In a year when organizations are laser focused on protecting business operations and growth, even one minute of downtime is intolerable. Disruption of mission critical applications would mean delayed service delivery, lost productivity, lost profits, and a lot of other headaches you don’t want. That’s exactly why you are probably already doing backups and have a BCDR plan in place. The question is not whether or not you have solutions. Of course you do. The question is, have you done everything necessary to ensure those plans and solutions won’t fail you in your moment of need?
Validate Your Backup Access Management Controls
In the event of a ransomware attack, are you 100% certain that attackers can never, ever get around your security controls and access your backups and corrupt or delete them? Many attackers use multiple steps to get to their prized targets, including credential harvesting and reconnaissance of your systems. Smart criminals know that if you have backups of your environment, they will fail to get a ransom unless they find, access and delete or corrupt those backups. At TRUE, we see new Incident Response clients on a regular basis who thought they had their backup and restore capabilities covered, because they implemented a state-of-the-art solution. However, in many cases, attackers simply navigate through their systems and delete all those backups before unleashing ransomware on the network, because the solution engineering didn’t take this scenario into account. Yes, proactive threat hunting and security monitoring are essential preventative measures, but you also need immediate, failproof restore capabilities for all of your mission critical applications and essential business data in the event of an emergency. Be sure you can restore systems and data to a pre-infected state by having a 3rd party validate your access management security.
Take Better Advantage of the Tools You Already Have
If you have data retention requirements, it’s essential to protect your storage systems from data loss. Some compliance frameworks require organizations to retain data for a particular number of years. If you are under such a requirement and suddenly lose access to that stored data, you could find yourself in a sticky situation with oversight bodies, like the Office for Civil Rights (OCR). Depending on what data is lost, this could even result in legal action against your organization, causing brand damage and further loss of productivity. That’s why you perform periodic testing on backups – to ensure they are working properly. However, it’s not uncommon in particularly busy seasons for testing to get pushed to the bottom of the list. Your backup solution may even have settings available to help you automate testing, but no one ever had time to acquire the expertise and runway needed to set it up. Veeam solutions, which most midmarket and enterprise organizations already use, can automate monthly failover testing and reporting, as well as other bells and whistles. Yet, we regularly encounter situations where those capabilities are being paid for, but not leveraged. For us, it’s a very simple matter to assess a tool’s current effectiveness against its capabilities, then implement the changes needed to maximize the solution. In the end, the goal is for your solutions to work for you, making you more secure, more efficient, and more confident in your business continuity.
Take the Time to Run Tabletop Testing on Your BCDR Plan
The best way to validate your current solutions and processes is to test them. Not only is it key to spin up a test environment to regularly test your failover capabilities, but it’s important to regularly review and update your plan and all documentation. The real test, though, is a live walk-through of emergency scenarios to test your people and processes, commonly called tabletop exercises. On paper, every plan may make absolute sense, but when you critically review every facet of your DR plan during a walk-through, you are certain to find those gaps that could cause costly downtime. For example, have any roles and responsibilities changed? Have you implemented any new technologies, or retired any old servers since the last time you updated your plan? If you are short-staffed one week, does the plan still work? When your organization has an emergency, you don’t want to experience a single hitch that could become the weak link in your business continuity.
At the end of the day, investing in backups and disaster recovery is a great starting place, but it’s essential to validate that your implementation, configurations, people, and processes will be able to accomplish exactly what you need them to. If you would like to speak with someone at TRUE about tabletop testing or a review of your BCDR configurations and controls, you can request a consultation with one of our experts. We’re here to help.