New-Tech Europe Magazine | Q1 2021
traffic patterns, with containment plans in place should the need arise. On endpoints and servers, IT should ensure that deployed software, operating systems, and anti-malware solutions are up-to- date. Additionally, user accounts should be well thought out, with each account configured to only allow access to what they need and nothing more. The same concept applies to system administrator accounts, avoiding using a single account that has access to everything. Partitioning access to different systems and minimizing access to only what is needed can help drastically reduce the damage inflicted when credentials are leaked. Educate the employees Maintaining good security also requires all end-users to be well- educated on potential threats, as many breaches have been caused by users falling prey to phishing and social engineering tactics. Training programs should be in place to provide examples of modern phishing attacks and how social engineering can happen. Additional best-practice knowledge should be shared on handling suspicious e-mails, identifying spoofed websites, and most importantly, how to report a security incident. Crisis management plans should be well documented and rehearsed. For example, who should handle communications, internally and externally? What processes will be used to conduct auditing, damage analysis, and customer and authority notification, should the need arise? Internally, IT should always maintain up-to-date deployment
Figure 1: Establishing security awareness and systematic planning maps of which systems are doing what, which are dependent on one- another. Contingency plans should be in place should a total site shutdown be required to contain and/or remove the malware. Information Security and Backup Strategies
Take a real-world case as an example, Synology successfully helped a government entity to streamline and backup large-scale content creation projects produced by its subsidiary render farm. With 300 virtual machine running multiple tasks, the render farm ultimately leverages Synology’s Active Backup for business to back up its running VMs onto another onsite Synology NAS, while utilizing Snapshot Replication and Hyper Backup to automate additional on-site and remote backup tasks. With such structure in place, the rendering farm can preserve multiple data backup at both onsite and offsite locations, drastically mitigating risk of data loss. There are many more success stories where clients utilize Synology solutions to form their information security and backup strategies. After all, to preserve digital assets in an era of ever- evolving ransomware, Synology believes that proactively backing up files regularly is a necessary step to protect important data.
While employee education and IT teams can mitigate ransomware attacks to a large extent, due to the unpredictable nature of attacks, systems can never be 100% protected. The only fail-safe way to completely protect digital assets is to have a comprehensive backup strategy in place from the start. This will ensure that if systems are compromised, there will always be a clean version of data to recover from. One popular backup methodology is the 3-2-1 backup strategy. Simply put, this is 3 copies of your data, across 2 different mediums, with 1 copy offsite. An example of this could be storing your data on an on- premise server, with two backups, one on-site and another located on the cloud or at a remote site.
New-Tech Magazine Europe l 33
Made with FlippingBook Publishing Software