but it is very rare, because cloud backup companies have come up with sophisticated systems that can keep hackers off their servers.

Hackerproof?

Is backing up in the cloud really hackerproof? The simple answer is yes and no. If the technology used is a sub-standard, hackers can get access to the data centres with the help of specialised hacking protocols. However, the latest security systems have made it very difficult. For instance, multiple security levels (using emails, phone numbers, and physical statements) have made it almost impossible for hackers to access and compromise data.

Your data is much more secure being backed up in the cloud, where it is handled by qualified security experts than it is in the basement of your home. Modern security applications and tools are implemented in order to ensure that there will be no risk. On the other hand, users are also encouraged to monitor the activities.

Five Points to an Improved Backups

July 4, 2016 Callum Huddlestone

It is a well documented fact that backups fail at times even though they are considered critical for business continuity. Such failures happen when companies fail to keep a copy of the data outside in an offsite, remote location, away from the current network. IT admins and managers could avoid such issues with carefully pre-defined planning.

Frequent Backup Test

It is very common to find out that backups that are performed seemingly with out error messages, but later end up being unreadable when it is time to recover the data. Test the backup systems frequently in order make sure that backups are happening without any issues.

Test the files, folders, systems and servers regularly. You can run the backup tests once a week for a randomly chosen single file, once a month for a random directory and yearly for servers. Companies using multiple backup locations (for instance, cloud backup and appliance based, etc.) are required to test both systems, in the cloud and onsite.

Use Updated Technology

Newer backup technologies are always being developed; the newer versions are getting better and better and while the costs remain fair and reasonable. It is very important for the users to communicate with their service providers in order to learn about the backup servers, systems and networks. This will give the users an opportunity to avoid problems in data encryption and recovery. IT managers may utilise some applications like deduplication to reduce file sizes.

Deduplication is a well known process that helps to create duplicates of files with smaller size. This process is also effective because it enables the system to capture more snapshots in less time. It also further reduces the time period between snapshots.

Apply Systematic Incremental Backups

Older backup servers and systems may utilise full backups on a weekly basis; while daily incremental backups happening every night. This strategy is useful because it enables the system to update the data every night, without losing the files. However, it is necessary to ensure that data saved will be recovered in the original form, without any corruption, making sure that incremental backup is performed. New applications can consolidate each and every incremental backup into the full backup so that backups can be restored in only one operation.

Try Snapshots & Replication

These systems are considered more helpful for the enterprises because of the high level of redundancy, speedy backup creation, data protection, and data recovery. The users can easily develop multiple backup folders with the help of snapshots taken from the systems containing different types of files and folders. These snapshots should be preserved in prescribed systems in order to create the backups. It is also important to run the recovery tests after short intervals.

Prefer the Self-Service Portals

The need for data recovery arises mostly due to human error. Most users tend to restore data by themselves with out the need of an IT admin. This means, less admin intervention is needed. Develop a portal that allows restoring all types of files or folders from the networks and systems. The self-restoring portals have become very important for this purpose. These portals typically only allow the users to restore data (without changing or deleting them), thereby, providing do-it-yourself self-service with minimal risk.

Mitigating Security Risks in the Cloud

July 1, 2016 Kris Price

Many understand the importance of data and agree that data should be protected in an efficient manner. Companies are also realising that moving essential services to the cloud — from CRM to voice to communications — has many advantages. In order to develop an efficient data protection, storage and transfer protocol, most rely on the cloud. The Cloud based models are more flexible, efficient, scalable, and integrated. These have great potential to save money. On the other hand, careless, unplanned migration to the cloud could bring its own issues and risks, and therefore, a careful well thought after plan is needed before migrating to the cloud.

Data breaches have become a daily global occurrence these days. Leading organisations, associations and groups are facing security threats on a daily basis. So, how do you minimise the chances of data loss or breach?

The cloud enables the users to store data in multiple locations for easy access and restore in case of a disaster. It is very important to have all your security related questions answered from the vendor you are planning to use. Here are some tips for users who want to reduce the risks while moving to the cloud.

Get Answers to your Security Questions:

Get connected with the online representatives and ask the basic security questions. It would be better if you discuss the concerned security matters with the experts and find out if they align with yours. In most cases, the clients ask following questions:

What type of data protection strategies does your company use to avoid data loss?

Is customer support available for 24/7?
What are the modern techniques (feature sets) being used to protect my data?
Any data breach at your company? If so, tell me how you handled it?
Do you have a security checklist template that we can check?

Partnering with a cloud based service provider has added benefits, as the provider has its own experts in house that can monitor up-time, implement security measures, monitor services around the clock, and implement necessary protocols to protect and backup the data.

Always check the proper security facilities and features. This can be done by checking the history of a cloud service provider (for instance, by talking to present and former clients, reading reviews online).

Consider the following four factors to evaluate cloud service providers:

Secure facility for storage: The cloud service provider should provide details about the security of their storage facilities. While digital security is important, security of the actual physical premises and the employees who work there are also very critical.

Preventive activities: As hackers are becoming creative to be successful in breaches to access data, service providers must have security protocols in place to stop potential risks before they actually happen. The cloud service providers should satisfy the client, for instance, by showing that they encrypt the data during its flight and at rest; monitor any risks 24/7; and inform the clients when security is a concern.

Privacy of data: Data stored in the digital data centres should be treated with high degree of security, as they are important for the users. It is required to check how a service provider maintains the privacy of data. All types of materials such as files, folders, video conferencing data, and call recording data should remain safe and secure, with encryption technologies.

Data loss protection:In case of a sudden data loss, the service provider should have an efficient data recovery system to quickly restore the data. Alert systems help in achieving an efficient data recovery.