How MSSPs Use Disaster Recovery to Help Endpoint Security
With today’s complex cyberthreats consistently landing on every organization endpoint, it’s important to have a secure disaster recovery and data backup plan, which brings together fast, flexible backup and disaster recovery of not only endpoints but also applications, databases, files, and mobile devices. The key to MSSPs successfully executing endpoint disaster recovery and data backup for their customers relies their on ability to reproduce data in two or more sites.
“For disaster resilience, an organization needs data and processing capability in two or more locations, so data needs to be replicated across two or more sites,” said John Michener, chief scientist of Casaba Security, a cybersecurity firm. “To keep data secure, encrypt it so unauthorized users cannot access it. This can be done at several logical levels, as the communications channel may be hardware encrypted with endpoint encryptors. More often, we establish a software encrypted connection such as a TLS 1.2 link, or FTPS/SFTP file transfers and just transfer the data over the internet.”
Encrypt Internet Connections to Endpoints
When planning for disasters, MSSPs and their customers must consider their endpoint infrastructure will become compromised eventually and enter a nonoperational or untrusted state, security experts say. And while they should troubleshoot network issues to return to a ready state, contingency planning must be done that involves having offsite backups not directly tied to existing IT infrastructure to aid in faster, more confident recovery. But how MSSPs use disaster recovery to help endpoint security over encrypted internet connections like SD-WANs remains a gray area. But some security experts have an idea.
“To do this, you need to send data to a secondary location or to a backup service provider, often with cloud infrastructure,” said Ryan Weeks, chief information security officer at Datto, the provider of security and backup services. “When transferring data, ensure the backup is encrypted and the transfer mechanism leverages a trusted path. By taking these precautions, [you] ensure the data gets to where it needs to be to aid recovery and that it has not been tampered with.”
The most popular backup rule, 3-2-1 strategy, states that there should be three copies of data on two different data mediums, and one should be offsite.
“Sending data offsite via an encrypted connection to the cloud makes backup procedures compliant to that 3-2-1 strategy,” said Doug Hazelman, VP of technical marketing for CloudBerry Lab, a cross-platform cloud backup solution. “Why does it matter? If a local disaster – a flood or a fire occurs – there are chances that only offsite cloud backup will survive.”
And an encrypted internet connection should be required for any offsite transmission that carries company information, in the opinion of some MSSPs. Because there’s no situation where company data should ever be put at risk.
“This scenario is especially important when talking about disaster recovery and backup of endpoints to prevent the data from landing in the wrong hands,” said Mike Baker, founder and managing partner at Mosaic451, a managed cybersecurity service provider. “The expectation of recovered data being true to what was backed up cannot be guaranteed when transmissions go over an unencrypted connection.”
Back Up Endpoints Onsite?
In the old days of endpoint backup before cloud infrastructure from AWS, Azure, Google or Oracle-protected software, IT departments were already aware of …