With highly dispersed employees in a highly orchestrated cyber threat environment, these strategies can enhance data security and business continuity
Most organizations are now working with a more remote workforce than ever before, and some may have lost easy access to their data center. To cope, new services and solutions may be introduced into the IT environment, many of which are likely to have increased complexity and risk, compounding the challenge of managing dark data, PII, regulatory compliance, cybersecurity and data management.
Additionally, the do-it-yourself nature of managing multiple products—in most cases from multiple vendors in an increasingly diverse environment—has become nearly impossible for already stretched IT teams and is a major driver of higher total cost of ownership (TCO). .
It’s not just operational SLAs that are at risk: massive inefficiencies result from the proliferation of duplicate data and poor optimization of expensive resources.
Tips for managing data in the future
Organizations must now move from a state of “maintaining as much productivity as possible and eliminating IT-related problems” to trying to find a new and productive “normal”. It should be less about “keeping the light on” and more about working out how to improve what is implemented and stress testing for future needs.
Leaders who haven’t been forward-thinking or who have diverted budgeting from succession planning are in a bad position.
Here are nine considerations and best practices for overcoming avoidable mistakes when planning for future reliability and continuity:
1. Ransomware
There’s no doubt that having a workforce that works primarily from home increases the threats to your organization. Reassessing existing IT policies and updating them to support a remote workforce is critical.
To counter cyberattacks, set up alerts that monitor unusual activity such as permission changes, storage volume increases, and large volumes of data being moved. Use all available mobile apps from vendors to make it easier to spot problems before they happen. Staying ahead of an attack is the most important thing, provided your organization has a layered defense and recovery plan in place. Work with the supply chain to leverage each of their integrations to make life easier and improve security postures across the chain.
2. Phishing scams
With so much stress and distraction caused by ongoing pandemic disruptions or even additional workloads due to the Great Resignation, employees are more likely to fall for malicious scams and tricks. Consider sending a list of validated URLs for staff to check, or whitelists when using client-based content monitors, and even “fake” phishing emails to check their understanding. The more knowledge and awareness employees gain, the less chance they have of becoming targets of ransomware attacks.
3. Social engineering
It is not uncommon for malicious agents to try social engineering tactics, such as phoning individuals in administrative roles claiming to be IT and needing to reset executive passwords, then requiring them to first tell the malicious actors the old about “ verification’ “. These attempts are common and can compromise your entire infrastructure. Make sure your IT department opens multiple communication channels with employees, such as the help desk system, content manager, messaging platforms and a wide range of active individuals , who respond first.
4. Backup hygiene
Review data backup protocols and follow industry advice to adopt the “3-2-1” rule, which requires at least three copies of your organization’s data, consisting of the original copy of the production data and two backup copies. Both refer to the presence of at least two different types of media to store copies of your data, such as local disk and cloud-based storage. Finally at least one the backup must be stored offline or off-site or in an unaltered state.
5. Employee-led backup
Organizations that provide employees with the ability to restore their computer in the event of problems should educate them about the importance of backups and what to do in the event of a problem. To maintain compliance, issue—and periodically reissue—educational materials and resources explaining how to back up locally, as well as policies on where to store files, when to back up, etc., to minimizes the impact on ‘live’ data environments.
6. Local recovery
With many workers using their own endpoints, such as personal laptops, and without on-site IT teams available at home, providing local recovery tools is a must. This will allow remote employees to restore their laptop to a working configuration without outside help. Various tools are available that allow a working disk image of the device to be centrally stored and restored in an emergency. In the short time it takes to create a backup image, the benefits of coverage for any unexpected failure or loss of connection to the corporate network are huge.
7. Archive integrity
Not every backup job completes, and some that do are not always reliable. Ensure that the data copies are usable and can be trusted for recovery by testing them using a backup tool or console. In the cloud, this can be done through the provider’s dashboard. It’s an impactful activity and an easy job that IT teams can do remotely.
8. File sharing hygiene
Use a file sharing system that is remotely accessible or a cloud-hosted file exchange: this can help modernize your IT systems and support employees in any location. It will also allow your organization to manage the distribution of corporate data that may have been or continue to be shared across insecure services or platforms, especially those that fall into the shadow IT realm.
9. Data Fragmentation
Check for duplicate files and determine where duplication exists. Where possible, look to implement deduplication and compression tools and enable small file optimization. This frees up storage resources when new hardware cannot be purchased and installed, while improving the total cost of ownership of existing resources.
IT teams are facing unprecedented demands to go beyond simply maintaining business operations and to act as a source of innovation and competitive advantage. By overcoming the various data challenges mentioned above, some of the biggest IT obstacles will be removed and IT departments will be empowered to meet rising expectations, best practices and effective data management.
https://www.computing.co.uk/opinion/4054479/cyber-proof-management-wfh-era
