3 Strategies for Strengthening Cybersecurity with DRaaS

Understanding the role of DRaaS in security incident response

 

Building a more resilient business

The modern-day client expects your business to be available no matter what disruption it faces. This fact, coupled with the evolving cybersecurity threat landscape, is pushing more and more businesses to adopt an IT resiliency strategy that integrates data security and recovery strategies together.

“DRaaS and cybersecurity can go hand-in-hand, to protect a company’s data.”

— Mike Smith, President of AeroComInc.com

This means that security specialists and IT personnel must co-own resiliency tasks to achieve full mitigation – which requires a holistic approach.

1. Incorporate DR as part of your overall security incident response plan

It’s important to formally consider security events as disasters and treat them with the same urgent attention. Why? Because a security event can have the same lasting impacts as any other form of disaster in terms of lost data, extended downtime and reputational damage.

“Firms need someone guiding them through best practices. Not basic things like antivirus, but bigger picture aspects like data retention policies, user awareness training and other information-related policies.”

— Dustin Bolander, CIO of Technology Pointe

According to a survey conducted by IDG Research, 46% of companies consider security incidents as “disasters” and 81% incorporate DR into their overall security plans. Taking this approach is the first step to building a holistic IT resiliency strategy.

Key Takeaway:

An experienced DRaaS provider will shore up protective services (firewalls, patching, etc.) for your company’s recovery environment and incorporate cybersecurity scenarios into your DR testing and playbook documentation. Be sure to ask about the detailed response play for cybersecurity threats when vetting DRaaS providers.

2. Balance preventative and restorative measures

Both preventative and restorative measures work in conjunction to protect data and secure information from unwarranted hands. This makes for an advantageous strategy to both IT professional and security specialist groups, in that you will always have a first line of defense, plus a Plan B.

As part of this complementary approach, some companies even do vulnerability/change monitoring in their recovery environments. Scanning your DR data for changes or corruption is a way to flag suspicious behavior, so you can take action in both DR and production environments if you identify a vulnerability.

Key Takeaway:

DRaas providers have your data, so why not have “a second pair of eyes” looking out for you? Vulnerability scanning in a DR environment does not impact resources in production and can potentially uncover threats that were missed initially.

3. Put up walls with the 3,2,1 backup strategy

If you make it hard for cybercriminals to access your data, it will deter many from attacking you. One thing you can do to protect your applications and data sets from security incidents is walling them off from each other wherever possible. If cybercriminals gain access to one application, then they will have to jump over hurdles to gain access to further information.

A robust backup plan strengthens your data protection policy. To set up good walls for your data, a good place to begin is with the 3,2,1 strategy:

  • 3 copies of data
  • 2 copies stored locally
  • 1 copy offsite

This strategy isn’t an end-all-be-all because true resiliency demands vigilance and adaptability. That said, having multiple copies of your data dispersed in secure places gives you options during an event, upping the possibility of successful recovery from a crippling scenario.

How DRaaS is a solution of security/DR convergence:
  • Data replication and backup to a secure offsite location
  • Testing and documentation to ensure protection practices are in sync
  • Ongoing monitoring and encryption
  • Team of experts for methodology, maintenance and recovery execution (ideal for overburdened IT teams)
Bringing it all together

What does a successful holistic strategy look like? Let’s review a sample use case of a ransomware attack.

Let’s assume an attacker encrypts your IT systems with ransomware and demands payment. Using backups for long-term data storage and a replication solution for real-time changes in the cloud, DRaaS can offer checkpoint options for recovery.

Once an attack is recognized, replication should be paused immediately, so that the infected data doesn’t spread into your DR environment. In this type of event, you just invoke your DR plan to retrieve the most recent, clean copy of your data, then simply wipe your IT systems and reboot them with your DR copies. Your failover can be tested before changes are made in production to ensure there are no signs of infection. No need to pay an attacker for your data.

“The most prevalent security threat in the IT landscape today is ransomware. Frankly, the only and best way to protect against ransomware ties directly into disaster recovery.”

– Clayton Hart, CEO at Diverse Technology Solutions