Recent weeks of non-stop travel, and many airport visits, has got me thinking of how the provision of physical security and border protection controls are intrinsically tied to a digital ecosystem that is delivered across hybrid cloud services. Every customs control knows where I have been and where I am going, every airport Wi-Fi is able to track my movements, including my purchases, and in between, every application that has metadata, hooks into my smartphone can track my geo-location, what I search and what data I both consume and produce.
So, how do we protect systems and data from cyber-attacks in such a complex, interconnected and globalised digital ecosystem? What underlying pillars require change and transformation to future proof Availability in making sure our clouds don’t disappear when it comes to cybersecurity breaches?
Data is the core asset in today’s businesses and Government services world, and when it comes to cyber-security, which is typically sustained and targeted, the most critical aspect is ensuring that core data is protected, preserved and its integrity has not been compromised. It is about protecting with a forward view rather than recovery.
Having said this, when there is an attack, recovery is critical in ensuring business continuity. Critical to an overall cyber security strategy is making sure the core asset of an impacted organisation has not been compromised and is protected. Yahoo’s cyber security breach of its 3 billion user accounts or the JP Morgan Chase breach compromising the data of 76 million households and 7 million small businesses, is my case in point.
Organisations should always have dedicated focus applied to both disaster recovery as part of maintaining business continuity as well as cybersecurity to ensure protection of its digital assets. Preparation of both comes from an identification of the key cyber security risks and then applying the most appropriate combination of people, process and technology to mitigate the associated risks and impacts. At a high level, being able to successfully and intelligently manage, protect and recover an organisations data in the event of a cyber-breach should involve five core pillars, Backup, Aggregation, Visibility, Orchestration and Automation.
Start off with Backup that maintains three different copies of your critical IP, across two different media types with one being ‘air gapped’ off-site. This will ensure that you have forward protection of your core IP in the event of a breach.
Your existing platforms then need to be able to Aggregate the protection, management and recoverability of your critical apps, data and services irrespective of where they may reside being on-prem in private clouds, managed clouds, SaaS platforms and/or public clouds. This is the hybrid cloud aggregation capability. Being able to execute smooth recoverability due to a cyber-breach is predicated in your operations and how consistently invocation plans can be leveraged from a single platform, across ANY cloud. Whether you want to restore from on-prem into Public Cloud or Managed Cloud or restore back from Public Cloud to on-prem, ensure that your availability platform can address all use cases.
Visibility is also key in the preparation of cyber breach events and the ability to mitigate against impact. Visibility in both a proactive and reactive sense of a company’s applications, data, systems and services across a hybrid cloud environment includes the ability to have integrated, application to bare-metal visibility within a single dashboard. This is a key requirement to reduce the ‘mean time to resolution of a breach’.
Orchestration is the next maturation of an effective plan to deal with cyber breaches and having the ability to seamlessly orchestrate the moving of applications, data and services in the event of a cyber-breach event.
Automation becomes the final pillar to round out effective capability in the technologies and processes underpinning your plans. The ability to integrate with an ecosystem that is proactively protecting a company’s services and ensure minimal manual intervention minimises the impacts of any potential cyber-breach.
Many organisations that haven’t applied effective planning methodology across people, process and technology effectively without proactive testing of their recovery plans will inevitably recover terribly (or not at all) when the time of impact comes. Many organisations assume that because they are taking backups, then recovery during a disaster invocation will be a “lay down mesire”. But again, as I describe above, having an effective planning methodology that leverages effectively people, process and technology underpinned with a technology stack that can intelligently manage, protect and recover data effectively across Backup, Aggregation, Visibility, Orchestration and Automation is key.