It’s not just the CAF that highlights the importance of good backup in achieving cyber resilience. You may have seen the latest iteration of the 10 steps to Cyber – https://www.ncsc.gov.uk/files/2021-10-steps-to-cyber-security-infographic.pdf. Step 7 is Data Security and it specifically calls out:
Ensuring that immutable backup is a well implemented and consistently reviewed area of cyber resilience is key, but not always straightforward. Often teams will assume that they are covered by Microsoft’s native tooling, especially regarding ransomware. However, recent cautions from the NCSC warns that file sync and share services, such as OneDrive are not immune to ransomware. Not only are they not isolated from the primary data, they are also based on synchronisation technology, which can lead to the spread of ransomware.
Without a thorough data protection strategy, you’ run the risk of exposing your organisation to data loss, breaches, and internal attacks (including accidental deletion, ransomware and malicious insiders). This can result in business continuity challenges as well as compliance and audit fines.
Saepio are advocates of managed public cloud solutions for data protection to tackle the challenges of traditional on premises backup in the light of the modern working world.
With the ability to scale on-demand and simple ‘pay for use’ models, they eliminate what’s known as stranded capacity and leaves predictable ongoing costs. You also step out of the role of integrator and builder of basic infrastructure services and into one where applications and services are aligned more closely to business outcomes.
It is important to Saepio that cloud backup solutions are security-ready with in-built security. In this way, you’ll be addressing regional access and compliance issues with air-gapped backups and zero trust access controls, creating true data integrity. We recently held an event with our good friends at Druva and ran through how cloud backup solutions can treat the risk that’s exposed by relying purely on existing tools.
A side effect of treating these risks has considerably reduced TCO when it comes to backup, as well as how much coverage can actually be achieved through consolidation.