Welcome to the Summer of 2021. We’ve made it through what can only be described as a year and a half of both ordered and disordered chaos for much of the global population. From the onset of a global pandemic to fast and furious ransomware attacks on our world’s most seemingly secure industries. And let’s not forget, the general upheaval to everyday life – it’s been a challenge.
If I hear the phrase ‘remote working’ one more time…
One of the biggest issues the IT industry has faced globally is the switch to remote working. Yes, we know. You’ve heard it all before. But stay with us. Having to protect remote workers from cyber threats in the same way you would in an office is no easy task. It’s a process that includes maintaining cloud and on-premise office spaces; constrained budgets and unprecedented cost-cutting, all whilst trying to keep up with evolving technology.
Trying to do more with less has never been pushed on IT departments as much as it has been over the past year and a half. With stress levels boiling throughout major industries and cyber threats looming around every corner, the mental health of employees has been a casualty of war during the pandemic. For IT teams, keeping businesses afloat – and piecing together the strangeness of remote working company-wide – has been a particularly arduous and difficult task.
Of course, this is on top of the other trials and tribulations that the pandemic has had to offer. When your IT teams are fighting battles on both fronts, it can certainly feel a little hopeless at times. Maintaining a company’s infrastructure and cyber security at a time like this is a bitter pill to swallow. So, in the words of the late and great Robin Williams, be kind, always! This could mean taking a closer look at company culture; but it can also mean easing the pressure on your IT teams through various means, like automating tedious tasks, keeping your software up-to-date, or even implementing new, more efficient systems.
Incidents, incidents, incidents
Over the last year, the sheer number of blogs, articles, and reports on incidents and breaches is staggering. A quick look on the UK Government cyber page is enough nightmare fuel to power IT teams for a decade.
Let’s take a closer look at this.
“Four in ten businesses (39%) and a quarter of charities (26%) report having cyber security breaches or attacks in the last 12 months. Like previous years, this is higher among medium businesses (65%), large businesses (64%) and high-income charities (51%)[footnote 1].
This year, fewer businesses are identifying breaches or attacks than in 2020 (when it was 46%), while the charity results are unchanged. This could be the result of a reduction in trading activity from businesses during the pandemic, which may have inadvertently made some businesses temporarily less detectable to attackers this year.
However, other quantitative and qualitative evidence from the study suggests that the risk level is potentially higher than ever under COVID-19, and that businesses are finding it harder to administer cyber security measures during the pandemic. For example, fewer businesses are now deploying security monitoring tools (35%, vs. 40% last year) or undertaking any form of user monitoring (32% vs. 38%). Therefore, this reduction among businesses possibly suggests that they are simply less aware than before of the breaches and attacks their staff are facing.”
And breathe. In short, get help. Get testing, get patching and voice your concerns business-wide.
So, what now?
Let’s be honest, we already knew that the IT landscape isn’t looking inviting in 2021. With sophisticated attacks (think Sony and Solar Winds) affecting so many companies, lying dormant for months, it’s hard to comprehend just how much damage has been done! When the tools you use to keep your business protected get compromised in an attack, it’s imperative you have a good backup strategy to get you safely and securely out of hot water.
So, we’re here to remind you that you’re not alone and to ask for help. These tips may just shed some light.
- Make a Disaster Recovery plan and test it! Not all systems are created equal, so some documentation goes a long way on understanding how things work
- Embrace multiple operating systems – Mix and match! Viruses are normally coded for a particular operating system *Cough, Windows*. Have at least one backup server on a different OS.
- Embrace the 3-2-1 Backup Model. The 3-2-1 backup strategy simply states that you should have 3 copies of your data (your production data and 2 backup copies) on two different media (disk and tape/cloud) with one copy off-site for disaster recovery
- Patch everything 4 times a year, at a minimum. If you can’t upgrade it and keep it secure, consider this: why do you still have it?
- Remind your users to engage their brains in opening emails and receiving files from people.
- Don’t just take that 3rd party’s word their new software is safe or even your own. Test it. Check it. Patch it.
- Embrace your shortcomings and reach out. Escalate it. Outsource work, or at the very least, try to spark up a conversation.
- If you’re using Storage Protect and are finding the admin and management of it troublesome, look into Predatar, or at the very least Predatar Insights
To conclude as it were, it’s tough out there. If you’re concerned about the management of your infrastructure, give us a call or drop us an email. We may have the right solution, even if it’s just an airgap for your backups on-premise or in the cloud. Look after your infrastructure, but more importantly, look after your people.
Signing off!
Blog written by | Anton James | IT Manager, Predatar