Protect and Minimise [March 2022]
by Joe Hedegaard Ganly

Information Security Adviser

Connect with Joe Hedegaard Ganly on Linkedin Connect with Joe Hedegaard Ganly on Linkedin

Protect and Minimise

It is no surprise then when we look at Saepio, the most common concern for most of our customers is Ransomware.

The National Cyber Security Centre’s (NCSC) Cyber Assessment Framework (CAF) cites backup as a critical element to protect against cyber-attacks as well as minimise the impact of an incident with an appropriate response and recovery strategy.

It’s not just the CAF that highlights the importance of good backup in achieving cyber resilience.  You may have seen the latest iteration of the 10 steps to Cyber – https://www.ncsc.gov.uk/files/2021-10-steps-to-cyber-security-infographic.pdf.  Step 7 is Data Security and it specifically calls out:

  • Having confidence data is appropriately protected, wherever it is
  • Ability to restore important data and systems more quickly with practised backups

Ensuring that immutable backup is a well implemented and consistently reviewed area of cyber resilience is key, but not always straightforward. Often teams will assume that they are covered by Microsoft’s native tooling, especially regarding ransomware. However, recent cautions from the NCSC warns that file sync and share services, such as OneDrive are not immune to ransomware. Not only are they not isolated from the primary data, they are also based on synchronisation technology, which can lead to the spread of ransomware.

Without a thorough data protection strategy, you’ run the risk of exposing your organisation to data loss, breaches, and internal attacks (including accidental deletion, ransomware and malicious insiders).  This can result in business continuity challenges as well as compliance and audit fines.

Saepio are advocates of managed public cloud solutions for data protection to tackle the challenges of traditional on premises backup in the light of the modern working world.  

With the ability to scale on-demand and simple ‘pay for use’ models, they eliminate what’s known as stranded capacity and leaves predictable ongoing costs.  You also step out of the role of integrator and builder of basic infrastructure services and into one where applications and services are aligned more closely to business outcomes.  

It is important to Saepio that cloud backup solutions are security-ready with in-built security. In this way, you’ll be addressing regional access and compliance issues with air-gapped backups and zero trust access controls, creating true data integrity. We recently held an event with our good friends at Druva and ran through how cloud backup solutions can treat the risk that’s exposed by relying purely on existing tools. 

A side effect of treating these risks has considerably reduced TCO when it comes to backup, as well as how much coverage can actually be achieved through consolidation. 

Contact Us

If you’d like to find out more about the findings and experiences, don’t hesitate to reach out to our solutions team. Simply call us on +44 (0) 1494 216 061 or drop us an email on contact@saepio.co.uk alternatively, you can submit a form on our contact page.