The headlines are filled with stories of cyber attacks, and most recently, sporting goods company Adidas reported a data breach. 2017’s Equifax breach was a major eye opener, not only because of the scope of the exposure but also for the regulatory, industry and brand backlash. Ironically, the hack was attributed to a known software vulnerability that the Equifax team neglected to patch which is a relatively simplistic attack vector. Hackers are becoming ever more sophisticated in their attacks and so companies need to prepare for assaults from multiple different angles beyond simple software patching.
As you think about the implications of an the attack on your infrastructure, you must consider data control. Data control describes how data is protected, secured and recovered. A key component of data control is data copies — the more copies you have, the larger the attack footprint and the greater the risk. It can be overwhelming to create a cybersecurity strategy, and the eleven questions below provide a framework to get started.
- How many copies do you keep and who has access?
- How many different siloed products do you use to create copies for backup, replication, DR, test/dev, pre-production/ staging testing, analytics?
- Can you audit user access and track copy access settings for each of those different products?
- For production data and copies, what levels of cryptography, intrusion detection and integrity monitoring are available in your data systems and how well are they implemented?
- How often do you assess data control levels?
- Does your environment incorporate all essential technical standards including multiple levels of data access control for both production data and copies?
- Do your standards address physical, virtual and hybrid cloud environments?
- Do your data control systems integrate with the overall data management framework without performance impacts or undue cost?
- How is your system protected from things like bugs, trap doors and internal or external snooping of production data and copies? Are alarms in place and carefully monitored?
- What are likely customer satisfaction and lost revenue impacts from a major data breach?
- Are known-good or baseline images of hosts available to support comparative forensic analysis?
The unfortunate reality is that the frequency, intensity and sophistication of cyberattacks is forecasted to increase over the coming years, and the longer users delay in implementing a strategy, the greater the risk. I encourage our readers to review these eleven questions and think carefully about how they apply to their environment. Even if you do not have answers to all of them, the questions can help steer you down the path of greater cyber-attack protection and piece of mind.