Ian Vickers of METCloud asks: How well protected is your business data against ransomware attacks and natural disasters?
The recent coronavirus pandemic has been the clearest demonstration on the importance of good business continuity planning. With the rise in reports of ransomware and cybercrime attacks on businesses, organisations today must consider business continuity planning outcomes beyond natural events like hurricanes and earthquakes.
This article discusses current business continuity challenges faced in the modern world. This comes at a crucial time as recent statistics show that not enough companies have robust protection from the onslaught of ransomware attacks, despite having a greater chance of being targeted by cyber criminals than falling victim to natural events.
Cyber statistics call for serious action now
Pre-Covid lockdown, almost half of businesses across the UK have reported some kind of cybersecurity breach. While official updates have yet to be made on the Department of Digital, Culture, Media and Sport’s cybersecurity breaches survey since March this year, there is no doubt that this number has shifted greatly over the course of the pandemic. In fact, the latest annual report by NCSC indicates that a quarter of cyber incidents detected in the UK are related to Covid-19 - criminals targeted the NHS and tried to profit from public fear of the pandemic.
Additionally, English football club Manchester United, recently reported that they had been hit with a sophisticated cyber attack. They evaded disaster as they had protocols and procedures in place that allowed them to isolate the damage and protect important data. The question is, what are these ‘protocols and procedures’?
Disasters and ransomware attacks can happen to anyone
Ransomware essentially encrypts (locks) the victim’s computer system until a ransom is paid to the cybercriminal for them to release it back to the business. UK companies are amongst the highest ransom payers in the world.
While high-profile ransomware attacks on big organisations like the NHS, Garmin and Manchester United make the news, the reality is that it can, and does happen to small and medium businesses far too often. Ransomware attacks can cripple businesses and they do not recover from it in the same way a bigger business would.
As it is practically impossible to avoid a ransomware attempt in the same way that a warehouse cannot avoid break-in attempts, or damaged goods as a result of a flash flood or fire, there are ways to prepare for them in order to minimise the damage.
Enter: Disaster recovery and back-up
All businesses recognise that IT downtime very swiftly translates to loss in revenue. Pandemics, natural disasters, human error and even ransomware attacks jeopardise the seamless IT resources needed to keep the business running.
Backing-up the data that the business needs to run on is a good start in ensuring that it can continue functioning when disaster hits. By ensuring that 'copies' are adequately up to date, a business has the safety net of restoring the back-up information in the event that the original information gets wiped or corrupted. That said, it is important to have a strategy to execute this effectively, with minimal disruption. This is where disaster recovery comes in.
The complexity of the IT infrastructure in modern businesses means that data back-up is not quite as simple as putting the information back into the data centre and taking off after a serious outage. It is important for businesses to put processes in place and adequately plan for unforeseen events.
These processes have to be strategically planned and rehearsed in order to minimise downtime after a significant deletion or corruption. Simply put, businesses quite often find that customer retention is at risk when they are unable to attend to their demands as a result of the 'system being down' for a few days.
Scalable investments in security
Right now, SMEs have various choices to choose from when it comes to back-up and disaster recovery solutions. The reality is that it requires some level of in-house expertise in order to manage it effectively and efficiently. This can be onerous to a small or medium sized business owner.
An alternative is to look for back-up and disaster recovery that are completely hosted and managed by a team of specialised experts. This means that companies are able to focus on their core business while a team of IT experts handles the end-to-end care that is needed.
These days companies can pay a monthly subscription fee for a quick implementation of Back-up-as-a-service. Without the need for hardware investment or maintenance, users enjoy cost effective scalability based on their needs and flexibility when the time comes to adjust.
Cybersecurity is always a priority
Cybersecurity should be a non-negotiable priority. Data back-up should always be encrypted during transmission. This means that the data is always protected from unauthorized access. To ensure robust business continuity and keeping in line with good disaster recovery protocols, customers shouldn’t have one back-up location, but a second copy of data at a separate location to minimise the risk of catastrophic loss in the event of disaster at the primary back-up location.
Making cyber security improvements at your pace
Significant IT upgrades can be intimidating for many businesses. After all, without the core expertise available in-house, how does one go about ‘fixing the IT issues’ when one-off calls to an outsource IT professional can get expensive?
The reality is that cyberthreats are more relentless than ever before. Protection against them should be constant and strong. The solution is to opt for a tiered approach to achieving comprehensive back-up and disaster recovery for your business.
Ian Vickers is CEO of METCloud. For more information about Back-up and Disaster Recovery as-a-service and the many other cybersecurity solutions METCloud offer, head to METCloud,com.
Main image courtesy of iStockPhoto.com