Cybercriminals are Exploiting COVID-19. Don’t Leave Your Data Exposed.

BrandPost By Ashish Prakash
Jun 05, 2020
Data and Information SecurityIT Leadership

istock 1169729418
Credit: gocmen/istock

The coronavirus pandemic has affected our families, our businesses, our communities, and our way of life. And it has made our data more vulnerable than ever.

Businesses that have closed their physical doors are looking for new ways to stay open. IT organizations must urgently enable remote workforces, shifting priorities and reinventing the landscape as they move through it. In an effort to preserve cash and keep the lights on, IT administrators are getting by with the data protection software and hardware they’ve had in place for years, letting modernization slip down on the priority list. And that could be a big mistake – because cybercriminals are using this unprecedented situation as an opportunity to attack and hold data hostage.

Organizations must act quickly to protect one of their most valuable assets – their data. Almost overnight, a majority of workers have moved from offices to working anywhere. Hackers are well aware of weaker security controls on home IT systems, where every device or wireless connection is a potential entry point. Workers who continue to travel into the office, however, are not immune to cyber threats. Heightened anxiety is increasing the likelihood that users will click on COVID-19-themed lure emails from any device or location, significantly increasing the success of ransomware attacks.

A strategy for IT teams spread thin

The rise in cybercrimes like ransomware cannot be ignored. Data loss and system downtime have severe consequences that demand urgent response if an incident occurs. Many IT organizations already spread thin by the crisis will be hard pressed to get systems back up and running with outdated technology.

Although modernizing data protection is a critical factor for ensuring business continuity, the prospect can be overwhelming in the midst of all the other COVID-related changes. Here is a simple, straightforward strategy to prepare your team and protect your data in the new threat landscape:

  1. Don’t skip the basics. The 3-2-1-1 rule that data protection specialists have relied on still applies: Preserve three copies of your data on at least two different media types with one stored offline, and one stored offsite at another physical location or in the cloud. 
  2. Plan for the future. Choose a solution that protects your business data immediately and enables you to modernize data protection at your own pace, with enough built-in flexibility to allow your business to navigate an uncertain future.
  3. Act quickly. Select a vendor you trust and a solution you can deploy quickly. There are simple, resilient, game-changing solutions available today – appliances, software-defined, and cloud-based – that can be implemented in just a few hours. Technology providers who go beyond traditional solutions and provide new approaches and answers can help you find the right data protection solution for your business. Look for solutions that meet every SLA adequately and cost-effectively, and put your most valuable asset to use for more than just an insurance policy, leveraging it for business insights, and accelerating development times.

Fortify data defense with proven solutions

Modern data protection solutions can be deployed rapidly. Technology advances have propelled these innovative solutions far beyond the basic 3-2-1-1 rule to mitigate data loss in the face of ransomware and other malicious attacks. To ensure your data is safeguarded and recoverable, choose a proven, economical solution that is easy to integrate into your workflows and effortless to manage. Most importantly, ensure that your data is not accessible to ransomware. Your data should be stored in a way that makes it invisible to unauthorized encryption, and your solution should let you restore data efficiently at any time.

While it’s likely the basics of protecting your organization won’t change during this pandemic, the timeline for implementation will. There are actions you can take now, and technologies you can adopt very quickly, that incorporate the latest innovations to help you secure your data without compromise:

• Look to the cloud – but not just any cloud A modern data protection plan typically extends to the cloud for scalability. The cloud offers flexible capacity and supreme agility without requiring additional capital investment. Cloud services scale up or down to meet unpredictable demands, and because data is managed offsite, your IT staff is freed up from additional datacenter tasks.

When selecting a cloud service for protecting data, keep in mind that services and charges vary from vendor to vendor. Some cloud services are extremely efficient, allowing you to protect your data in an effortless and flexible way. A cloud solution with built-in security and that doesn’t charge egress to recover your data helps preserve cash. You can spin up capacity in minutes and pay-as-you-protect data with a suite of enterprise cloud data services such as HPE Cloud Volumes, which offers plug-and-play data protection with a wide matrix of software options. While the data being protected is invisible to ransomware, your organization can securely and efficiently put your data to use for dev-test, analytics, and/or hybrid CI/CD pipelines by activating it across AWS, Azure, and GCP.

• Choose software-defined solutions and make backups invisible Software-defined solutions offer another way to protect enterprise data assets without adding physical hardware to the environment. A virtual machine (VM) backup solution is easy to deploy on your existing hardware, and it can provide enterprise-class data security and fast recovery for lower recovery point objectives. HPE StoreOnce VSA provides an impenetrable layer of protection by ensuring that backup data cannot be seen by ransomware.

• Add an “Air Gap” to make backup data inaccessible An air gap, also called an “air wall,” is a security measure that protects data from intrusion. The concept is simple: any device that isn’t connected to a network cannot be attacked remotely. During a cyberattack, traditional tape storage provides a vital last line of defense because you can maintain copies of data fully offline behind an air gap. Tape storage continues to be in strong demand as a scalable and secure method to protect and retain infrequently accessed, yet essential data in the long term. The ultra-low cost per GB and rapid transportability of HPE StoreEver tape provides extra reassurance that you can rapidly recover data if an incident occurs. Download this whitepaper to learn how tape storage can be used effectively to combat ransomware.

If you create a strong line of defense now to secure business-critical data and ensure application availability, your organization will be able to deliver more than business continuity. New technology can improve efficiencies by reducing cost, risk, and complexity in backup environments. Protecting your data on-premises and in a distributed-cloud environment will set you up to deliver on future SLAs, enabling you to meet demanding SLAs (RPOs and RTOs) and keep your business moving ahead.

Learn more about HPE data protection here.


About Ashish Prakash

ashish article
Ashish Prakash is the Vice President & GM of the Cloud Data Services team in the HPE Storage & Big Data group. In this role, Ashish is responsible for defining and developing simple and consistent customer cloud experiences that can deliver private, machine learning, data protection, and connectivity as-a-service.
Prior to his current role, Ashish led Product Management responsible for HPE Nimble Storage, HPE Cloud Volumes, and HPE Infosight.