CIO OPINION hardware and is versatile enough to address nearly any failure scenario .
The ‘ one ’ copy in the 3-2-1 strategy has to be ultraresilient . By this , we mean air-gapped , offline or immutable . There are different forms of media which this copy of data can be stored in an ultra-resilient manner . These include tape media , immutable backups in S3 or S3-compatible object storage , airgapped and offline media or Software-as-a-Service for backup and Disaster Recovery ( DR ).
There are popular tools to assess the threat risk of phish success for an organisation such as Gophish and KnowBe4 . Combined with training to help employees identify phishing emails or link , self-assessment tools can be an effective mode of firstline defence .
that there should be at least three copies of important data , on at least two different types of media , with at least one of these copies being off-site . The best part is that this rule does not demand any particular type of
In spite of these education and implementation techniques , organisations must still be prepared to remediate a threat if introduced . At Veeam , our approach is simple . Do not pay the ransom . The only option is to restore data . Additionally , organisations need to plan their response when a threat is discovered . The first action is to contact support . Veeam customers have access to a special team with specific operations to guide them through the process of restoring data in ransomware incidents . Do not put your backups at risk as they are critical to your ability to recover .
In disasters of any type , communication becomes one of the first challenges to overcome . Have a plan for how to communicate to the right individuals out-of-band . This would include group text lists , phone numbers or other mechanisms that are commonly used to align communications across an extended team . In this contact book you also need security , incident response and identity management experts – internal or external .
There are also conversations to have around decision authority . Businesses must decide who makes the call to restore or to fail over before an incident takes place . Once a decision to restore has been made , organisations need to implement additional safety checks before putting systems back online . A decision also has to be made as to whether an entire virtual machine ( VM ) recovery is the best course of action , or if a file-level recovery makes more sense . Finally , the restoration process itself must be secure , running full anti-virus and anti-malware scans across all systems as well as forcing users to change their passwords post-recovery .
While the threat of ransomware is real , with the right preparation organisations can increase resiliency against an incident to minimise the risk of data loss , financial loss and reputational damage . A multi-layered approach is key . Educate your IT teams and employees to minimise risk and maximise prevention . However , implement solutions to ensure data is secure and backed up . Lastly , be prepared to remediate data systems through full backup and DR capabilities should your previous lines of defence fail . p
46 INTELLIGENTCIO MIDDLE EAST www . intelligentcio . com