In 2018, we all take data for granted because it’s always there. But what if it isn’t?
It could be you..
Wired Magazine’s latest cover story is about a global shipping corporation that was temporarily crippled by a malware attack, and how they learnt to appreciate the value of their data. Without the access to the systems and the data that underpinned their entire operation, lorries couldn’t board ships, the ships weren’t running anyway, and it was only through a lot of hard work and the odd stroke of luck that their systems were made fully operational again. Estimated cost to the business – $300 million.
An event like this helps an organisation to understand the value of their data.
As technology stakeholders in businesses, we should always be asking ourselves a few key questions:
- What data do I need to execute my job efficiently?
- What would I do if that data was not available?
- Do I know if that data is secure?
- How long would it take to recover that data?
First principles
Security principles should be one of the basic building blocks of any infrastructure, rather than bolted on afterwards. Companies that are undergoing any type of business transformation have a responsibility to understand the value of that data and to ensure that the protection of it is not purely a secondary consideration. Working on the assumption that a disaster probably will happen, an organisation is going to consider the risks far more effectively than an organisation that just hopes it won’t.
So what should you do? Ensure your data is protected, but make sure that protection is also secure. Use Role-Based Access to crack down on unauthorised access. Use encryption-at-rest to protect those backups and always try and make sure that data is protected whilst it’s being sent to the backup location. Make sure you monitor that environment – if you don’t have monitoring, then how do you know if somebody is trying to get at that data?
A gentle reminder
In the rush to provision compute and storage in the cloud, we all need to ensure that the security of that data isn’t merely an afterthought. We need to ensure that data protection and security is built in from the ground up, and we need to ensure that processes are resilient enough to withstand the impact of an attack.
Silverstring’s Sleep Easy Study will help you to ensure that your Data Protection Strategy doesn’t leave you exposed. For more details, contact info@silverstring.com.
