Is your Data Protection Plan able to cope with the newest threats?
Published On: December 9, 2020 |
Data is the lifeblood of any business today. In many cases, this will be the most important asset you possess. Without it, you’ll be unable to accomplish essential day-to-day tasks, so the consequences of any data loss incident can be severe, whether this is a deliberate breach or an accidental loss or exposure.
When people think of data protection, their top priority may be defending their mission-critical data from loss or theft. This can be highly costly for business from both a financial and reputational point of view. Whether it’s a laptop containing sensitive personal details being left on a train or a hacker gaining access to a critical database.
However, this is just a small part of an effective data protection strategy, as it’s not just the theft of data that you need to guard yourself from. In fact, one of the most popular types of attacks aimed at these resources never even attempts to extract useful information. Instead, it simply looks to prevent you from accessing key files unless you pay up.
Guarding against ransomware
This is known as ransomware, and it works by encrypting key files on your network. This could be critical documents such as customer information, or system files like Master Boot Records that can prevent devices from even starting up. But whatever they target, the end result will be that your employees will be completely unable to do their job unless you pay the hackers in exchange for the decryption key.
Ransomware is one of the fastest-growing trends in the sector. According to Bitdefender, there has been a seven-fold increase in the number of ransomware attacks in the first half of 2020 compared with the previous year – and it’s not just large enterprises that are at risk.
Often, these attacks are specifically targeted at small firms and public sector organisations that may not have the resources to adequately defend against such threats – and who may feel they have no choice but to pay up, whereas larger companies may be more likely to have contingencies in place.
The NHS has been one of the highest-profile victims of ransomware with the 2017 WannaCry attack, but the National Cyber Security Centre recently issued an alert warning that the education sector – including schools, universities and other institutions – is being increasingly targeted by these attacks.
Even the best perimeter defence systems can’t provide a 100 per cent guarantee that threats will be blocked, and it may only take one employee carelessly opening a malware-filled email for ransomware to find its way onto a system.
If this does happen, there’s often very little businesses can do to recover their files without the key. In some cases, ransomware makers have had their decryption tools published, but if you’re infected by a variant that hasn’t, you may well be out of luck.
Therefore, should you fall victim to any threat that compromises access to your data – whether its ransomware, hardware failure or anything else, an effective backup and recovery system is a must.
As well as being completely separated from the main network, to ensure it isn’t compromised by the same issues, these solutions need to be regularly updated to ensure any data lost between the last backup and an incident occurring is minimal, and be able to respond quickly. The longer it takes you to get a backup running, the more costly this will be.
Therefore, it pays to have an IT Security solution that can be easily managed from a central location and takes advantage of the latest tools and technology, such as the cloud.
With over 20 years in the business telecoms industry and an unrivalled reputation of delivering excellent, personal customer service, Arrow is one of very few companies in the UK able to provide a full telecoms, IT and energy consultancy and service proposition.
Savings through automation, scale, improved service. We’ve got that covered. But the true value comes with empathy, through empowerment, collaboration. It’s connecting people that drives us forward. It’s people that make tomorrow happen.
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
The technical storage or access that is used exclusively for statistical purposes.The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.