An employee receives an email from a vendor requesting the correct address for a routine delivery of supplies. Subsequently, she clicks on the email’s attachment provides that correct address and then deletes the email. Three weeks later the entire office cannot access mission critical files and there is a ransom note requesting 5 bitcoins or else the client files will be erased from your network and then released to the Internet. Now what do you do in the midst of this disaster scenario?
Current convention is to firmly refuse the ransom and restore your loss files and network’s cyber security with your recovery service. Otherwise, you can pay the ransom and hope that the hacker will honor their demand after they receive the ransom. And, then you can provide a disaster recovery service after the fact which is a very expensive process especially if the cybercriminal does not keep their word. Irreplaceable data loss, wasted down time, loss revenue opportunity as well as loss clients and customers are only a few of the consequences of not having a backup plan in place. Not only should you invest in a disaster recovery & backup services (DRAAS) but you should also regularly review and enhance your DRASS.
The focus of security in the cyber realm is to develop a strategy that encourage best practices to ensure that networks are protected and secure from all forms of cyber threats. While networks can be secure, they are not full proof. Sometimes the greatest weakness in a system are its users if they lack the training. Statistically speaking, over 30% of phishing emails are opened, which results in the theft of end users’ private and sensitive information.
Antivirus and firewall solutions, as well as good security practices help to keep your network resources safe. It is incumbent on the individual organisations to coordinate with the staff or service that manages their IT services to ensure that users are intricately familiar with network policies while simultaneously enforcing them to maintain compliance.
Viruses, malware, and insider threats continue to be persistent problems due to their ability to exploit vulnerabilities within a network enterprise. Oftentimes resources are committed by organisations to devote time to correcting these problems in a timely manner, resulting in millions of dollars in damages, loss of business revenue of your company’s most valuable customers.
Depending on your industry, you could be liable for negligence for client data records without a proper DRASS policy. For example, the health industry must comply with HIPPA and HITECH (Health Insurance Portability and Accountability Act and The Health Information Technology for Economic and Clinical Health Act respectively for digital health records. Similarly, accounting and financial firms much comply with the Sarbenes-Oxley Act for digital client records. And in Europe, European companies and US companies working in Europe have to comply with the GDPR (General Data Protection Regulation) digital privacy law.
As a result of future and current legislation, avoiding data breach lawsuits is another important reason to implement a DRASS policy. A professional DRASS policy should entail:
Onsite and Offsite solutions of backups of critical files
Verifying of backups to make sure important files and management systems are actually stored
Schedules of regular restore and recovery testing from backups
As you can observe, protecting digital information is very important for you and your clients.
We understand the requirements for a professional DRASS policy for your type of business. You will have a selection of options that is the right plan for your disaster recovery and backup options. DRASS options can include software services such as onedrive, sharepoint, and others. Restoration can be immediate from onedrive, sharepoint, and other software or take extra time from offsite solutions.
Are You Ready To Secure Your Business?
Speak to one of Greenpoint’s experts for 60 minutes free of charge.