The enormous business impact of ransomware has forced many nations to consider it as a national security. While most cyber attacks fall under the purview of enterprise security teams inside an organization, they have woken up the executives and the corporate board at F1000 companies. It has brought in an unprecedented level of awareness about managing corporate data among various corporate stakeholders. But just being aware of the need to secure critical data is just the start, how to go about achieving that objective is becoming the crucial inflection point of the industry.
As been customary in the ransomware industry, a cyber attack attack first cripples a business for days, leading to operational discontinuity, lost revenue, customer churn, and reputational damage. Then it no gives corporate two choices – 1) Pay the ransom to get data back or 2) Stay offline indefinitely. Even if corporations pay the ransom, attacker gives no guarantee that the business operation will be restored.
The overall enterprise network system is never going to be secure enough to thwart dedicated hackers because it must remain open enough for workers to be productive. To make enterprises operations more robust, corporations need to think about preventative approaches to protect corporate data and provide the necessary foundation to deter cyber attacks of all sorts. Agile, confident, and worry-free usage of vast corporate data by developers will help create new business insights. But a much-needed impetus is needed to rethink the fundamental architecture of an organization’s data storage and processing infrastructure.
Corporations need more responsive infrastructure that interacts with enterprise data via smart APIs with automated processes for the way data is fetched, merged, transformed, secured, and delivered. Such an infrastructure must work with data generated outside the traditional data warehouse and combine it with data generated inside the corporation. It must be fully programmable, eliminating the need to per-determine exactly what data is going to be combined with what data. Smart APIs enable users make data requests that looks simple to them but manage all the complex automated processes to deliver data within seconds or minutes, not days or weeks. This API must perform automated backups on an optimized and context-aware schedule, including rapid backups to the cloud and slower backups to physical media in-house or remote. This will allow enterprises to avert the ransom payments knowing they can retrieve the data from backups. It’s important the infrastructure enables enterprises to back up data according to what makes the organization fully resilient, rather than according to the limitations of storage HW limitations and SW scheduling capabilities.
But ransomware attacks leverage an obvious and inescapable fact about backups: backups are files written and read by the same network that the organization uses for its day-to-day business although backup files are compressed, redundant, likely kept on remote mirrors, and are heavily permissioned. And cyber criminals are just one login away. In such a scenario, a virtual data infrastructure that takes the backups off the organization’s normal networked file system and installs separate controls makes the cyber criminal’s job harder. Such a virtual infrastructure must be designed to work with smart data API. It should be able to move files onto the enterprise’s work network and store backups on local or remote physical drives, in the cloud, or anywhere else developers want. Enterprises need to put an “air gap” between a production system and the backup system to vastly minimizes the risk to the backups. With a data infrastructure that virtualizes much of the data, an organization that find its enterprise network has been encrypted by cyber criminals, can restore its production data from air-gapped backups in minutes and get back to work w/o paying any ransom.
Proactive CSOs and CIOs are leading the charge for an infrastructure that better meets the needs of the people who are using data to innovate, to do their jobs as safely and efficiently as possible, and to achieve a level of operational excellence simply never possible before — all while achieving a new level of security against cyber attacks of all sorts.
/Service Ventures Team
Comments