Tag Archives: security

Disaster Recovery—Don’t Gamble on Your Security

Posted on by

In this new age of cloud computing, we see companies adopting new systems that they hadn’t previously considered to keep up with the times. IT departments, often formerly regarded as a token failsafe in case of technical disaster, are now taking the lead to overhaul outdated data infrastructure and create lasting change in their companies.

Cloud computing is spreading through the business world, and businesses both large and small are working to adopt the cloud to better leverage their data and provide an easy backup. However, companies often overlook the security and backup measures necessary to ensure that cloud systems aren’t crippled in the event of an outage.

As a result, IT disaster recovery (DR) has gained attention, with businesses needing specialized plans and contingencies to ensure that their systems can be recovered as soon as possible in the event of an issue or an outage. DR has been around for awhile now, but with cloud computing placing further emphasis on Internet integration, the practice is more important than ever.

So what does disaster recovery entail? Are offsite backup servers necessary to ensure the security of your IT systems? Fortunately, the answer is no. With the rise of disaster recovery as a service (DRaaS), paying what you need for the promise of a secure cloud service in the event of a disaster is both cost-effective and highly beneficial.

The main issue with convincing businesses to adopt a DR plan is because of skewed perceptions of the factors that can causes outages or disasters. The name itself implies some cataclysmic event, such as a natural disaster or major storm, when in reality, the majority of outages are caused by operational failure or human error. For that matter, these outages are often very short-lived, and though companies can often get their systems running again in a short time, your customers’ widespread expectation for instantaneous action can make a surprisingly negative impact on relations.

In fact, a 2016 survey discovered that 69% of respondents reported that minutes of downtime would be disruptive to their businesses.

One of the best aspects of DRaaS systems is their ability to address failover in a comparatively small number of systems. As previously mentioned, failures are often much more minor than the moniker of “Disaster Recovery” would indicate. DRaaS systems are often able to group systems into virtual protection groups, allowing for more precise control when addressing problems.

Not all DRaaS systems are created equal, however. It is up to you as a business professional to seek a solution that is largely automated and offers good technical support. There’s no sense in recommending plans or companies here; every business will have its own unique needs when it comes to implementing a DR plan.

That said, adoption is pretty much necessary in this age of technological flux. 72% of companies have reported using their DR plans at least once, and beyond the issues previously mentioned, inconsistent cybersecurity measures have lead to a string of attacks by hackers.

Often, it can be difficult to make business leaders cognizant of the benefits of more robust IT systems. However, highly outdated IT practices have led to inefficiencies in some businesses. Anticipating and overcoming these issues can be the key to optimizing business practices and easing data analytics.

Some Things Never Change—Security and the Internet of Things

Posted on by

There’s certainly been a lot of hype over the past few years about the Internet of Things (IoT); its potential to create a 360 view of data has many business analysts salivating. This is an appealing prospect, especially given the network effect gained from more and more enterprises and even households adopting interconnected devices. That said, before every company rushes to adopt this new technology, security concerns must be addressed first.

The problem lies in the lax security standards that most of these devices have. In an age where most individuals feel comfortable making transactions online, we think nothing of sending personal information through the web. The reason for this perhaps undue confidence in security measures is because small breaches are never newsworthy, whereas large breaches attract attention and are generally perceived as isolated incidents.

The truth is, many manufacturers, particularly those constructing IoT devices, know very little outside of the bare basics of cyber security, exposing countless sensors to potential attack. Also problematic is the lack of standards associated with devices under the overall umbrella of IoT.

One example of a problematic tendency is a lack of prompts to change passwords. Manufacturers seldom ask users to change login information from the default, and as a result, devices can be hacked en masse because few have bothered to update their information.

Of course, given how extensive these networks of devices can be, updated security may very well entail securing every single device, a process that is just as excruciating as it sounds. This is a new concern for companies that, until now, have managed to get by with a standard-issue IT department.

Until industry standards can be adopted, it becomes the responsibility of individual businesses to thoroughly vet where their devices are coming from, and study the results of previous companies that have used them. Wonderfully enough, the data is definitely there; though it may require some effort to find and interpret.

There is good news, though. As far as protecting devices goes, there are already proven tactics that IT departments can use to stay on top of things. Encryption, two-factor authentication, and vulnerability scanning can go a long way in ensuring that a company’s web communications are functional and secure.

Problematically, this issue works both ways; devices are being compromised by poor security which are in turn being used in DDOS attacks, two problems that companies will have to worry about.

As far as the defense side of things go, companies do have options in the form of DDOS detectors, as well as numerous websites detailing ways to combat these attacks and similar cyber threats. Companies will need to incorporate contingency plans into their policies for cyberattacks regardless of whether or not they make heavy use of IoT devices.

This may require spending some money to properly train your IT department in defensive best practices, but it’s worth it in the long run. The age of the IoT gives companies an ultimatum: adapt to the shifts in technology, or fall behind. That doesn’t necessarily mean completely integrating new gadgets into your workplace; just to familiarize your company with them and be prepared to incorporate them if your situation calls for it.

Caution is the name of the game. The issue with learning the technology is that it will inevitably change in the next few years. That said, it’s always worth investigating in order to stay on top of recent trends and even leverage new devices to gain a competitive advantage.

Because of these ongoing issues, IoT technology has not been widely adopted, despite the impact that it has already made. These security concerns will have to be addressed before businesses are willing to trust these devices, though, like the Internet before it, it has the potential to revolutionize business and bring a new level of data analysis to the workplace.