[enterprise data security] upgrade backup strategy to ensure enterprise data security

Learning from Zhuohao ManageEngine How to help formulate the backup strategy of the enterprise , Let's quickly understand the importance of backing up data .

The backup data ： Why are we doing this

Backup data is to save one or more copies of important documents in different forms in different locations . This means that all data is not stored in one place , Even if a piece of data is destroyed , It will not lead to irreparable losses .

Why you need to back up data

• Blackmail software attacks
  According to the blackmail software trend analysis of the financial crime enforcement network of the U.S. Treasury , stay 2021 The first six months of the year , Ransomware attacks cause losses to enterprises as high as 5.9 Billion dollars . And 2020 In the year 4.16 Compared with the loss of billion dollars , A significant increase . A malicious attacker is conditional on decrypting the encrypted data , Blackmail system infected enterprises . in the majority of cases , If the enterprise has backup , You can install the backup after cleaning up the system infected by malware , You can avoid blackmail .
• Negligence or accident of employees
  In addition to data loss caused by external attacks ,IT government (IT Governance) According to a report of , More than half of the data loss is caused by employees accidentally . under these circumstances , Backup can sustain enterprise productivity , Prevent business downtime .
• Hidden danger of hardware theft or loss
  IT Assets may be stolen or lost . These conditions also lead to a large amount of data loss . If you back up your data in the cloud , New devices can be easily downloaded in minutes . If the company equipment that stores sensitive information is lost or stolen , BitLocker Encryption and enterprise data erasure policies , It can strengthen the protection of data security .

What does data backup mean to the enterprise

As the use of digital resources increases , Almost all important documents are stored in some kind of digital media ( Computer 、 A smart phone 、 Cloud, etc. ) in . Although there are many benefits to storing data digitally , But it is also easy to lose and steal .

Digitally protect data from abuse , Preventive and response measures shall be taken at the same time , Especially when dealing with sensitive customer information , Enterprises need to do a good job in data protection , If data is lost or stolen , Need to respond in a timely manner .

Protect data security

Enterprises can control through equipment 、 Data leakage protection 、 Zero trust and conditional access to prevent data loss and theft .

Device control and file access management ： Monitor and control peripherals connected to the network . Unauthorized use USB And other peripherals pose two major risks ： These devices may steal sensitive data , And injecting malware into the network , Therefore, a mechanism must be established to detect and control the use of peripheral devices . Again , In order to detect abnormal activity and track the source of intrusion , All file transfers must be closely tracked .
Data leakage protection ： Identify and classify sensitive data in the enterprise . Define protocols to regulate the access and transmission of such sensitive data . Set alarm , Respond immediately to abnormal access that may lead to data leakage .

Zero trust and conditional access ： Restrict access to sensitive information , Or set conditional access , Establish a zero trust environment , Prevent internal attacks and accidental data loss . for example , An intern does not need to have file editing permission for key business data , Having this permission can easily lead to data loss due to accident or negligence . The best practice is to follow the principle of least privilege , Keep everyone's privileges to a minimum , Grant special permissions as needed for exceptions . This makes it easier to track the source of the vulnerability and fix it .

Countermeasures for data loss and theft

according to IBM A report of , Compared with enterprises without incident response teams , Enterprises with specialized incident response teams have reduced losses in security incidents by nearly 200 Thousands of dollars . About responding to data security events , Keep the following in mind .

Strictly back up data ： Backing up data on a regular basis can prevent enterprise productivity from being affected , And avoid extortion to some extent .

obtain 、 Best practices for storing and restoring backups ：

• According to your needs , Backup can choose ：
  Full volume backup – Back up all currently available data .
  Differential backup - Based on the last full backup , Back up new files and modifications .
  Incremental backup - Based on the last backup , Back up new files and modifications
• When storing backups , Make sure that the backup and original files are stored on different computers or hardware .
• According to the amount of data , Select the storage method , Such as hard disk storage 、 Network access storage 、 Storage area network 、 Backup server 、 Mobile devices 、SSD And cloud storage .
• Regular full backup , For example, weekly or monthly . You can also use 3-2-1 Backup policy , That is, three pieces of data are stored in two different forms , An offsite backup .
• Store backups in the cloud or use cloud based tools , Automatic backup .
• Before restoring the backup , Please make sure your backup is not damaged by malware , And check that your network has been completely erased and formatted ( To prevent blackmail software attacks ). These initial checks ensure that the recovery backup is secure .

Enterprise data erasure ： After the enterprise equipment is lost , Perform enterprise data erasure now , Delete sensitive data stored in the device , Ensure enterprise data security .

Damage control and recovery ： If there is a blackmail software attack , Please ensure that the incident is reported to the local government Cyber Security Agency . If the attack affects the customer , Please issue a vulnerability notification , And attach the root cause analysis , And measures taken to prevent such attacks in the future . Check all IT Whether the assets meet your safety standards , And isolate the affected system .

Enterprise terminal management system – Protect data security

Desktop Central：Desktop Central Provides vulnerability management 、 Browser security 、 Equipment control 、 Application control and BitLocker Management and other comprehensive terminal security functions .

Device control and application control functions , Able to control external device plug-ins , And prevent malicious applications from injecting malware into the network .
Mobile device management module , Capable of erasing sensitive data on enterprise mobile devices , Protect data security . You can store enterprise data in an encrypted container , And restrict access to enterprise approved applications and accounts . Set up Exchange Conditions Access strategy , Only authorized mobile devices are allowed to access Exchange Server, Is the best practice of access management .

You can also create folder backups for enterprise systems . Besides ,BitLocker Management ensures that... Is enabled on all applicable computers BitLocker encryption , Prevent the leakage of sensitive information on stolen devices .

Endpoint DLP Plus： Professional data leakage protection software , Designed to protect sensitive data on enterprise terminal devices . Protect data from disclosure and theft through advanced data loss prevention strategies . It uses templates to discover sensitive data , And define protocols for the access and transmission of these data .

Both solutions provide 30 Days of Free trial period , Users can experience all the functions of the product in depth , Protect network assets , Assist users in formulating response plans for attack events , Strengthen the network security mechanism .