How to Use a Data Management Platform to Protect Your Data and Your Brand Reputation
Written by Bob Mill, Senior Director, Cohesity, & Christian Chavez, Data Center & Cloud Solutions Architect, Aspire Technology Partners
Every 11 seconds, bad actors compromise a business and their data, whether through a direct hack, phishing emails, or most recently, through sophisticated and targeted ransomware campaigns. The effects of these campaigns are not simply isolated to a small set of data or a single company that has been targeted. As demonstrated by the recent ransomware attack against an energy company, the follow-on or trickle-down effects can be felt by a significant number of your company’s customers and their customers as well. Ransomware has raised its profile from IT nuisance to brand-damaging threat. Organizations need to protect their brand with a secure data management platform.
Today, threats to organizational data and operations are no longer a technology-only concern. They have become a board-level, risk management and governance issue, as businesses consider ways to protect their data – and their brand reputation – from data breaches and cyber security threats.
Data Protection in the Recent Past
Ten years ago, organizations appeared better positioned to avoid the types of threats that ransomware causes. The typical organization had a backup procedure in place that consisted of recording data to tape or optical storage. Organizations stored the backups offsite until a data loss event required their retrieval. The predominant data management practice of that time created literal air-gapped data protection for backed-up data. The data could not be affected by a virus, hack, trojan horse or ransomware providing it had not been infected or altered before it was recorded to storage media.
Back to the Future: Data Has Become an Asset
Fast forward to today where businesses move at the speed of the cloud. Data has become an asset, not a storage liability, which organizations leverage to make real-time decisions and for long-term planning. Organizations mine, analyze, consider, and consume data of all sizes. Data exists in centralized data warehouses and out at the edge where it is collected by IoT devices.
This shift from air-gapped back-ups that were seldom required to daily data access necessitated changes in the way organizations handle data management and the ways they protect against and respond to threats like ransomware attacks.
A typical threat today can affect data and your entire software infrastructure. Threat actors and ransomware can encrypt and compromise your hypervisor and VM stack, your key stores, and even reach into the cloud to corrupt your off-site data. Everything becomes vulnerable. A data-loss event can become a significantly expensive and time-losing experience as well. Imagine having to restore your entire environment – while first ensuring that your data will not become corrupt again if the ransomware or hack has not been completely remediated.
Related article: “Managing Your Data Today for Business Value Tomorrow”
You recognize that this scenario is no longer an if, it’s a when; your data and back-ups are targets for bad actors. The only question is: What will you do about it?
When we consider an event like a ransomware attack, think of it like putting Humpty Dumpty back together again. We all knew he should not have been perched on the edge of the wall like that in the first place because he was bound to tumble off – it wasn’t an if, but a when. And then you’re standing over this mess with no clear map or plan.
To combat data threats, Organizations need a combination of Managed Detection and Response (MDR) along with a data management platform that provides for the creation of an immutable, or unchangeable, data set before a data loss event occurs.
Your Data Management Framework: Prepare, Detect, Respond
Think about your data through the lens of this simple three-part framework: Prepare, Detect, and Respond. This is a thought process for how to prepare for the inevitable. Ask these questions about your data protection solution:
- Prepare – Is your data protection solution secure by design? Is it immutable so recorded data cannot be changed? Do you regularly test your recoverability? Have you taken steps to minimize data loss – like using role-based authentication and multifactor authentication (MFA) to limit data access to certain roles or individuals?
- Detect – How are you detecting potential cyber threats today? What is your organization’s security posture? Can you provide 24/7/365 network monitoring to reduce risk with faster threat detection and response capabilities?
- Response – How will you respond in the event of a ransomware threat? Are you prepared to respond at scale or restore at scale? For example, if you operate hundreds of VMs which become corrupted, how quickly can you restore them and guarantee that you have removed or remediated the threat before then restoring your data? How do you conduct vulnerability assessments of the hosts before they’re restored to your network?
Data Resiliency and Protection Checklist
When we work with clients to develop a Managed Detection and Response (MDR) solution that includes a data management platform for complete data resiliency and protection, we start with a few questions to better understand their environment. Here is a quick checklist of items you might consider:
- Where does your data reside today?
- What type and amount of data are you protecting?
- What devices are attached to your data network?
- What are you doing for backup today?
- What are you doing to limit data access today (e.g., role-based authentication and MFA)?
- What is the potential impact on your business and brand of a data loss or theft event or operational attack?
- Who are the major stakeholders who need to be involved in any data protection and management discussion (hint: they’re upstairs in the board room)?
Data has become the most important asset that any organization owns. Your data is your biggest brand asset. And your data, and by extension your brand, are under attack by increasingly sophisticated threats and bad actors.
Review the simple three-part Data Management Framework and Data Resiliency & Protection Checklist to help you assess your organization’s potential data loss and operational vulnerabilities and to map out a plan of response with a Managed Detection and Response (MDR) and data management partner.
Cohesity and Aspire Technology Partners
Cohesity and Aspire have enabled customers across multiple industries to establish their roadmap and start their journey to a solid Data Management Strategy that includes Managed Detection and Response (MDR) along with a data management platform that provides true data immutability built into the platform. While some of our customers did not think they were ready for a data management platform, we enabled them to take care of daily tactics that would lead to later benefits by turning their data into business value. Aspire is a Cohesity registered partner and we leverage the Cohesity Data Management Platform to protect and make customer data available at all times.
About the Authors
Bob Mill, Senior Director, Cohesity
Bob leads the systems engineering organization for the East Area at Cohesity. Prior to joining Cohesity, Bob was the VP of Systems Engineering for the Americas (Canada, US, and Latin America). Bob has 20+ years of experience helping customers in the areas of data management, security, big data, cloud and analytics. Bob holds a bachelor’s degree in Computer Science from the University of Pittsburgh.
Christian Chavez, Data Center & Cloud Solutions Architect, Aspire Technology Partners
Christian is a Data Center and Cloud Solutions Architect at Aspire. He has over 15 years of consulting and implementation experience in security, wireless, network infrastructure, virtualization, and cloud architectures. Christian has hands-on experience designing and deploying virtualization and cloud technologies, LAN switching, and routing infrastructure. In his current role, Christian engages with clients to understand their business objectives and designs technology solutions to meet their desired business outcomes.
Aspire is a Cohesity partner, and we leverage the Cohesity Data Management Platform to protect and make customer data available at all times. We help them ensure continuity and repurpose their data to provide additional value to the business. We begin by eliminating data silos to reduce cost and complexity, then we help them provide greater visibility into their data so they can increase data intelligence and act on data in the cloud.