Subj : Reducing downtime in no time: Data archiving and backup To : All From : TechnologyDaily Date : Wed Jul 31 2024 15:30:05 Reducing downtime in no time: Data archiving and backup Date: Wed, 31 Jul 2024 14:28:13 +0000 Description: How businesses can get back on time quickly following a ransomware attack or similar disaster. FULL STORY ====================================================================== Cyberattacks are an inevitability. Every day, thousands of businesses are threatened, and malevolent actors manage to penetrate defenses, stealing information and destroying infrastructure. Too many businesses (and security professionals) are exclusively focused on reinforcing that wall, the barriers that will prevent unwanted entries. These have a place but cant be the entire solution. Infiltrations will happen the vast majority of victims of cybersecurity attacks already have some sort of defense in place what matters then is how quickly businesses can get back online. A particularly disruptive form of attacks are ransomware . Hackers plant malware on systems, which can make it impossible to access information. They demand a bounty, usually in cash or even more likely crypto, to remove blocks on the information. If not paid, data can be destroyed or sensitive data can be leaked to the competition or the public. In fact, this can happen even if companies can pay up. What makes ransomware so disruptive is that it can remove access to mission-critical information for an unknown amount of time. Hackers frequently target the most valuable, most important data inside a company, which in turn usually makes it the hardest to replace. This could mean weeks or months of critical downtime, with businesses falling behind and incurring unexpected expenses. With so much at stake, truly comprehensive systems must contain both proactive and reactive approaches to preventing ransomware attacks. The proactive tools are perhaps more familiar these include an active cyberdefense training program, along with up-to-date firewalls, intrusion detection systems and malware. But here, wed like to go into more detail about those reactive tools that can get things back online faster. Together, these constitute truly impactful, effective risk management. Data lifecycle Data increasing amounts of it is generated from internal and external sources while doing business. Customers , third-party vendors and employees create and modify records that must be stored. This information must be easy to access so authorized users can store it securely and efficiently. Theres an emphasis on primary storage and systems that support high availability and performance. Data-sharing policies must also exist within and outside an organization, identifying who can access specific datasets, under what conditions, and which security measures apply. This helps maintain data security and ensure compliance. As data ages, it may not need to be accessed as frequently. There should be a consistent, pre-planned schedule for archiving information and moving it to off-site backup facilities. These may not be as instantly accessible, but retrieving the data when needed is still possible. Finally, there needs to be proper procedures in place around data disposal. When data is no longer valuable or required for compliance or other purposes, it must be disposed of securely to prevent unauthorized access or data breaches. Data deletion strategies include data sanitization, where deleted data is cleansed of hidden content, such as metatags and document properties that could pose security risks. Effective tools Right in the middle of the data lifecycle is the creation of backup copies of data. The proper way to think about data backup is using the 3-2-1-1 method. This means a total of three types of backups, of which two need to be on different kinds of media (such as network-attached storage, tape, or a local drive), with one copy offsite and one immutable record. Immutable backups are saved in a write-once-read-many-times format that cant be altered or deleted even by hackers and admins. This means bad actors can't alter records, so they cannot be accessed, as immutable backups are unmodifiable. This significantly limits the leverage that hackers have over organizations and in many cases, should completely eliminate the need for paying ransoms. Reducing downtime. The benefits of a comprehensive approach should be the ability to reduce or hopefully eliminate downtown after a ransomware attack. Data is frequently backed up, which means systems administrators can easily rewind the clock to the exact moment there was an incursion. Theres no need to reconstruct material from scratch or from a backup that could have been days or weeks in the past. The system should be agile and scalable, so it doesnt need to be replaced as a business changes strategy or goes through a period of rapid growth. In an ideal world, all data would be safe and businesses wouldnt need to worry about cybercrime. This is, unfortunately, not the world we all live in. By embracing a multi-factor, multl-modal approach, businesses can feel more secure that a successful penetration of their defenses wont automatically lead to costly downtime. We've featured the best encryption software. This article was produced as part of TechRadarPro's Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro ====================================================================== Link to news story: https://www.techradar.com/pro/reducing-downtime-in-no-time-data-archiving-and- backup --- Mystic BBS v1.12 A47 (Linux/64) * Origin: tqwNet Technology News (1337:1/100) .