Your current disaster recovery plan is inadequate!
Yes, you read that right. I just made a grand, sweeping and all-encompassing statement, without knowing anything about your current plans, environment or strategy. That’s because in the time it’s taken you to read this, there have been hundreds of new threats developed and, one day, one of them will have an impact on you and your company.
Apologies for that Orwellian 1st paragraph, but despite the copious amounts of Kool-Aid generated by the charlatans and shysters which are resident in most marketing departments, the unfortunate reality is that no suite of security solutions will ever provide 100% security against threats which are being developed at a rate Heathrow’s 3rd runway can only dream of.
At NVT Group, we want to move the conversation forward, away from disaster recovery and onto the strengthening of systems supporting threat mitigation.
Let’s introduce the idea of a data protection “house”. Every house has a roof and that roof should shelter us from unwanted storms. In order to have a roof, you need to have a solid supporting structure, the first of our 4 “bricks” is what we call bolstering.
Imagine if one – or all – of the very systems that you rely on in a recovery situation were compromised. You would, for all intents and purposes, be out of commission. So how do you effectively harden, or fortify your backup environment and what components should be considered as needing bolstered?
Well, let’s consider four areas that we believe are critical to this strengthening, as well as questions you might ask yourself about your current data management and data protection systems to see if you are adequately fortified:
- System control hardening: Do your data management system(s) have built-in controls that enable hardened security models (e.g., strengthened authentication, granular and role-based security?)
- Site(s) hardening: Can your systems be configured in a way to minimise and contain the spread of a malicious attack at a site or location level? Are your recovery systems separate or run outside of your production systems?
- Storage layer hardening: Can you lock down your secondary storage systems and identify when something outside of your data protection services is attempting to access and potentially write foreign data? Can you use AI and MI to enhance this?
- Network Hardening: Can your systems provide you with encryption schemes that secure your data, as well as the ability to create air gaps, so that unwanted access to the systems are prevented?
If you answered “no,” or even “maybe,” to any of these questions, then you could be leaving your backup and recovery systems exposed. And as I spoke about earlier, if they are exposed – even just one of the elements – it could mean the difference in recovering, or not recovering, from a system-wide event.
This post is not meant to be doom and gloom, so please don’t consider NVT to be the Juliet to your Romeo. Rather, it’s a Star Warsian message of hope – a new hope, if you will. (If this blog achieves nothing else it will make Star Warsian a recognised adjective.)
All of the questions and points considered are elements integrated into NVT Group’s Viia Backup solution. NVT has spent decades building, deploying and supporting backup systems and platforms of all shapes and sizes. We understand the intrinsic importance of data to businesses of all sizes across Scotland and the UK as a whole.
These necessary – and multi-layered – deployments are aimed at doing all they can to prevent data loss and/or downtime, but also provide a secure, reliable, bolstered strategy for the unfortunate inevitability of such an event.
That’s right, Viia is the onion of the data protection world, only it doesn’t make you cry. I promise.
I hope you enjoyed reading this blog post and that it’s given you plenty of food (not only onions) for thought. I will be sharing my thoughts on the other elements of our data protection “house” in future blogs so look out for these which will be coming soon.
In the meantime, please feel free to reach out if you would like to find out more or have an alternative point of view.
Author: Ian Preston
Business Development Manager