A whitepaper by Amdocs The telecom industry has been working…
How to improve data compliance, advance security, remove data silos, and reduce complexity?
What are the main cybersecurity challenges related to remote working scenarios?
Most organizations now operate with a larger remote workforce than ever before, and some may have lost easy access to their data center. To cope, new services and solutions may have been introduced into the IT environment, many of which are likely to have increased complexity and risk by complicating the challenge of managing ‘dark’ data, PII, regulatory compliance, cybersecurity and data management.
As a result, many companies have distributed their data to a variety of storage locations and are having challenges in properly managing their archipelago of proprietary, siloed islands of data. No doubt, IT teams spend significant time and resources tackling governance, archiving, and compliance issues. This distorted image causes a number of glaring problems that grow with the amount of data and the number of regulations. In this way, it is almost impossible to see whether data is redundant, whether critical personal data is stored in risky locations, or whether it has been overlooked in the backup plan.
A company can attempt to get these data islands under control with processes and point-product solutions, but may face high infrastructure and operating costs, a lack of integration between products, and increasingly complex architectures. And it is questionable whether all data is protected from ransomware in such a fragmented environment and whether important tasks such as rapid recovery can be implemented in the required time and quality to keep businesses up and running.
Companies should break away from the archipelago and look for a next-gen approach to data management that enables companies to improve data compliance, advance security, remove data silos, and reduce complexity. This will also help them to better understand what data they own and what value it has. Only then can they answer questions of governance and compliance. And they need to be clear about who has access to that data. For example, can they detect users that have too much access to data, or can they use AI/ML technology to identify unusual backup or access patterns, or other abnormal behavior. These indicators may help to identify possible internal and external attacks, such as ransomware, at an early stage, enabling countermeasures to be put in place in rapid fashion.
Ideally, all of these functions and an overview of the data landscape can be accessed via one console through the next-gen data management platform that only authorized users can access thanks to multi-factor authentication and access control lists – regardless of whether the data is stored on-premises, in a hybrid cloud or in a SaaS service.
How does security look in the era of hybrid cloud and artificial intelligence?
Organizations are putting a lot of focus on prevention in hybrid clouds when it comes to security, which is essential in terms of mitigating cyber threats. But, it’s no longer enough. They also need to apply the same level of focus on protection, detection, and recovery to minimize the impact if and when they are breached. It will be essential to make it as difficult as possible for attackers to get access to systems and critical environments. And it will be crucial for businesses to be able to recover from backup quickly. It’s also critical that IT and SecOps teams work closely together as this is not just a security issue or an IT issue, it’s both.
Organizations can find a practical and effective approach to increase the resiliency and protection of data by, first, getting the fundamentals right:
- Know your assets and your data
- Patch the systems
- Segment the Network
- Use Multifactor Authentication
- Enforce User-Access Control
- Educate the users
- Simulate the disaster recovery process regularly and under real conditions
Evolution towards next-gen data management
While the fundamentals outlined above will help organizations improve their security posture, this is only the first step. It’s also very important for organizations to complement these security measures with next-gen data management capabilities that can help to ensure exceptional cyber resiliency — critical to generating desired business outcomes. This is also what’s needed to thrive and survive in the complex digital economy that we find ourselves immersed in today.
Next-gen data management platforms from Cohesity can help customers achieve this in three ways:
- Protect – Protect and defend your backup data from being taken hostage with a resilient architecture, including immutable backup snapshots, robust encryption algorithms, off-site cloud based data isolation (Fort Knox), erasure coding, and WORM (DataLock).
- Detect – Minimize the risk of data exfiltration with early detection of ransomware attacks. Detect and identify near real-time anomalies with AI-powered detection.
- Respond – with automated rapid recovery — critical to restoring services and meeting aggressive Recovery Point Objectives (RPO) and Recovery Time Objectives (RTO) – which is the amount of downtime a business can tolerate and from what point in time. Speed, scale and reliable performance is mandatory to recover thousands of systems within a few hours and days – and not weeks or months, which is quite often the industry standard nowadays.
Augmenting a security strategy that’s focused on prevention with a next-gen approach to data management that also includes a focus on protection, detection, and response will help enable organizations running critical infrastructure to mitigate the impact of breaches – very important in an era of escalating cyber threats.
What are the peculiarities of the Zero Trust security model incorporation into the local environment?
To help reduce the blast radius of such ransomware, leading next-gen data management vendors such as Cohesity go beyond zero-trust principles in their underlying threat defence architectures. This is being achieved by providing strong multi-factor authentication technologies and encryption of data in transit and at rest and immutability by design. This architecture provides a holistic approach to threat detection and rapid recovery every step of the way and can play a key role in enabling organisations to converge data security and data governance.
In the era of ransomware 3.0, there are a number of proactive measures organisations can take to mitigate the threat. For example, making sure the foundation of your security posture is solid. This means having processes in place to quickly patch known vulnerabilities, while ensuring your production and backup data is encrypted, and follows least privileged access management.
Social exploitation remains a key way in which cybercriminals propagate ransomware attacks so investing in regular employee training and awareness programs will help build a ‘security-first’ mindset and strengthen what would otherwise be the weakest link in the cyber defence chain.
It should go without saying that protection needs to cover both your production and backup systems and this is why immutable backups – which are designed so they can’t be tampered with y – are now a necessity rather than a nice to have. And, in addition to taking measures to defend against an attack, investments need to be made to reduce the impact if breached. In the case of ransomware, this includes having the ability to detect an attack as early as possible. This can be done by monitoring source-side data in production with the help of AI and ML to identify anomalies in near real-time.
It is also essential to recover critical systems and processes with aggressive recovery time and recovery point objectives and provide automated failover and failback orchestration, so organisations can reduce downtime of critical systems significantly in the event of a successful cyber-attack. Organisations would also be well served by testing these critical recovery processes. This needs to include the recovery of systems and environments and rehearsing with the individuals required to execute the whole process.
If the evolution of ransomware has taught us anything, it’s that cybercriminals will constantly keep evolving their tactics. Next-gen data management technology is therefore paramount for organisations’ preventive efforts. Capabilities of a next-gen data management platform, such as immutable backups and encryption, combined with a robust recovery strategy, and the implementation of multi-factor authentication, offer a path for organisations to combat the threat of ransomware 3.0 and beyond.
For more information on how to strengthen your business continuity watch a video by Cohesity.
“Cohesity sits at the intersection of three of the highest priority business issues today – cyber security, cloud, and data management – and is poised to become a major powerhouse with industry analyst firms naming the company a leader and one of the fastest growing in its category,” said Sanjay Poonen, CEO and President, Cohesity.
Cohesity radically simplifies data management. They make it easy to protect, manage, and derive value from data — across the data center, edge and cloud. Cohesity offers a full suite of services consolidated on one multicloud data platform: backup and recovery, disaster recovery, file and object services, dev/test, and data compliance, security, and analytics — reducing complexity and eliminating mass data fragmentation. Cohesity can be delivered as a service, self-managed, or provided by a Cohesity-powered partner.