The ransomware WannaCry has been creating a big buzz in the world of IT Security these past days. At the time of this writing, WannaCry has claimed at least 350,000 victims across 150 countries world wide. This includes businesses in Singapore such as the directory system of Tiong Bahru Plaza Mall – and even forcing Microsoft to release a new patch for their end-of life Windows XP Operating system.
With all the noise created by WannaCry, another possibly more dangerous threat has been doing its rounds, undetected, for weeks: Adylkuzz – a so called Cryptocurrency Mining Malware.
While WannaCry keeps your data hostage until you remunerate the creators with some bitcoins for their hard work, Adylkuzz secretly hides away in your computer, using your system to digitally make money.
In this age where cyber security threats seem to be the norm, the question that we have to ask is not just how we protect ourselves, but also what we are protecting.
Cyber Security is the big elephant in the room. It’s seen, it’s huge but it’s often not addressed. How come something so important is so difficult to tackle? IT Security has many facets. One part requires you to have the correct tools and hardware in place – be it a properly configured firewall or a fully patched Antivirus system, where another is all about user awareness training. Tackling Cyber Security is an enormous topic and can be heavy to digest. But same as the joke on how to eat an elephant, we should try to approach the topic of cyber security the same way: one bite at a time.
Prevention and Recovery
I believe there are two main areas to address when it comes to Cyber Security. The first is “Prevention”. It’s proactive. It’s protection. It means having the right infrastructure and right processes in place. It means having each and every user trained on possible cyber threats, so they know what practices to follow and how to spot potential threats.
The second area we unfortunately – but importantly – have to contend with, is “Recovery”.
What happens if dirt* hits the fan? (*a good mentor of mine has certainly been using a different word)
What do we do if we are compromised?
What is our BCP (Business Continuity Plan)?
What is our DRP (Disaster Recovery Plan)?
The above are all good questions. And one of the first, most crucial steps we can take to protect ourselves from cyber security threats, is to have a proper backup in place for the data that matters most.
The first bite: Backups
Business disruption due to IT equipment failure can cost a company thousands of dollars – in some cases even millions -, but having sensitive data lost, non-recoverable, can potentially force a business to close its doors. And this is especially tragic news because the reality is, having a proper backup in place neither has to be complicated nor expensive.
So the question is, what do we have to do in order to be able to sleep soundly at night, knowing that our data is safe? Losing data due to outdated backup practices is painful, but luckily, it’s also one of the easiest things that can be prevented in terms of IT Security. And this is what we’ll be discussing in one of our next blog posts.
We’ll be examining backup best practices and sharing some tips you may find useful when evaluating new backup systems, or simply want to change your approach on managing backups.
And if you are keen to find out more about eVantage Technology’s answer to address backup in the form of our Managed Backup Service, or would like to discuss IT security strategies with our experts, simply click the green button below:
Talk to you soon, and stay safe!