Cyber security has been the hot topic for retailers these last few months. Between WannaCry and Petya, we’ve seen disruption to hundreds of businesses. Last month, a South Korean company agreed to pay the largest ransomware settlement in history. In addition, many businesses are reported to still be recovering from the Petya attack, a full month after it initially occurred. In this blog, we outline 4 factors which IT professionals should consider whilst formulating their cyber security strategy.
Given the range and sophistication of recent cyber-attacks, defense in depth is required. And this defense has to be increasingly sophisticated. It requires an infrastructure with security built in; one that provides virtualized on-site resources with a complete controlled environment for the branch, with security built in from the ground up. Every element must be carefully designed to maximize manageability and security.
Patching, Keeping Current and Keeping Compliant
One of the most important requirements for IT is to keep infrastructure current, apply security patches and install updates. Of course, this not as easy as it first sounds, especially when you have disparate virtualized and distributed systems, all running slightly different IT stacks.
But it’s crucial, not only to protect infrastructure, but also to ensure it continues to work within the parameters of compliance frameworks. Automation must be at the heart of any viable current solution, otherwise the risk of human error becomes too great.
When looking at branch network security, it is essential to choose a solution which comes with the same high levels of security that you find with cloud services. This should include segmentation, logging, intrusion detection and file integrity monitoring so that these solutions can achieve equivalent levels of compliance.
Advanced Automated Backup
Given the prevailing attitude that cyber attacks are imminent, business continuity and disaster recovery plans are now forming part of protection strategies. This is particularly important to guard against ransomware attacks — attempts to extort money by encrypting data.
Regular updates and anti-virus software form the first line of defense against such attacks, but if the virus manages to breach these defenses, the only solution is to restore from a backup or a snapshot.
To be effective against ransomware and to minimize disruption to users in the event of an attack, backups or snapshots must be taken frequently, retained for an extended period (in case the virus is not detected right away), capable of being rapidly restored and inaccessible to the infected computer — and therefore the virus.
There is little point in focusing on the security of the head office or datacenter, when the devices that are vital to the running of each branch are at risk. The only way that the branch IT can be protected is by continually keeping these branch devices up to date, and in line with each other.
But this isn’t easy. Branch IT is, by its very nature, highly distributed, often remote, and rarely served by local IT expertise. This can push up the cost of implementing and maintaining a branch security strategy, and could discourage an already overstretched IT team from giving the attention it demands. It is here that automation and the right tools can assist in preventing these cyber security attacks. If you would like to learn more on this subject, you can view our 30 minute video on keeping your IT current.