Data management: A core ingredient of your cloud security recipe

With the onset of pandemic, the businesses across the board witnessed rapid digital transformation and majority of companies have adopted remote working to maintain business continuity amidst a series of continued lockdowns. While many companies now have enhanced agility and flexibility, cybercriminals have also jumped on this opportunity, finding new weaknesses that may exist in organization’s IT framework. Since 2020, ransomware and malware attacks are increasing at an exponential rate, and this trend is unlikely to stop anytime soon. In today’s all-digital era, securing your cloud is essential, and the ability to handle your data efficiently is at the core of it than ever before.

Relearning the basics

Data protection and availability are the key parameters when it comes to cloud adoption. Data management is at the heart of every cloud security strategy because without access to data, remote work is impossible which takes a toll on an organization’s productivity. To ensure secure data management, Role-based security and encryption must be used because it uses 256-bit key or higher to ensure end to end security.

Limiting access to the organization's servers, as well as securing and "hardening" the data environment, is critical. Further, the data management platform should need multi-level authentication for approval and authorisation of any changes to be made to data.

The basic 3-2-1 backup rule never goes out of fashion because it still applies very well no matter where your data resides. Keep at least three (3) copies of your data, and store two (2) backup copies on different storage media, with one (1) of them located offsite.

No matter where you are in your cloud journey, understanding the true power and benefits of intelligent data management could be a game-changer in elevating your cloud strategy.

The ever-growing pot of cyberthreats

Malware and ransomware are becoming more prevalent and damaging than ever. According to Kaspersky’s IT Security Risks Report 2021, half of ransomware victims pay the ransom, but only a quarter see their full data returned. Handing over money doesn’t guarantee the return of data, and only encourages cybercriminals to continue the practice. Therefore, instead of paying the ransom, enterprises must look for adopting ransomware strategy that should reduce attack risks while also seeking to mitigate the impact of an attack that succeeds anyway.

It's important to keep an immutable copy of data owing to the recent surge in ransomware attacks. New data protection strategies need to be updated frequently to combat the rising complexity of cyber threats. These include data isolation, which segments backup data to make it unreachable from public portions of the environment, and air gapping, which creates a network with no connectivity to public networks. A multi-layered security strategy can significantly reduce risk.

In today’s information economy, ‘data is the new oil’ and this ‘new-age oil’ is leaking profusely as its safety is threatened by nefarious actors launching cyber-attacks at will. According to IBM Security’s Cost of a Data Breach Report 2020, Indian companies, on average, saw the total cost of a data breach come up to $2 million. Further, the report reveals that on average, it takes 313 days to identify and contain a data breach in India. With such a long time frame, even if the threat is eventually detected, it has already done enough damage - both monetary and reputational - to organizations.

Cybercriminals these days are following a unique strategy of breaking an attack into several payloads to enhance their chances of success. As a result, proactive threat and change identification become critical components of any cloud security strategy, therefore, making artificial intelligence (AI) and machine learning (ML) invaluable assets in terms of detection and automation.

By using AI in the data management platform, all files can be monitored and tracked for anomalies, such as suspicious changes to files. After that, real-time alerts are sent so that irregularities can be investigated, and possible attacks can be prevented before they cause any damage. Machine learning assists the platform in continuously improving its security.

Governance with a pinch of salt

It's important to note that no matter where the data is stored, on-premise, in the cloud, or in a hybrid of both, the data originator is always held accountable for its security. Consuming cloud-based services does not absolve a business of its responsibility; an organization is still responsible for its own security, data environment, and data management at the end of the day.

Data governance is ultimately what determines the ability to protect data, including data stored in the cloud. You have to understand the data, where it is stored, and who has access to it, as well as have a plan in place for when an unforeseen incident occurs. Multiple levels of protection, from the end point to the data centre to the firewall, are all essential.

Following multi-staged security decreases the attack surface on the cloud, with data management serving as the last line of defence when everything else fails.

By Pradeep Seshadri, Director, Sales Engineering, India and SAARC, Commvault