There is always the threat that losing your company’s data will bring your business to a close. Not only is the cyberattack landscape increasing in frequency, scale and complexity but the cost of trying to recover from an attack is growing astronomically as well. A recent IBM Security and Ponemon Institute global study showed the average total cost of a data breach, which includes what an organisation spends on the discovery of and the immediate response to one breach, is US$3.62 million. And then there is the high cost of gaining back customers’ trust, which is impossible to quantify and, in some cases, to recover from.
Here are some of the ways you can protect your data and ensure that you’ve covered all your data protection bases.
- Is where you store and back up your data physically separate and secure?
While it’s not considered best practice, some businesses may still be keeping their primary data and data backup sites near each other/in the same vicinity. Under these circumstances, natural disasters such as hurricanes, earthquakes and tornadoes could easily take out both locations within minutes. Many companies are seeing this as a crack in their data protection armour. To remedy this, they are turning to distributed colocation data centre providers that enable them to replicate their data security infrastructures in geographies that are states away, rather than streets away, from their primary data centres.
Finding a colocation data centre platform that has a number of geographic locations and also has critical physical protections, such as full UPS power, back-up systems, N+1 (or greater) redundancy and a proven, industry-leading uptime record (>99.9999%), is something you need to consider as part of your data backup and recovery strategy. For example, Platform Equinix spans 200 facilities in more than 52 global metro locations, to replicate their data in a more distributed, secure and reliable fashion.
- Is your ability to access and share data really private?
Companies drawn to the public Internet’s easy and low-cost accessibility have been heavily relying on it to move data and make that data more accessible to its users. But that doesn’t happen without businesses incurring a huge amount of risk. According the latest Symantec Internet Security Threat Report, new digital technologies and transactions that rely on the public Internet have created a whole new cyberattack entryway into many organisations. For example, in 2017, there was a 600% increase in overall Internet of Things (IoT) attacks, where hackers gained access to critical information via connected devices. Also, software supply chain attacks increased 200% – one every month in 2017 as compared to four attacks annually in years prior.
With this increasing level of frequency in digital cyberattacks over the public internet, companies need to seriously consider how they are moving their most critical and sensitive data around and if the data exchange points they have established are really safe. A private way to exchange your valuable digital assets and ensure that no one outside of authorised users has access to them is required.
This requires direct and secure interconnection that bypasses the public internet and enables security control points and guardrails against any possible cyberattacks.
Additionally, proximate, private connectivity to multiple cloud ecosystems ensures high performance and low latency when performing replication, backup and recovery operations. This reduces the time it takes to do these operations and mitigates the risks involved in carrying large amounts of data over long-haul, multiple-hop networks.
- Is your data being protected in multiple clouds?
Though confidence in public cloud security is generally increasing, there are still vulnerabilities that businesses cannot ignore. For example, according to the Ponemon Institute, almost 40% of cloud data at rest is unprotected by encryption, identity keys or any other data protection method.
This is why leveraging data encryption and identity key management platforms for multiple clouds is so vital to an enterprise’s data protection plans. As multiclouds are increasingly being recommended and used for data replication and backup and recovery services, hardware security module (HSM) capabilities need to match the cloud’s elasticity and scalability, while still ensuring the high-performance key storage, encryption and tokenisation required to only allow access to authorised users.
By including geographically distributed locations, direct and secure interconnection and multicloud HSM-as-a-Service solutions in your data backup and recovery plans, you’ll have a more comprehensive and integrated business continuity and disaster recovery solution.