As managed IT service providers, we hear a lot of questions and concerns about data security – and rightfully so. Data security is critical to business operations, but many business owners overlook this potentially dangerous facet of their business. What happens if your security is breached? What if disaster strikes and you can’t access important data? How much will it cost your business to be out of service for an hour, half a day, or 24 hours?
If these questions raised red flags, don’t panic. You’re not alone, and Compudyne is here to help. Below are some of the most frequently asked questions we hear regarding business IT security, and some next steps you can take to protect your business.
So, what are we protecting against, exactly?
Various events can lead to an interruption in your IT environment, from natural disasters to exfiltration of your systems. If your systems are physically damaged and unusable, the offsite backup solution will make you whole again once new hardware is installed. Better yet, use a provider that can spin up your systems offsite, OS and all. Ransomware is perhaps the greatest risk today, even if you have a layered security solution. With this type of threat, it’s generally not IF but WHEN you’re impacted, and one of the best ways to protect against ransomware is by having an offsite backup.
While I’m writing this, we’re seeing another large-scale, global ransomware attack unfold. It cannot be stressed enough that every company should implement and maintain patch management, backups, disaster recovery and incident response procedures to protect from ransomware threats.
When should I test our backup?
Answer: Not when you need it. If you regularly test your backup solution, you’re better than most CIOs that only know there’s a problem when it’s too late. Various solutions can provide soft-testing and reporting on the integrity of your backup, to ensure it will work when you most need it. Better yet, get a monitored solution that kicks off alarms when the job fails. It’s not a set-it and forget-it type of thing.
What does a restore look like?
Depending on the event, a restore can be extremely easy and fast with the right solution. You want to understand what a restore looks like, from file or object restores to bare-metal restores. You want to know that you can restore to multiple and dissimilar hardware. Your solutions provider should be able to walk you through what to expect in a restore and provide assurance that there won’t be surprise costs or unnecessary delays. In fact, that should be written in the agreement, so you know your rights. By the way, a good provider does the restore as a part of the monthly service cost.
What are my next steps?
Businesses should review the Service-Level-Agreement and the provider’s ability to deliver support for the solution. They should request details on monitoring and alerting, recovery methods and timeframes and compliance for regulated industries. They should know where their data backups are physically located and if they’re encrypted/encapsulated, and what happens to their data backups if the service is terminated. They should understand their compliance requirements and be sure the solution meets/exceeds those requirements.
What can I do to protect my systems today?
- Ensure your systems are patched, or let us patch them for you, and please don’t use an unsupported version of XP, Windows 8 or Windows Server 2003.
- Back up regularly or let us back up your data and keep a recent backup copy off-site. There are dozens of ways other than ransomware that files can suddenly vanish, such as fire, flood, theft, a dropped laptop, or even an accidental delete. Encrypt your backup and you won’t have to worry about the backup device falling into the wrong hands.
- Avoid opening attachments in emails from recipients you don’t know, even if you work in HR or the accounting department and you use attachments a lot.
- Contact us today to ensure you are properly prepared and have taken the steps necessary to deploy a layered security approach to meet your IT security needs.
Protecting your data is critical to business operations and backup solutions can be tailored to your specific needs – contact Compudyne today to find the right solution for your business.