Posted on Author rmaximum Categories Cloud, Risk Management

How the pandemic changed backup

The Covid-19 pandemic forced big changes in how people work – we look at impacts on backup, including increased reliance on the cloud, plus security and compliance vulnerabilities and ransomware

Remote working is now a permanent arrangement for a growing number of businesses after the Covid-19 pandemic pushed organizations of all sizes to move to home working on a wide scale in a very short timeframe.

The impact on all areas of IT has been huge, but arguably it is most acute in backup and data protection.

And the shift to remote working is no longer viewed as a temporary measure for dealing with public health restrictions. Management consulting firm McKinsey believes more than 20% of the workforce can operate as effectively from home as they would in the office. If employers allow it, it says four times as many people could work from home than in 2019.

The impact of home working on IT systems is well documented. Businesses have had to invest in laptops and tablets, and even printers, for remote staff. They have also had to re-engineer networks and applications to allow remote access on a large scale.

Meanwhile, the move to remote working has forced organisations to revisit their data protection and backup strategies.

Protected by being remote?

From a business continuity perspective, an organisation with a highly distributed workforce can be more resilient than one where the majority of employees are office-based. The obvious difference is that there is no need to invoke physical disaster recovery (DR) planning, such as moving to emergency office space. As long as datacentre or cloud-based applications remain accessible, work carries on.

But taking work off-premise forces changes to backup and recovery. Are backup systems configured to run on remote devices? And do employees have enough bandwidth to run backup tools?

At the start of the pandemic, organisations found the bandwidth of their virtual private network (VPN) under stress, so they had to invest in improving capacity. Anecdotally, supporting technologies such as backup was viewed as less critical than line-of-business applications.

“For remote workers, all of a sudden their home became their office. They may not even have had a desk for their laptop. These effects created a domino effect of networking, security and data protection consequences,” says Christophe Bertrand, a senior analyst at ESG.

But although some organisations opted for local solutions for their backup needs – including USB sticks, hard drives or even employee-purchased online storage – Bertrand believes that Covid-19 has accelerated existing trends towards cloud backup and reliance on online office suites and software as a service (SaaS).

Applications such as Microsoft Office 365 became much more important during the pandemic,” says Bertrand.

Five areas where the pandemic impacted backup

1. Local backups, and data compliance

Asking users to back up data locally to removable media is rarely an IT team’s first choice, but during the pandemic, especially the first few weeks, it might have been the only option.

Not all network-based endpoint backup tools supported remote users, and those that did had to contend with limited bandwidth and rising demand for VPN access from other applications.

Supplier support for remote users has improved over the past year, so IT leaders should check the features offered in their backup software. They should also check licensing, to ensure their endpoints are covered.

Once employees have moved to a secure, remote backup system, they should securely erase local backups to prevent a backup solution becoming a data compliance problem.

2. Protecting SaaS applications

Software-as-a-service is one of the technologies that really helped organisations adapt to pandemic working. And backups for SaaS applications are becoming more important – Gartner says it accounts for a growing number of client enquiries.

“In the past two years, infrastructure and operations leaders have begun to include SaaS applications such as Microsoft Office 365, Google Workspace (formerly G Suite) and Salesforce as a part of their backup strategy,” says Gartner senior research director Santhosh Rao.

Although users might assume “cloud” applications automatically back up their data, this is not the case. But suppliers are developing specific backup tools for SaaS, with Office 365 the best supported.

Google Workspace and Salesforce backups are still “largely a work in progress,” notes Rao, but the pandemic has prompted suppliers to invest there too.

3. Backing up to the cloud – and cloud-to-cloud backup

Backing up user data to the cloud bypasses the limitations of corporate VPNs and avoids the data protection pitfalls of remote workers’ local backups.

According to StorageCraft, part of Arcserve, 61% of UK IT decision-makers have increased their use of cloud backup services since the start of the pandemic. Another 28% say they rely increasingly on cloud services for data recovery.

The pandemic has undoubtedly forced CIOs’ hands in the face of technical and compliance concerns. Backing up users’ devices directly to the cloud should be more reliable, easier for employees and, with the right controls, compliant with data protection regulations. The option to back up to private cloud instances provides further assurance.

But organisations are also looking at cloud-to-cloud backup. More on-premise suppliers now support backups for infrastructure as a service (IaaS) and platform as a service (PaaS), including cloud-native workloads and virtual machines, according to Gartner.

With the pandemic shifting more critical applications from the datacentre to the cloud, ensuring they are fully backed up is vital. As Gartner’s Rao points out, this should also include containerised workloads.

Backing up to the cloud also helps deal with another pandemic impact – IT staff no longer need to physically access the datacentre to manage storage.

4. Centralised backup management

The pandemic, and the move to a more fluid and hybrid IT model, has increased workloads for IT teams. As a result, they need centralised tools that can protect data, regardless of location.

This includes backing up user data directly to the public cloud and tiering data to the cloud.

According to Gartner’s Rao, most backup providers now support this. Using services such as Amazon S3 and Azure Blob storage, as well as their long-term storage equivalents Glacier and Azure Archive Blob, can help businesses reduce storage costs.

5. Ransomware

Ransomware attacks have been another unfortunate feature of the pandemic that has affected enterprise backup strategies.

According to one research report, from IT security company Bitdefender, ransomware increased by 485% in 2020. Covid-related phishing campaigns, and attacks on the pharmaceutical and health sectors, account for a large part of the rise.

But any organisation can be targeted by ransomware. As a result, CIOs and CISOs are looking again at “immutable” storage, including tape and Worm-type devices. Meanwhile, backup providers are developing ransomware detection, immutable snapshots – potentially in the cloud – and “clean copy” recovery techniques to allow organisations to recover their data safely.

Security experts warn that ransomware will continue to be a threat, even when the pandemic is under control.

We provide full cycle of backup in the cloud, as well as local and remote location backup solutions.

Read More
0
Posted on Author rmaximum Categories Cyber Security, Infrastructure

Highlighting the Value of an Integrated Security Platform

As organizations strive to modernize their networks, the latter will continue to expand and become increasingly complex. This will lead to a deeper fragmentation of traditional edges, like the data center, wide area network (WAN), and local area network (LAN). As a result of this fragmentation, partners may find it difficult to secure their customers’ networks, which now include new unique edges. 

Identifying New Challenges Impacting Networks

Even as they work from home, remote employees require the same level of access, speed, customization, and performance as their in-office peers. However, to secure these networks, organizations often turn to point solutions designed to cover only a particular network segment. This fact was underscored in a 2020 IBM survey, which found that organizations deploy approximately 45 different solutions on average, with most requiring coordination across 19 security tools. 

With IT staff already overwhelmed with monitoring, this disaggregation can create security gaps that cyber criminals use to gain unauthorized access, steal or corrupt data and systems, or even disrupt the economy. 

Converging Crucial Elements in An Integrated Security Platform

Establishing a flexible and adaptive network that connects in-person and remote workers is challenging. Similarly, managing security in a continuously evolving threat landscape becomes increasingly difficult, especially for organizations using legacy solutions and strategies. 

Partners can help their customers address these issues by working with them to implement a security-driven networking strategy. Converging networking and security breaks down silos and encourages collaboration across the network; when networking and security are integrated into the IT infrastructure, the organization can take various crucial factors into account, including the network, endpoints and devices, and the cloud and applications. Further, security can take key networking functions into account, enabling them to more appropriately adapt configurations, policies, and programs for more consistent protection. 

Today’s organizations need solutions that offer coverage across the ever-expanding attack surface. Understanding the components of the cyber kill chain is critical to maintaining a strong defense. This includes the following steps:

  • Reconnaissance
  • Weaponization
  • Delivery
  • Exploitation
  • Installation
  • Command and control
  • Action objectives

Customers rely on their partners to help them evaluate these factors across their digital attack surface so that they can thwart the cyber kill chain at any given point, in any location within the network. Therefore, partners must not only understand these factors themselves, but also know what it takes to address them. 

Using a Broad, Integrated, and Automated Security Platform

To address changes within their network environments, many organizations turn to integrated tools or platforms. Despite this demand, historically, the cybersecurity industry has failed to deliver the advanced solutions that could keep pace with continuous network changes. Instead of providing a comprehensive and integrated solution, many vendors have delivered security for a specific piece of a business’s network. 

With the right platform, however, customers can effectively deploy and manage security solutions. Because of this, security teams should consider a broad platform that can help improve performance and deliver automation that meets the advanced needs of today’s businesses. 

Additionally, partners can help customers ensure consistent security and performance spanning from edge to edge with comprehensive, deeply integrated solutions. They can also facilitate integration throughout their customers’ IT infrastructure by deploying a robust solution built on a common foundation that converges networking and security. This way, security teams can keep pace with shifts between the two, offering comprehensive visibility across the entire IT infrastructure, including hybrid hardware and software deployments. Security solutions that consider the various connected systems deployed across the network can more efficiently identify potential threats, share threat intelligence, and coordinate a unified and appropriate response. 

With increasingly sophisticated cyberattacks that happen at machine-level speeds, artificial intelligence (AI) and machine learning (ML) are more important than ever. Humans alone cannot respond quickly and effectively enough. Organizations embracing digital transformation of business processes need to embrace the digital transformation of security systems, as well. These types of security systems, often built into integrated platforms, provide real-time identification, analysis, and threat responses that eliminate security gaps and embrace dynamic changes. 

Short- and Long-Term Success with the Right Security Platform

Although more organizations are embracing a platform approach, many platforms still focus on a single security element. Businesses should consider whether the platform solution they look to implement truly offers end-to-end protection across the entire IT infrastructure, including across the network, endpoints, and cloud. 

Partners can enable coordination across their customers’ entire suite of security technologies with a platform approach that converges networking and security built on a common foundation. A unified, centralized source of threat intelligence enables a more collaborative response to emerging threats, making it easier for security teams to mitigate network security gaps and improve overall response protocols. 

Modern business requires advanced, modern solutions that flexibly respond to changes. The right platform should continuously adapt to the digital threat landscape and digital attack surface changes facing the organization. With a broad, integrated security platform, partners can more easily maintain and even improve their customers’ cyber health, enabling them to take advantage of digital innovation without compromising security. 

We strive to build network and security integrated service for our customers.

Read More
0
Posted on Author rmaximum Categories Uncategorized

As Cyberthreats Mount, Internal Audit Can Help Play Defense

Bolstered by technology expansion, a surge in data growth, evolving business models and motivated attackers, the threat from cyberattacks is significant and continuously evolving. One estimate suggests that cybercrime could cost businesses more than $2 trillion by 2019, nearly four times the estimated 2015 expense.* In response to the increasing threat, many audit committees and boards have set an expectation for internal audit to perform an independent and objective assessment of the organization’s capabilities of managing the associated risks. A first step in meeting this expectation is for internal audit to conduct a cyber risk assessment and distill the findings into a concise report for the audit committee and board, which can provide the basis for a risk-based, multiyear internal audit plan to help manage cyber risks.

“The forces driving business growth and efficiency are also opening pathways to cyber assaults,” says Michael Juergens, an Advisory managing principal at Deloitte & Touche LLP. “Internet, cloud, mobile and social technologies—now mainstream—are platforms inherently oriented for sharing. At the same time, outsourcing, contracting and remote workforces are shifting operational control,” he adds.

Many organizations are addressing cyberthreats with multiple lines of defense. For example, business units and the information technology (IT) function at many organizations integrate cyber risk management into day-to-day decision-making and operations, which comprises an organization’s first line of defense. Making up a second line of defense are information and technology risk management leaders who develop governance and oversight protocols, monitor security operations and take action as needed, often under the direction of the chief information security officer (CISO).

“Increasingly, many companies are recognizing the compelling need for a third line of cyber defense—independent review of security measures and performance by the internal audit function,” says Sandy Pundmann, an Advisory managing partner at Deloitte & Touche LLP. “Internal audit should play an integral role in assessing and identifying opportunities to strengthen enterprise security. Advising stakeholders on trends and leading practices in cyber and other areas is a growing expectation for internal audit leaders,” she adds.

At the same time, internal audit has a duty to inform the audit committee and board that the controls for which they are responsible are in place and functioning correctly—a growing concern across boardrooms as directors face potential legal and financial liabilities. Since many organizations have cyber readiness initiatives still in flight, some internal audit departments have elected to defer audit procedures until these projects are completed. While this may allow for a deeper level review, deferring cyber assurance procedures may not be the right answer.

Cyber Risk Assessment Framework

Many internal audit functions have developed and tested procedures for evaluating components of the organization’s preparedness for cyberthreats. These targeted audits, such as attack and penetration procedures, are valuable, but do not provide assurance across the spectrum of cyber risks. To provide a comprehensive view of an organization’s ability to be secure, vigilant and resilient in the face of cyber risks, internal audit should consider taking a broad programmatic approach to cyber assurance and not perform only targeted audits, which could provide a false sense of security.

 

In assessing cyber readiness, internal audit can benefit from understanding the capabilities across a number of domains, how they are addressed today and gaps that may exist within the organization. Several factors are noteworthy as internal audit professionals conduct a cyber readiness assessment:

—It is vital to involve people with the necessary experience and skills. Internal audit has the know-how to conduct assessments. However, understanding whether the IT department or the CISO is doing an effective job of threat modeling can require subject matter specialists who ask effective questions to help evaluate the strength of modeling exercises. A technology-oriented audit professional versed in the cyber world can be an indispensable resource.

—It is important to evaluate the full cyber readiness framework, rather than cherry pick items. This evaluation involves understanding multiple plan components, including the current state of readiness against framework characteristics, where the organization is moving with respect to improving its cyber preparedness plan, and the minimum expected practices across the industry or business sector.

—The initial assessment should be a broad evaluation. The first assessment is not intended to be an exhaustive analysis requiring extensive testing. Instead, it should drive additional risk-based, deep-dive reviews of the organization’s preparedness against cyberattack.

Maturity Analysis

Some organizations may prefer to use a maturity analysis approach, rather than a risk assessment strategy. “A maturity analysis can provide additional value to management and boards by providing a quick visual reference that provides clear cues about areas they may want to explore further,” says Mr. Juergens.

The five maturity stages—initial, managed, defined, predictable and optimized—reflect the progress the organization has made in maintaining security capabilities to help mitigate cyberthreats and achieve its desired maturity level. In a visual representation (click on “full” image link below), dotted lines indicate the level of maturity an organization is targeting, potentially identified in a remediation roadmap.

“In practice, the board would agree on the desired maturity level upon completion of the remediation work, at which point internal audit would test once again and come back to the board to confirm the targeted level has been achieved,” notes Ms. Pundmann.

In addition, a separate assessment scorecard would support the maturity evaluation, highlighting in detail the cyber risks surrounding people, process and technology. For the analysis to be effective, findings should be documented and recommendations made for closing identified gaps.

In some cases, a cyber risk assessment can also be structured to generate a list of gaps and provide the organization with a roadmap for short- and long-term remediation activities.

Building the Foundation for Ongoing Assessment

The cyber-risk assessment underpins both the maturity analysis provided to the audit committee and board, and the development of a risk-based, multiyear internal audit plan for cybersecurity. The multiyear plan can be developed through the results of the assessment, with some audits occurring at a higher frequency than others based upon urgency and consideration of other testing and assessment activities underway in the organization.

It is important to remember that the internal audit approach to cyber assurance is not set in stone. Adjustments can be made based on the emergence of new risks, changes in the relative intensity and importance of existing threats, and other organizational developments.

“Internal audit has a critical role in helping organizations in the ongoing battle of managing cyberthreats, both by providing an independent assessment of existing and needed controls, and by helping the audit committee and board address the diverse risks of a technology-driven world,” says Mr. Juergens.

We are experts in IT audits with rich experience in enterprise market. Please contact us for details.

 

Read More
0