Sign In

Subscribe to our Weekly Newsletter to get latest updates to your inbox
FEBRUARY - MARCH 2024AUTOTECHOUTLOOK.COM9the world's connected population and you must consider everyday: "if I open this, or click that, what might happen?" Someone wants something from you, it could be a simple revenue stream focused on increasing sales or more malicious: crypto-jacking, fraud or something that leads to a ransom for your stolen/encrypted data. The intention of the article is to make sure that we all have our ears and eyes open - the threats are real, and they are likely to come knocking on your door. We all have data to offer to someone, it's a reality, so we should minimize the risks. Prevention is always the best medicine, and it is highly recommended to be able to identify, protect, detect, respond, and recover from all threats - whether they are natural or otherwise. Being able to cover all those criteria can be a huge undertaking and it's likely that you won't be able to protect yourself from everything. That awful day may come when your data, information and/or systems are not accessible or no longer functioning correctly and you may have to rely on the one thing that we should always be able to do - restore from backups. Whether it's a few important files, a history of emails or an entire system that is critical to your daily operations, everything can be backed up and in the event of a disaster; recovered. You may be able to undo many of the bad things that happened and get on with your day but there is only one way to ensure that everything is the same as it was before the event, and that is restoring from backups. In many cases, there is already resilience in our data, whether it's through hardware redundancy or replication, there are plenty of options available on the "hot" side. Something that can be overlooked with our backups, is how "warm" or "cold" they are - what if the event that impacted your live data, could also reach your backups? Security is all about boundaries and we often forget that it's not just resiliency we should focus on but making sure there are enough layers protecting everything. With backups, we are looking for is a 3-2-1-1-0 strategy, where the numbers relate to: 3 copies of the data, across 2 backup types, 1 off-site, 1 backup totally offline/sealed, and all verified with 0 errors. It sounds complicated and everyone will have their own thoughts about what makes practical sense for them to achieve but the goal is common for everyone - be able to restore data in a reasonable timeframe and ensure that the backups themselves remain both safe and have integrity. Backups come in many shapes and sizes, from bare metal/VM snapshots, application level/data only, through to differential/incremental file backups. Each option comes with its own set of pros and cons, so you will need to choose what works best for you. Keep some focus on where they are stored, validated for integrity, and periodically tested, so that the ultimate strategy of 3-2-1-1-0 can be the target, even if there is a compromise based on effort and complexity. Hackers don't need to know their targets or their worth but are only interested in compromising systems and any chance of making money. Hacking is related to the general availability of data with computing power
< Page 8 | Page 10 >