Tag Archives: Data Backup

Best Practices to Avoid Data Breaches

Most businesses do not have a pre-defined strategy to follow when sensitive information is stolen from their system. The complexities caused by data breaches are underestimated. Companies follow fortress approach and use encryption security, firewalls and proxies to keep intrusion away from sensitive data. However, once a data breach has taken place, what counts is the work done prior to the breach. It would be very difficult to do much after the breach.

Preparation

Companies need to plan ahead and get ready to answer the important question: “What do we do after a data breach” well ahead of time. Companies need to avoid data breaches, but if they find themselves in the unfortunate situation of a data breach, they should not underestimate the effects of the breach.

Remember that cyber attacks are not what they used to be a decade ago, they have evolved, but information governance programs have not changed much.

Triage and Mirage

It is an essential part of an information governance policy to make arrangements against data breaches. For an effective information governance policy, companies must have an all-inclusive understanding of their sensitive data, so that they can be proactive throughout the data breach. Knowing where sensitive data resides will prove to be very challenging, as companies have a lot of data in their network systems, but data breach readiness does not need an all-or-nothing approach.

There is no need to create data map as companies are bound to work at the content level to recognise things such as payment card information, personal health information, and personally identifiable information. When mission critical information is used or updated, make certain that the data is placed in specific repositories with backup options, as well as security provisions. Data masking, dual factor authentication and strong password are significant security layers that can be used. Moreover, masking can scramble data in order to make social security numbers or credit cards invalid, acting as deterrent and traps against cyber attackers.

Careful Data Sharing

Controlling user access privileges to data repositories is equally important as data breach preparedness. File sharing improves collaboration and efficiency, but makes the data available to potential breaches and also makes the data accessible to all, including unauthorised people.  File sharing is one of the least secure locations in the network, as permissions are not strictly enforced in many cases. At times, file shares are made available to everyone by default, allowing everyone in the company to access those files.

Permission forms, compensation statements, account numbers, customer records and HR records could easily be exposed to the wrong person if shares are not properly setup.  Therefore, caution should be exercised when file sharing is setup, including the ability to automatically purge out files after a period of time.

Manual or Automated Approach

Though breach preparedness appears to be a straightforward procedure, businesses need to know about automated scanning and human approach. If AI and scanning technology are used on computers that are not connected with in the network, it can allow companies to lock down, move or find sensitive files. Obviously, you can not trust all employees, and as a result, the likelihood of insider threats is much more higher than an outsider threat.

Despite the fact, employees play a central role in breach preparedness, and therefore, they should be given a regular training to cope with various situations. Companies need to arrange training courses for fresh employees and refresher courses for experienced staff.

In the long run, awareness and education help people in understanding how and when shadow IT (cloud storage and restricted access to data) can be used. While working on an information breach preparedness plan, organisations should adopt a careful attitude so that employees cannot use shadow IT and other risky applications inappropriately.

During and after a data breach, experienced and qualified employees are expected to perform their jobs immediately. In case, emails are not accessible due to data breach, users often select, though not recommended, Gmail, Google Drive, or other public email clients to continue business activities. The company management is responsible to inform employees not to use any third party system while the company’s servers are down because of the breach.

Data Backup: The Impact of Failed Backups

Data Backup is becoming an ever more important component of a data protection solution as the frequency of attacks is increasing and the sophistication of attacks used by cyber criminals is improving. Companies are also having to cope with rapid increases of data that is being kept on their systems and therefore increasing the chances of employees deleting critical data which could have unprecedented results on the company financially and have a damaging impact of the company’s reputation.

A survey that was conducted by CFI Software concluded that many of the participating IT administrators had been unable to restore critical business data such as financial data and emails. Within the survey, the IT administrators revealed that not being able to restore such information because of failed backups has affected customer relations, business operations and brand reputation.

One of the key reasons why the participating IT administrators had been unable to recover the required data was because they do not run backups on a daily basis. Over 50% of the participants revealed that they do not carry out daily backups, with 32% of respondent citing the reason that it isn’t an efficient use of their time. This statistic suggests that nearly a third of participating IT administrators do not consider backing up critical business data on a daily basis as a priority. This is quite concerning considering the impact that being unable to restore data has had on the companies.

The results of the survey also revealed that half of the respondents revealed that they wished their current backup method was faster and more efficient. This reflects the findings why so many IT administrators are reluctant to backup critical data on a daily basis. This cannot be considered as a reason why critical business data isn’t being backed up on a daily basis as there are now automated solutions that can be scheduled to run a daily basis with no human intervention. This is accompanied with backup providers offering a fully managed service and therefore taking over the running of the backups for the company.

Companies of all sizes need a robust backup solution in place that backs up their critical business data on a daily basis. Not being able to recover critical data because a backup hasn’t been scheduled to run or because it failed can have an unprecedented impact on the company. Depending on the backup solution that is utilised, a number of the key constraints detailed in the survey are dealt with and therefore they cannot be used as an excuse when the data cannot be restored.

Do you backup your business data on a daily basis? Do you have any problems with your current backup method?

Our Customers

  • ATOS
  • Age UK
  • Alliance Pharma
  • Liverpool Football Club
  • CSC
  • Centrica
  • Citizens Advice
  • City of London
  • Fujitsu
  • Government Offices
  • HCL
  • LK Bennett
  • Lambretta Clothing
  • Leicester City
  • Lloyds Register
  • Logica
  • Meadowvale
  • National Farmers Union
  • Network Rail
  • PKR

Sales question? Need support? Start a chat session with one of our experts!

For support, call the 24-hour hotline:

UK: 0800 999 3600
US: 800-220-7013

Or, if you've been given a screen sharing code:

Existing customer?

Click below to login to our secure enterprise Portal and view the real-time status of your data protection.

Login to Portal