How to Bulletproof Your Data Defenses Locally & In the Cloud
0 likes432 views
This document provides recommendations for strengthening data defenses for businesses. It discusses educating employees, enforcing strong passwords, utilizing multi-layered security, having backups, and monitoring systems. It also covers email and web browsing safety, using firewalls, antivirus software, and data leakage prevention tools. The goal is to reduce threats and risks of data loss or breaches locally and in the cloud.
How to Bulletproof Your Data Defenses Locally & In the Cloud
- 1. How to Bulletproof Your Data Defenses Locally & in the Cloud
- 2. How to Bulletproof Your Data Defenses Locally and in the Cloud There are a multitude of threats facing business data today. The 2015 Global Risks Report even reported cyber attacks as one of the greatest risks to companies everywhere. Between data breaches, hacks, viruses, and even natural disasters, businesses have to build strong data defenses to maintain the integrity and availability of their data. If they fail to prepare by strengthening their data loss defenses the results can be devastating, with costs ramping up to nearly $400 billion per year in cyber attacks alone. Along with facing financial repercussions, unsecured data can cause company downtime, stolen consumer data, loss of revenue, and public relations nightmares -- just to name a few. Clearly the need for a bulletproof data storage and backup plan is evident for businesses of all kinds. To keep disasters, cyber attacks, data loss and unauthorized access at bay, apply these recommendations for strengthening your data defenses locally and in the cloud.
- 3. Reducing the Likelihood of Threats It’s always better to prepare for data threats with an active defense, versus a passive one. Rather than wait for disaster to strike so you can implement your disaster recovery plan, the best defense for your data is to actively mitigate the potential for damage. While you can’t eliminate the possibility of ever facing a data loss or other data disaster, you can reduce the likelihood that it will happen to your business by remembering a few data security best practices. From educating your employees to monitoring data leaks, this is what you need to know to limit the chance a data threat will breach your defenses. 1. Educate your employees. Data breaches can happen right under your nose, often because of your internal team. Educating your employees about safe online practices is your business’s best defense against this. Your employees should understand how vitally important your small business’s data is, how it can be compromised, and all of the measures they should follow to protect it. It can be difficult to protect users from themselves sometimes, but knowledge is power and educating your employees will help. 2. Stress email safety best practices. Make sure your employees pay attention to where their emails are coming from. Any inbox message they open should be from a trusted sender, and only expected links or email attachments should be clicked on/downloaded. Immediately hard delete any email from an unknown sender with an attachment or suspicious link, and do not ever open it! When it comes to email, vigilance is key -- even an associate’s email could be hacked, and your employee might open an email or click on a link thinking it’s harmless when it’s not. Bottomline: If it looks suspicious, do not click it! 3. Teach web browsing basics. Suspicious links and sites also apply to browsing the web — always instruct your employees to pay attention to the warnings in Internet browsers so that they refrain from visiting any malicious websites. Each new site or software comes with its own set of security vulnerabilities, so educate your employees on how to identify reputable websites or brands and warning signs of a sketchy site.
- 4. 4. Enforce strong passwords. When creating new, safe passwords remember to never use birthdates, names of spouses, children, pets, or any or personal data that can be easily discovered. A strong password uses a combination of capital and lower-case letters, numbers, and symbols to create passphrases that are harder for malicious software to crack. For example, N0rd!cB@CKup is a passphrase that uses symbols and numbers instead of letters to create words that the malware won’t be looking for, but is still easy to remember. 5. Don’t share passwords. Each employee should have their own username and password for any login system and never share or write them down. There are Password Manager Tools that will create strong passwords for your logins and keep them safely stored in a vault for when you need to use them. These programs can improve login security and decrease forgotten password issues among employees. 6. Utilize a multi-layered security system. Install, configure, and maintain an advanced endpoint security solution for your entire small business network and all devices. This includes a detection system for intrusions, behavior-blocking components, and automatic monitoring for actions typically initiated by malware. Make sure software restriction policies only allow specific applications to run to reduce risk of infection.Your multi-layer security system should also include; 7. Have a strong firewall. In order to properly protect your network, you need to have a strong firewall — most computers come equipped with one. Firewalls protect your small business network by controlling Internet traffic flowing in and out of each device. Any major brand of firewall protection should be installed and updated often. A firewall blocks all incoming connections and includes security capabilities like intrusion prevention, content and URL filtering, and encrypted traffic inspection to
- 5. prevent attacks and anything unauthorized on your network. Also, make sure programs and users have the lowest level of privileges necessary to complete tasks and perform updates so an administrator (like you) can confirm each update’s need and legitimacy. 8. Keep an up-to-date superior antivirus software. Antivirus and anti-malware software are essential — they’re your safeguard if an unwanted attack succeeds in making its way through the rest of your security measures. To ensure their effectiveness, keep all security software regularly paid for and updated so lapses in coverage don’t result in a compromise. Once you have airtight enterprise data security, you want to make sure you’re maintaining it and updating it correctly for full protection. 9. Secure portable electronics. Because laptops and mobile devices are portable, they’re considered high risk for being lost or stolen. Make sure you take extra steps to ensure any portable device containing sensitive business data are protected. First, download a reputable encryption software for every employee’s laptop. An encryption software will make any information on the device unreadable to anyone without the encryption key needed to unlock the data. Without the correct password, it can’t be read. At a bare minimum, you should password-protect all devices containing company data, and enable remote wiping, to prevent unauthorized access. Ensure all devices are backed up onto a secure cloud routinely before enabling remote wiping, but in a crisis, completely wiping a lost laptop or stolen phone will safeguard any information on the device. 10. Monitor your entire system and its assets routinely. Those little software notices, reminders and updates that pop up? Don’t ignore them! If you aren’t paying attention, you could miss a critical security update or an important clue to a potential security breach. If you don’t monitor your entire system regularly, you won’t know you’ve been compromised until the damage has already been done. 11. Make sure all software is up to date. Outdated software is open to vulnerabilities that can be taken advantage of by ransomware. This seemingly small slip could corrupt a device’s entire system. Make sure all systems and software are up to date with relevant patches, especially browser plugins like Flash Player, Java, and Adobe Reader. Turn on update reminders for all security and Internet-based software and encourage employees to update as soon as the reminder pops up.
- 6. 12. Use a data-leakage prevention software. Look into specific software for data-leakage prevention, set up at key network touch points to look for crucial information coming out of your internal network — things like credit card numbers, bits of financial information, or pieces of code that would indicate a breach. Good software packages let you monitor how your data is being used, where it’s stored, and protect it from being leaked or stolen with complete storage visibility for cloud and email. Make sure the security and data loss prevention is extended to include cloud environments and multiple mobile devices, beyond your own network. 13. Backup regularly and often. None of these security measures work nearly as effectively if you aren’t backing up your data regularly. Don’t rely on your employees to manually backup external hard drives and devices — that’s how accidents happen and data gets lost. To ensure all your data is stored safely, install an automatic, continuous cloud backup software with previous file version retention lengths of 60 days or more. This type of backup program will update your backup as changes are made to ensure nothing is ever lost or deleted, and it’s the only safety net your business has when a cryptovirus strikes. Viruses can be sneaky and may go undetected for months if you’re
- 7. not diligent in monitoring recently changed files. Because of this, an online backup plan that retains your previous file versions for 60 days or more is the only true data recovery solution your organization has against ransomware. A good backup provider will send you backup reports to show you which files were recently changed, and therefore backed up. When your backup report looks suspicious (more files being changed/backed up than usual), it’s often the first indicator that you have a virus. Pay attention to these reports so you don’t miss this early virus detection notice. if you do notice suspicious activity, you’ll be able to recover the data you need by restoring previous file versions. Additionally, you want to make sure your data is secure at all times, even when moving across networks and to other devices, and isn’t readable to unauthorized users. To effectively protect data from the inside out, ensure your enterprise data protection strategy includes end-to-end encryption across all databases, applications, networks, and endpoint devices. Choosing the Perfect Cloud Backup Solution Between public, private, and hybrid cloud storage, it’s difficult to determine which type is the best fit for your business. The terminology is similar and the differences can blend into a murky mess to anyone without at least a little IT knowledge. But in order to choose the right cloud solution for your business, you need to know what distinguishes each of these three cloud computing resources. Public cloud storage The public cloud is likely the cloud computing option you’re most familiar with. Public clouds are owned and operated by a cloud service provider who is responsible for hosting, managing and maintaining the network. The provider sells cloud space to
- 8. companies or individuals who subscribe. While companies share the infrastructure of a public cloud, they’re only granted access to their own data. Public clouds are often cost-effective, scalable and provide access to the newest technologies. This makes public cloud storage the right choice for small businesses who can’t afford to build and maintain their own internal data center with a full-time staff but still wants a full-service cloud backup and recovery option at their fingertips. Since any company or individual can subscribe to a public cloud storage or backup service to hold copies of their data, security and privacy concerns have been associated with public cloud storage. However, these concerns are often unfounded -- especially if you’ve done an adequate amount of research on the provider you’re considering subscribing to. Many public cloud service providers for small businesses make security and privacy their top considerations by building and maintaining their data centers according to the highest industry standards and by providing software security features, like end-to-end encryption, to keep data safe. Some other hallmarks of a secure cloud backup provider include: • End-to-end encryption rendering data unreadable even during transit to the cloud • Either 256-bit AES encryption, Twofish, or Triple DES encryption — all commonly used by governments, financial institutions and other trusted internet service providers worldwide • Data centers protected with multiple levels of access control (alarms, video surveillance, armed guards, and more) • Data centers equipped with uninterruptible power supplies, redundant cooling and multiple redundant gigabit internet connections -- keeping data available when you need it, without downtime • An annual SSAE 16 Type 2 audit of its data centers Private cloud storage Large enterprises with access to heavy duty IT and an extreme need for strict privacy often opt for private cloud storage. The private cloud is just like it sounds. It’s a data center built specifically for a single business to host and manage data internally and
- 9. privately. This cloud resource is not shared by any other companies or individuals and is typically located on-site. The on-site nature of a private cloud can contribute to data loss risks. With all data stored in one location, an on-site threat, such as theft or natural disaster, can jeopardize the safety and recoverability of all the data held there. The level of maintenance required makes the private cloud the most expensive cloud option for businesses, as they require an in-house IT team, equipment, and housing. However, the additional expense does afford tighter privacy to the companies who are willing to build and maintain them with the latest upgrades. This often makes it the preferred cloud storage option for big businesses with a budget set aside for IT. Hybrid cloud storage One of the most misunderstood cloud computing options, hybrid cloud storage is a combination of both public and private cloud storage. By combining public and private resources, hybrid cloud storage offers security and flexibility to businesses at moderate cost. Hybrid clouds are beneficial to businesses that handle a mix of sensitive and nonsensitive data, and also have the sizeable budget required to develop and maintain their own internal network. A true hybrid cloud is one in which the private and public clouds work and are deployed together, often via an API. It’s often the service of choice for businesses with privacy concerns driven by highly sensitive data like healthcare, legal and financial information, because of the protection offered by the private cloud component. However, the hybrid cloud is often chosen by these businesses because of a lack of understanding as to the privacy standards upheld by public cloud storage services. In a secure public cloud, deployed by experienced cloud service providers, any data stored by an organization will not be viewable by any unauthorized parties. This makes the public cloud the perfect, affordable, scalable, and secure option for businesses. An ideal public cloud service provider will value privacy and security. To find a public cloud service provider that offers the security of the private cloud with the affordability and scalability of the public cloud, explore the cloud backup solutions offered at Nordic
- 10. Backup. With plans suited for a range of small business and enterprise-level cloud storage, backup and recovery solutions, your business will find the solution it needs to safely store and maintain even the most sensitive of data. Getting Your Data Recovery Plans in Order It’s easy to brush off the need for having a disaster recovery and business continuity plan. The likelihood of a disaster happening to your business can be written off as unlikely, or even next to impossible. But what if the impossible did happen to your business? How long could your company and its customers go without access to your data? How many days could your business survive being out of operation until the road to financial recovery would become too steep? How many customers could you afford to lose in the aftermath due to inadequate communication, or a public relations fall-out? Just because you think the potential for disaster is minimal doesn’t mean a disaster could never happen to your business. That’s the kind of thinking that makes businesses go under, even when a relatively small mishap occurs. With that being
- 11. said, here are some recommendations for building your disaster recovery and business continuity plans: 1. Get cyber insurance - After factoring in direct damages and aftermath disruptions, cyber attacks cost businesses as much as $400 billion a year. With the high costs your business could face in the event of a disaster, you should have an insurance policy that includes cyber attack coverage so that your business won’t drown under the financial pressure. While there is an expense to purchase cyber insurance for your business, it’s often just a fraction of what you’d lose if your company were to face a cyber attack with no insurance. Cyber insurance plans can also keep your company covered under a variety of other first and third party expenses ranging from expenses incurred during downtime to providing credit card monitoring for your customers and more. 2. Focus on redundancy - No matter how your data is lost -- whether due to natural disaster, virus, or any other human, physical, or online threat, you’ll need a way to reinstate the data you’ve lost in order to get back to business as usual as quickly as possible. This means your company’s data cannot live in one place. If your network goes down, or important data is lost, you’ll need to have multiple retrieval options in place to get it back quickly. To do this, you’ll need to have backups that are available both on and offline. Storing your backups in physical devices at your location is not enough. If those devices become damaged or stolen, your backup plan will crumble along with them. That’s why it’s critical to have a cloud backup of your most important data in place as well. If a disaster strikes your local devices, you’ll still be able to retrieve the information you need and restore it to a new or repaired device from the cloud.
- 12. 3. Have adequate data recovery solutions in place - Having a reliable cloud backup in place is a start, but it’s what’s included in your cloud backup that will be the difference between a quick or sluggish recovery. A simple cloud storage solution, like Dropbox, won’t be comprehensive enough to restore the data your company needs to run. If you’re using a simple cloud storage or file syncing solution, your data can fall through the cracks due to inadequate version history lengths. Imagine this: you get a cryptolocker virus that encrypts your data, rendering it unreadable. You don’t realize this until after your 30 day version history window and are now unable to recover unchanged, uncorrupted versions of those files. This is just one of the many scenarios that make an enterprise cloud backup solution with unlimited previous file versions critical to the recovery of your data. For businesses with more complex data structures, a server grade cloud backup solution can be used to backup and restore servers, databases, and more, exactly as they’re intended. This is where a fully managed recovery and hosting service pre-emptively virtualizes your servers so that there is no waiting before you can use your cloud backup server and eliminate downtime. 5. Be prepared to report - Whether purposeful or not, many cyber attacks go unreported. Many companies fear cyber attacks will damage their reputations and others simply aren’t aware of attacks, or don’t know how to properly report them. However, not reporting a hack or breach can negatively impact your revenues, customer retention and more. It’s imperative to notify the appropriate agencies (and your customers if their data is involved). Make sure your disaster recovery plan includes a list of personnel to contact in the event of a disaster, along with procedures for whom should be contacted for each scenario. Start by familiarizing yourself with the Security Breach Notification Laws in your state. 6. Compare your plan to DR/BCP standards - Speaking of regulated industries -- if you’re in one, your business may be required to shape your DR and BCPs according to ISO Standard 22301 as a demonstration of compliance with regulatory requirements. Before you decide to plan your own policies, make sure you’re in the clear to do so. Even if your business exists outside of regulatory requirements, your organization can still receive accredited certification by following these standards. The benefit of this is the ability to demonstrate to legislators, regulators, customers, and prospective customers that you’re adhering to good practices. Alternately, you can use these standards internally by measuring your plans against them.
- 13. Key Takeaways You can start better protecting your company and all of its data assets by patching these holes in your business continuity and disaster recovery plans, reducing the likelihood of threats and choosing the best cloud backup solution for your business. One of the best (and easiest) places to start is by investing in a secure cloud backup solution that will give you the data recovery and general data bulletproofing abilities you need to overcome any data disaster, from viruses to human error, data breach and more. For a small business cloud backup solution with the unlimited versioning history you need to recover and restore any file version, try a small business cloud backup plan with Nordic Backup. For server virtualization options to reinstate your entire system without downtime, a server cloud backup solution will provide you with all the recovery options you need.
- 14. 888-668-0447 • support@nordic-backup.us 600 Rinehart Road Suite 3050 Lake Mary, FL 32746 About Nordic Backup Affordable plans, rapid data disaster recovery and secure online backup you can rely on — that’s the Nordic Backup promise. Many years ago, long before people started calling it “the cloud,” we had a passion for secure online storage and making our backup solutions affordable and available around the world. For more than a decade, our passion for innovation has driven us to create software solutions that not only keep pace with the changing digital space, but also do so affordably and comprehensively. As a result, we’ve created a robust line of consumer and enterprise online backup solutions, built to backup any kind of data anywhere in the world. We know that your data is critical to you. With Nordic Backup, you’ll never be without it. Visit www.nordic-backup.com to learn more.