Jim Crook, Senior Director of Marketing, CTERA, shares his four key tips for protecting an organisation’s data.
Ransomware attacks have skyrocketed during the pandemic, by nearly 500%. The REvil gang took advantage of the 4th July holiday weekend to stage the US$70mn Kaseya ransomware attack, while the SolarWinds breach took place just before Christmas. It’s clear that cybercriminals do not take a day off. Year-round protection of your data is vital to safeguard it so that if an attack does occur, your company can continue to operate as usual.
Below are four essential tips for safeguarding your organisation’s most valuable asset: its data.
1. There is no excuse not to back up your data
a. It goes without saying that data backups are crucial. An external hard drive to store backup copies is simply not enough.
b. An effective data protection strategy involves storing at least one previous version for a specific retention period (a minimum of 30 days) in a read-only repository that is in a different location to the original. This is the absolute minimum.
2. End-to-end data security is key
a. End-to-end security is, of course, a must for protecting files against ransomware and other cyber threats. Having data security end-to-end implies encrypting data at the edge (where it is created), in transit (over the network), and in the cloud (where it is stored) in cloud-driven distributed setups.
b. Global file system technology can safeguard your data before it leaves your devices, workplaces, and servers by leveraging source-based encryption at rest and in transit. Furthermore, your data cannot be read even if it is temporarily locked due to an assault.
3. Consider who is viewing your files remotely
a. Remote access to an organisation’s files brings a significant number of benefits. However, if the wrong people are authorised to view specific files, this could lead to security issues. To mitigate this, ensure that your remote access system, whether VDIs, global file systems or others, meets corporate security policies and provides consistent access control from any personnel user device or location.
- Data security and compliance: why prevention is better than cure
- 40 million US T-Mobile customers hit by data breach
- How technology can help consumers and businesses manage personal data online
- Why DevOps and data are better together for your business
4. Make sure that passwords are updated regularly (and are secure)
a. Employees relying on weak passwords are more likely to be susceptible to successful cyberattacks. When resetting a password, make sure it is a combination of letters, numbers, and symbols.
b. Keeping passwords safe on a multi-factor authentication password manager and updating them regularly is a simple and effective way to prevent passwords, and your data, getting into the wrong hands.