It has often been said that to fail to plan is a plan to fail.
This is a particularly true statement for all of us who work in cybersecurity. Everyday we deal with threats, vulnerabilities, incidents, and attacks on our infrastructure, systems, and data. It is up to us to put in place tools, processes, and resources to effectively protect our organizations from bad actors and to be able to recover when things go wrong.
Effective cybersecurity protection is an unbalanced game and the odds are not in our favor. Even when we have the right tools, processes, and resources in place, things can still go wrong. Malicious actors are attacking organizations millions of times a day, and guess what? They only have to be right one time in a million to succeed; while security practitioners have to be right a million out of a million times every day to protect our organizations, infrastructure, systems, data, personnel, and customers.
Cyber Resilience planning is important
This is why cyber resilience planning is so important to our success as cybersecurity professionals. We have to understand our organization’s goals, environment, networks, systems, strategic objectives, and culture among many other things to develop effective cybersecurity and resilience plans to protect our organizations. Resources are always a challenge, and therefore we have to be thoughtful about tooling and overhead; and we must continuously balance risk tolerance and resources. This is especially true in today’s economic environment.
What’s often overlooked in data resilience plans
This leads me to one of the sometimes overlooked and often misunderstood protection elements of data resilience planning – the endpoint and all of the data created, processed, accessed, shared, and stored on it. Data is the lifeblood of every organization today. So, having a protection and resilience plan in place that contemplates restoration and recovery of endpoint data quickly and at scale is so important to meet operational continuity, legal, and regulatory requirements.
Misuse of collaboration tools as backup
Too many organizations unknowingly have resilience gaps in this area due to the misuse of collaboration tools like Box, OneDrive, and Dropbox for data recovery. These tools are often relied on for a purpose they are not designed for…effective data backup, recovery and restoration; quickly, completely, and at scale. Sure, they may check a box for a security audit, but when the chips are down and you need to recover critical data following a ransomware attack, you will realize too late that you have been using the wrong tool.
You need a purpose-built tool for endpoint data protection and resilience. By using CrashPlan you get peace of mind knowing your data is secure and available for recovery at scale when and where you need it. CrashPlan offers:
- Continuous protection of all of the files important to your organization
- Unlimited storage in our high availability cloud
- Quick restoration of your files at scale
- Strong data encryption both in-transit and at rest
- Control of the encryption keys
- Data residency control
So, my challenge to you today is to take a look at your data resilience posture and ask yourself if you have the right tools, plans, and processes in place to continue operations and deliver services to meet your customer and stakeholder needs. In short, do you have a CrashPlan?