It’s not just the CAF that highlights the importance of good backup in achieving cyber resilience. You may have seen the latest iteration of the 10 steps to Cyber – https://www.ncsc.gov.uk/files/2021-10-steps-to-cyber-security-infographic.pdf. Step 7 is Data Security and it specifically calls out:
So how do you gain confidence your data is appropriately protected and that backups can be quickly restored in the event of an incident? A review or assessment is always a sensible place to start. A common misconception is that cloud data is protected across SaaS applications. Office 365 for example does not meet Gartner’s definition of backup. It offers limited recovery from ransomware or file corruption, which are some of the most worrisome threats. Especially in regards to ransomware, recent cautions from the NCSC warns that file sync and share services, such as OneDrive are not immune to ransomware. Not only are they not isolated from the primary data, they are also based on synchronisation technology, which can lead to the spread of ransomware.
Without a thorough data protection strategy, you’ll run the risk of exposing your organisation to data loss, breaches, and internal attacks (including accidental deletion, ransomware and malicious insiders). This can result in business continuity challenges as well as compliance and audit fines.
Saepio are advocates of managed public cloud solutions for data protection to tackle the challenges of traditional on premises backup in the light of the modern working world. With the ability to scale on-demand and simple ‘pay for use’ models, they eliminate what’s known as stranded capacity and leaves predictable ongoing costs. You also step out of the role of integrator and builder of basic infrastructure services and into one where applications and services are aligned more closely to business outcomes. And very importantly to Saepio, cloud backup solutions are security ready, with security built in, addressing regional access and compliance issues, with air gapped backups and zero trust access controls giving true data integrity.