4 ways to improve data security in 2020

The stakes surrounding data security and risk mitigation rise with each passing year. Data breach costs continue to increase and potential threats grow more sophisticated. 

According to IBM, the average total cost of a data breach – after accounting for remediation, reputational damage and regulatory issues – has reached $3.92 million. While smaller organizations may not face expenses that high, addressing an incident could cost tens of thousands of dollars or more.

Security issues can also jeopardize the transition of workloads into the cloud. This prevents organizations from taking advantage of this technology and making progress toward full-scale digital transformation.

Organizations should keep data security at high priority in 2020 and use every opportunity to improve their security posture and safeguard databases, systems, applications, networks and other assets. Backup-as-a-Service solutions, along with more intensive security assessments, personnel training and advanced analytics tools, can play a pivotal role in those efforts.

In the article below, we’ll explore four options for boosting data security capabilities and preventing data breaches in the coming year.

1. Perform regular review and testing of controls

To stay secure, every organization needs a well-defined organizational structure for managing data security needs. Having a comprehensive security governance strategy in place removes confusion and ambiguity regarding security responsibilities. 

For that strategy to work, it requires regular updates to address shifting security requirements, emerging threats and changing best practices. It should be well-maintained between tests to ensure the organization is doing everything possible to prevent or mitigate a data breach.

To get the best results from a security strategy also requires consistent testing to ensure everything is in proper working order and every contingency covered. To that end, testing security controls should be a key priority. Access management is one of the most important components of modern cybersecurity. Compartmentalizing various platforms and databases helps to prevent unauthorized access or compromise to sensitive data and systems.

Revisiting governance this governance strategy also creates accountability both around security as well as workload management. A lack of accountability in these areas is a dangerous financial and security liability. If internal stakeholders don’t understand who’s responsible for data security controls and remediation efforts, organizations may be too slow to respond to a breach and minimize its impact.

2. Conduct security training for all key stakeholders

In the world of data security, your employees can either be a major asset or a huge liability. When staff members understand the malware and security threats facing the organization and know how to distinguish between legitimate and malicious activity, the business is in a far better position to prevent bad actors from penetrating their defenses. 

On the other hand, employees who are unfamiliar with security best practices and common cybercrime strategies put their own organizations at risk. Their accounts make easy targets for securing unauthorized access to sensitive data and applications.

With that in mind, regular and in-depth security training is an essential component of a robust security posture. As employees undergo such training, they begin to understand how an attacker might try to manipulate them. From here, they can recognize potential attacks and respond as necessary. 

Data security has often focused on external threats. But an organization looking to protect its data needs to pay just as much attention – if not more – to breaches that start from the inside. A 2019 survey of more than 1,000 information security leaders revealed that 69% of respondents reported data breaches stemming from an insider threat.

3. Monitor for internal threats – malicious or otherwise

Not all insider threats are malicious. Many of these result from ignorance regarding proper security measures. Poor security hygiene can be a systemic issue that includes everyone from ground-level employees to C-level executives. That same report found that 78% of CSOs and 65% of CEOs had clicked on suspicious links in the past. Moreover, 43% of business leaders use their personal email accounts to share documents and communicate with their colleagues. 

It should be obvious that this behavior presents major security risks. For instance, people often use the same login credentials for various personal accounts. If one is compromised, the rest will be at risk. By using their personal email for business purposes, employees widen the organization’s threat exposure.

Training for all employees will help create a company culture that values data security best practices. Routine training ensures people adhere to them at every level of the organization.

4. Build-in artificial intelligence-based security protection

Data security best practices have shifted from relying on perimeter-focused efforts to crafting strategies around threat remediation and incident response. It’s unfeasible to expect security mechanisms to block every threat and intrusion. Businesses need to prepare for worst-case scenarios. That entails detecting malicious activity after it’s breached perimeter defenses. 

Organizations should monitor their networks for any anomalous behavior that could indicate the presence of a bad actor. The next step is to analyze the available data to spot trends that indicate network or security flaws.

Accurate detection of malicious activity requires constant visibility combined with sophisticated analytics. Organizations can augment their monitoring and threat detection capabilities with the help of artificial intelligence-based security protection. 

AI solutions can analyze more data with a finer level of precision than any human operator could hope to match. They can comb through far more data and identify even the most subtle indication of anomalous behavior. This enables organizations to address cyber threats before they have an opportunity to cause lasting damage. AI-based security tools are also able to update threat signatures in real-time.  Meanwhile, they also help businesses keep up with cybercriminal activity and the rapid release of new malware strains.

Build up IT resilience to weather the data security storm

Given the high cost of a data breach, businesses need to make a concerted effort to upgrade their security strategies in this coming year. New threats will continue to emerge and exploit lingering vulnerabilities. Having the support of an expert MSP that constantly monitors your network and adheres to the latest security best practices will significantly reduce the risk of a costly data breach.

To learn how to introduce scalable and reliable data backup solutions into your digital transformation strategy, download our guide “6 Practices for Better IT Resiliency Planning”.

Check our previous articles in this series, “3 Ways Your Infrastructure is Preventing IT Resilience” and “Is Your Risk Mitigation Strategy Resilient Enough?“.

Protect your critical data and applications with our turnkey Backup as a Service solution. Reinforced by our deep understanding of data center and network technologies and enterprise-grade managed services, this offering helps you resolve issues faster and free IT resources to refocus on business transformation. 

Is Your Risk Mitigation Strategy Resilient Enough?

When your system goes down, it’s a disaster – plain and simple.  

Whether it’s a ransomware attack that’s shut users out of their email or a software glitch that’s knocked over an e-commerce portal, end users don’t care about the cause of an outage.  

They expect the systems they rely on to be “always-on.” 

[Read more…]

Softchoice Launches Backup as a Service to Improve IT Resilience

Protect the data and applications critical to your business.  

Data has significant impact on the way we do business, enabling innovationdefining how we engage our customers and expand our ability to generate revenue. With IDC forecasting that by 2025 the global data sphere will grow to 175 Billion Terabytes of information, businesses will need to be more strategic and efficient in the way they manage – and protect – their data. 

The increase in global cyberattacks is a clear and present reminder of the critical importance of a proactive and integrated plan for cyber resilience and business continuity. This means maintaining backup and recovery operations is a year-round, 24/7 job for IT teams

Meanwhile, complex and fragmented infrastructure, use of legacy storage technology such as tapes, and the constant threat of security breach make data and application availability a constant concern. As a result, we struggle to ensure that backup is supporting its primary purpose of risk mitigation while managing the solution in-place and the cost to maintain it. 

 To address this need Softchoice has launched Backup as a Service (BaaS) which offers a fully managed and cloud-connected backup and recovery solution for on-premise environments conveniently billed as a monthly service. Through automation, proactive monitoring and detection, Softchoice BaaS protects critical data while helping manage and reduce total cost of ownership. The key capabilities of this service include:  

  • Unified backup and recovery: Quick and efficient backup and recovery for all your virtual and physical workloads in one unified solution. 
  • Resolution Support: Mitigate risks of downtime and accelerate recovery with dual backup to the cloud and on-site appliances as well as 24/7/365 expert resolution support. 
  • Configuration Mentorship: Receive guidance on best practices for your backup strategy via 30- to 60-minute technical conversations by telephone, email or online meeting. 
  • Technical Support: A single centralized support team providing 24/7/365 live answer support, a service portal, incident and escalation management and ITIL service management. 
  • Implementation: Combine on-site appliances with cloud storage to enable quick recovery when needed, and cost-effective cloud storage for long-term retention. 
  • Managed Backup Operations: Taking care of the implementation and the day-to-day operations, freeing your IT team to work on strategic projects. 
  • Testing: Confirm your recoverability by testing production backups twice a year. This includes testing for granular files or full virtual machine recovery. 

Softchoice Backup as a Service enables businesses to protect, locate and recover more information in less time, across any combination of platforms, locations and storage environments and reduces the cost of maintaining separate backup technologies. The streamlining and maintaining of data coupled with Softchoice’s Managed Data Center & Network Services also offers businesses with a holistic data center strategy that is critical for fueling data-driven businesses.