Network Security and BDR: Why They’re Better Together
One of the prevailing themes in entertainment this year was superheroes in conflict. Daredevil faced down the Punisher, Batman took on Superman, and the Avengers even declared their own civil war. These duels serve as a good example of the kinds of conflicts we often see raging in the IT world: on premise versus the cloud, laptops versus tablets, Macs versus PCs.
While some of these rivalries are more a matter of personal preferences, sometimes there is a lot more at stake. One of the most concerning conflicts that occurs from time to time is between backup and disaster recovery (BDR) and network security. Typically, the solution provider uses and sells both technologies, but one of the two is taken less seriously.
For example, an IT solution provider may be a big proponent of BDR. No company becomes a customer unless it agrees to use the solution provider’s BDR service. When it comes to security, however, if a customer wants to use its own security software, it’s no problem. If called out on this technology favoritism, the solution provider will cite a ransomware incident that left all of a client’s files encrypted. Despite having an active firewall and antivirus software in place, the malware still got through. Fortunately, the customer had signed up for the service provider’s BDR service, and the service provider was able to recover all the files. The implication here is that the security tools couldn’t stop the threat, but the BDR saved the day. So, BDR is a more valuable technology than network security.
Looking at only one incident, it can appear that one technology is more valuable than another. But, if you step back and look at the bigger picture, it becomes clear that not only do these technologies have equal worth, their capabilities are magnified when they work together. Here are some examples:
1. Better Security Can Reduce Your Data Recovery Burden (and Labor Costs)
If a client is infected with ransomware, it is true there are no security tools that can decrypt the code, so BDR is the best way to restore a compromised system to a pre-infected state. However, it’s important to keep in mind that unlike the old myth that says “Lighting never strikes the same place twice,” ransomware attacks can and do strike again. In fact, if your only line of defense is your BDR system, your technicians are going to be very busy performing restores. This can quickly become a major time and profit drain on an IT solution provider’s resources — especially for providers offering fixed fee managed services.
Advanced security tools can play a forensic role that reveals important details such as where and how the breach occurred. Armed with this information, solution providers can zero in on an outdated firewall or computer operating system. Or, perhaps they need to educate employees about their role in not clicking links or attachments from unknown senders.
Not all security breaches involve data being encrypted. In some breaches, such as those experienced by Sony and Target, the cyber criminals infiltrated the victims’ networks and gathered intelligence for more than a year before launching their strikes. In these cases, BDR would not have changed the circumstances, but advanced threat monitoring and security tools such as SIEM (security information and event monitoring) could have significantly reduced the time to detection (TTD) and the severity of the breaches.
2. Unsecured Data Backups Pose a Liability Concern
Many companies recognize the need to have two copies of their data — one on-site and a second copy that resides off-site to protect against fires, floods or other disasters. If off-site data isn’t protected against unauthorized viewers, however, it quickly becomes a liability.
For customers in highly regulated industries such as healthcare, encrypting backups is not just a good idea, it’s a requirement.
In the case of healthcare, for example, encrypting backups is a requirement for HIPAA compliance. The United States Department of Health and Human Services website (HHS.gov) explains that there are only two ways to ensure protected health information (PHI) is rendered unusable, unreadable or undecipherable to unauthorized individuals. The first way is to destroy the media on which the PHI is stored in accordance with NIST Guidelines for Media Sanitization to ensure it could never be reconstructed. The second way is to encrypt the PHI by “the use of an algorithmic process to transform data into a form in which there is a low probability of assigning meaning without use of a confidential process or key.” In other words, even if a hacker were able to intercept data midstream, only unreadable characters would be visible.
BDR and security are not at war with each other like the superheroes mentioned earlier. They each play a key role in protecting customers’ data. And, their full potential (read: superpower) is reached only when they are working with — and not against — each other.
Chris Crellin is Senior Director of Product Management for Intronis MSP Solutions by Barracuda, a provider of backup and data protection solutions for managed services providers, where he is responsible for leading product strategy and management.
Guest blogs such as this one are published monthly and are part of MSPmentor’s annual platinum sponsorship.