CORPORATE IT BACKUP: FASTER THAN EVER
The widespread use of telework allows many companies to continue their activities. However, the reorganization of working methods was mainly in an emergency, which led to an upsurge in cyber-attacks. The loss of data has serious consequences. It is therefore essential to strengthen the backup strategy regardless of the selected storage option.
The impacts of team dispersal
Telework involves employees using their own internet devices. Personal computers and smartphones are operated to ensure the continuity of business activities. From a purely practical point of view, this is an excellent solution. Where the problem is that security is not as successful as that enjoyed by professional servers.
Companies' computer systems are windowed by personal machines. These are more accessible to hackers who hack the data even before they reach the secure hosting server.
However, the rate of cyber-malice is already very high in France. In 2018, when the RGPD came into force, the rate was already over 80%, according to data provided by the Ministry of the Interior. Since March 2020, the government platform dedicated to digital risk assistance and prevention has recorded a 300% increase in attendance according to the confidences of its CEO Jérôme Notin. These figures call for increased vigilance, knowing that acts of malice take different forms.
- The main types of cyberattacks and their consequences
- It must be recognized that hackers are not lacking in creativity at all. In addition to causing disastrous economic balance sheets, they can damage the reputation of victim’s companies and violate access to websites as well as data stored on computers. Vigilance is necessary because the modus operandi is rarely the same.
- The practice is widespread and yet individuals and professionals continue to be victims. Fake SMS, fraudulent email, phone calls... all communication channels can be used by cyber criminals who impersonate trusted third parties to extract the personal information of Internet users.
Phishing targets the most sensitive personal information. If it achieves its goal, the hacker can indeed recover passwords, access codes and bank details, all vital to the health and safety of businesses. From an economic point of view, the bank account opened in the name of the company, its manager or even the employee can be emptied in the blink of an eye. Fraudulent transactions carried out by the "phisher" may even result in a substantial debt balance. Losses can still be recovered if unauthorized debits are reported to the bank on time, but the process can be tedious and some banks are reluctant to compensate their customers.
The biggest risk is the loss of data. By having passwords and other access codes, phishers can edit, exploit, and delete data.
- DoS or denial of service
- The Abbreviated Denial of Service DoS is a resurgurable attack. It prevents computer applications from working by saturating the server by sending multiple queries. It is called DDoS (for Distributed Denial of Service) or distributed denial of service when the attack comes from multiple sources. This makes it more difficult to block and counterattack.
Hackers exploit the flaws to break into the system and cause a site outage that is then out of use. These attackers do not hesitate to make the DoS or DDoS public which automatically undermines the credibility of the victim company. Doubts hang over the exact nature of the data that hackers were able to access business data, banking information, etc.
The Public Assistance of Paris Hospitals (AP-HP) was the victim of a denial of service in March 2020 and this is far from an isolated case. This means that cybercriminals can attack any business, any organization, hence the interest of adopting an effective data protection and safeguarding strategy.
- Computer espionage
- Cyber-pirates can be very discreet to better break into the servers of companies. In a context where telework is becoming more widespread, personal devices used for business purposes are the main targets. Users may not even realize that their machines are infected with spyware.
The risks are enormous in that data sovereignty loses its meaning. Hackers break into the network and access all the information they need. Your sensitive data can therefore be collected and transmitted to your competitors and/or misused.
It is clear that computer espionage harms organizations, businesses and communities that are at risk of losing contracts and who face legal problems if their name is associated with acts of malice initiated on the basis of fraudulently collected data.
- Brute force attacks
- Passwords and passwords/access codes are the targets of these attacks. Hackers can use a password dictionary to achieve their goal or use heuristic optimizations to save valuable time. It goes without saying that the more complex the passwords, the harder they are to crack.
If brute force attacks succeed, there is the risk that the hacker will access the accounts of the administrators of a computer, a network, a website... opportunities to hijack files and data.
- The rise of ransomware
- In times of crisis, hackers are taking advantage of the loopholes created by telework more than ever to make more money. Ransomware is gaining ground. This is malware that blocks access to the computer. Your screen may be completely locked. Hackers can also use data encryption via a password to prevent access.
The sources of infection of machines are multiple: links embedded in emails, intrusion into the computer system, navigation on unsecured pages/websites.... In all cases, the victim receives a ransom demand in the form of a message. The hackers ask for a sum in exchange for unlocking the data taken hostage. As a rule, the more sensitive the data, the higher the amount required. Financial losses can therefore be significant.
Moreover, there is no guarantee that the data will be recovered. The risk of total - or partial at best - loss remains pervasive. According to statistics published by Coveware, the average recovery rate was 96% in the first quarter of 2020. This represents a decrease of 1% compared to the previous quarter. It seems that hackers do not hesitate to corrupt the data at the time of their encryption, which explains this decline. The same studies conducted by Coveware also specify that the recovery rate can be around 40% depending on the ransomware.
Not only can the company lose its data, but there are also significant economic risks. Turnover can drop significantly if the system is infected with a ransomware.
Strategies to guard against cyberattacks
Zero risk may not exist, but it is possible to optimize data protection by adopting the right reflexes.
Individual vigilance is essential. To begin with, each employee must get into the habit of activating his VPN and updating all his software, especially antivirus. It is also important to check the senders of the emails before they open and especially before clicking on a link or opening/downloading an attachment.
When confidential data needs to be exchanged, it is essential to secure it as much as possible. This avoids the use of public Wi-Fi networks that are vulnerable to spyware and other computer attacks. Encryption is crucial for business emails.
When employees use their personal machines, it is imperative to use an encrypted partition of the hard drive to protect the stored data. At the same time, it is essential that each user has access to a backup system, in other words a backup of business data.
In addition, the design of a safeguarding strategy must be done in consultation with the technical teams and with the support of the legal teams. It is crucial to assess the risks to which the company is exposed in relation to the types of services provided, the information collected about partners/clients.... As much as possible, it is better to prohibit or not to limit external access to the computer system (customers, suppliers...). The less external access there is, the less risk of intrusion.
An internal messaging service is more than advisable. By adopting such a solution, it is easier to protect content and data, regardless of the computers and devices used. Dual-factor authentication systems are obviously preferred because they offer better protection than traditional passwords.
The importance of backups
When a device is hacked or, at best, down, you automatically lose access to the saved files. Despite the quality of the recovery software used, there is never an absolute guarantee that the data on the defective media can be used again. Photos, accounting files, presentation videos, personal cards... everything can be lost in the blink of an eye. The backup must therefore be a reflex and be applied systematically, even automatically.
Nothing beats a custom backup, which is why it's important to compare multiple solutions before you select one. The choice should not be made in haste, even if securing enterprise IT data is a top priority.
BaaS as a priority option
Adopting the BaaS (Backup As A Service) is about taking advantage of cloud backup solutions. In other words, a duplicate of the company's servers is created and then regularly updated. There are many solutions tailored to different volumes of data, the principle being the same: increase security.
Vigilance is required because there are public and private safeguarding solutions. In a business environment, private cloud infrastructure is indicated. Again, many options are available. It is therefore essential to select a French company offering data hosting in France. This is the best option to guard against outside interference and thus to ensure the sovereignty of the data.
In addition to a judicious backup, praged should be provided for restoration. The BaaS offers both services at the same time. If data on business/personal machines are lost or deteriorated, copies stored in the cloud can be activated. The business recovery plan is therefore effective insofar as the recovery in question takes place very quickly. It is not mandatory for the machine infected with a virus or to restart for the data to be recovered. Depending on the selected provider, it is possible to start a virtual machine in the cloud and thus intervene on the data.
Accompanying measures must, of course, accompany the adoption of the BaaS.
Protecting different machines
Secure backups are systematic within companies but less so when personal computers and mobile devices are operated. It is therefore essential to adjust the backup policy on all devices connected to the company's network. Every user must benefit from efficient solutions to record data on their device and then ensure a protected export to the cloud.
Early identification of fixed and mobile devices is required. It's not just computers, tablets, and smartphones! Removable storage devices should also be considered if they contain important information.
Professional antiviral solutions should be preferred in a context where telework is becoming more widespread. Standard protections are not enough to secure files created and stored on personal devices. It will therefore be wise to take over the subscriptions so that the initial installations and updates run in accordance with the security requirements imposed by your activities.
Automation of backups
It is quite possible to automate everyday tasks, such as computer backup. As no human intervention is necessary, the company protects itself against the risks of forgetfulness that can prove disabling or even fatal in terms of safety.
The frequency of backups varies; hourly, weekly, monthly... not to mention the possibility of systematically exporting sensitive data to the cloud. It is therefore necessary to compare the services offered, always in relation to the risks incurred by the company if the data ever falls into the wrong hands.
Automatic backups can be done perfectly via mobile stations such as computers installed in your offices. The parameters must therefore be adapted according to the modes of use, the nature of the data and other factors to identify the level of risk of each machine.
Personalization of protections
It should be noted that a backup of all files without exception is not always necessary. As a result, some low-value data may deviate from the rule. Their identification, of course, requires careful analysis. For this, it is advisable to prioritize data in order of importance. This identifies data that does not cause a major problem in the event of loss or degradation.
Following the same logic, it is recommended to offer tailor-made levels of protection to the different data backed up. Providing custom access codes to users already reduces risk. At the same time, it is possible to install alert software that warns administrators of any attempt to intrusion into the system. These alerts trigger as soon as an unauthorized person attempts to access files.
The backup time
Virtual and physical media can be accompanied by a more or less important lifespan. This is a detail that must be considered before selecting the claimant. In some cases, the data is stored within a time limit (5 years, 10 years...). In others, you get a lifetime backup and therefore decide which files to delete or not depending on their usefulness.
Preparing virgin machines
The restoration time in case of computer attacks will be optimized if you are planning blank machines. In other words, the drive must be completely empty, which does not exclude the need to offer all the necessary protections to each machine. We are talking about a system image ready to receive complete data and software in very short time, which is once again part of the policy of resuming activities.
The BaaS offers the prospect of receiving a continuous update at low cost, or even free of charge depending on the provider selected. As a result, the functionality of the applications essential to the activities is optimized in real time. In fact, it is important to ensure that software that allows files to be opened and used is also backed up. This saves valuable time if a restoration is required following a computer problem.
Sometimes the backup process doesn't go as it should. For more assurance, it's best to test backups on a regular basis. These tests can take the form of a copy of the files backed up on your computer. After that, you have to check that each file is properly usable (opening, editing...).
It is also advisable to test copies directly in backup centers. This precaution allows you to evaluate the restoration times, the levels of protection available to physical servers and more.
Computer backup: what the law says
The absolute need to protect your business data from cyberattacks and other potential sources of loss/degradation does not preclude her obligation to comply with legislation. Personal data is mainly concerned.
The General Data Protection Regulation (GDPR) strengthens people's rights. It should be noted that different approaches to the National Commission for Information Technology and Freedoms (CNIL) are being abolished. Only sectors that are attractive to justice and health still have to apply the formalities in force before 2018. In return, companies must comply with their data collection, analysis, processing, and exploitation policy under the RGPD. The guidelines are available on the CNIL website regarding enforcement on European territory.
Section34 of Act 78-17 of January 6, 1978, amended by Order No. 2018-1125 of December 12, 2018 - art. 1 also provides additional information. Since criminal liability may be incurred depending on the nature of the data stored, it is mandatory to comply with the provisions ofArticle226-17 of the Penal Code. Sections 1240 and 1241 of the Civil Code should also be considered, knowing that personal data collected and stored can be harmful. Other texts and laws can obviously serve as a reference, but it is preferable to consult legal experts so that the safeguard ensures the protection of the company from all points of view.
Laws vary from country to country. This involves applying variable measurements depending on the backup platform selected. The references mentioned above are, for example, adopted in France, which does not make them compulsory in other states. This is the importance of speaking to a French law provider as mentioned above. Not only is there a guarantee that the existing legislation will be enforced, but the management of any problems will also take place with greater flexibility.
Any company or organization must adopt a tailor-made security policy. The various strategies put in place will then be communicated to employees who will have to apply them in the present and telework. By combining the efforts, managers and employees contribute together to the protection of the computer data of the company concerned.