Security in Focus:
Disaster Recovery as a Service & Mitigation of Risks

We've all heard of a business being hit with an unexpected disaster, impacting on their ability to operate at a BAU (Business as usual) level. Digital disasters at global level companies such as Toll Group and Garmin have dominated the tech news recently, highlighting how quickly ransomware / cryptoware can spread across a network, causing the operations of a company to grind to a halt. Other digital threats such as hacking or phishing scams are a very real, daily threat.

It's not just digital threats that need to be considered, however. Fire, flood & theft can all be a major concern, if a company loses all of their data.

Stop & consider this for a moment. How would your business would cope if such an issue was to strike your company data?

We can help you lessen the impact of a disaster, & reduce the time to restore your operational capabilities with our various Disaster Recovery solutions.

What should a DR solution
be able to do?

Not all disaster recovery solutions are created equal, & There's a good chance that an 'out of the box' solution won't completely fit the needs of your business. With some products, recovery can take many hours, or even days. Don't risk your business to an incomplete solution. Your Disaster Recovery implementation should be tailored to your situation & infrastructure, including elements such as;

• Automate the backup of critical systems & data
• Provide fast & effective disaster recovery, with minimal user interaction being required
• Be flexible with recovery options:
  • Recover just a single file or single application
  • Be able to recover an entire system
  • Have multi-point, timed backups - Lost a file at 2pm? Restore it from a backup taken at 1pm
• Multiple backup target options, for example:
  • Local internal hard drive
  • Local external hard drive
  • Offsite / cloud backups
• Provide easy to follow, automated backup reports to system administrators

DRaaS Checklist

Here are some key points to consider when selecting a DRaaS provider that will meet the critical needs of your business.

Backup:

Which backup options / capabilities are offered?

• Backup frequency - how often is your data backed up & protected?
• What is being backed up? Is everything that your employees work on being backed up, or is it just network data / core data?
• Where are the backups being stored? Is there a secure offsite solution?
• Secure offsite backups are critical to secure business continuity. If you have an external hard drive or device backing up your data, that's still located on-site, what would you do if there was a fire / flood?
• Cryptolockers & ransomware often lock down your backups as well, so a completely isolated off-site backup is recommended.
• How long are the backups retained for?

Recovery:

What happens if there is an on-site failure?

• Restoration time - how long will it take to restore a file / application or as a worst-case scenario, your entire operational environment?
• Is there a downtime period?
• Can you do partial recoveries, without having to restore absolutely everything?
• Does your DRaaS provider have a self-support model?
• What is the complexity level of performing a recovery?
• How does the DRaaS recovery perform if there is a change in network availability (Is there a failover internet link available such as 4G, should your primary link go down?)
• What performance impact is there during recovery?

Failback:

What happens when on-site capabilities return to normal?

• Are there time limits on how long the provider will host the recovery environment?
• Will there be a period of downtime during the failback
• What is the failback procedure? How is it managed?
• Is there a danger of data loss during failback? What happens to any data that has been updated during this time?
• What level of user interaction is required?

Unfortunately, people will always be a weak point in any business security. It's an uncomfortable truth that no one is infallible, & it's not always an intentional choice that someone makes that can cause an issue.

• Weak and / or easily guessed passwords are a huge factor here. Eg:
  • Password1
  • P@$$W0rd
  • Child or pets name
  • Hobby or profession name
  • Sequential or patterned numbers (1234 or 2468)
• Physical password security. Some staff may leave their passwords written down & visible at their workstations
• Sending passwords & sensitive data over email, chat or messaging programs
• Clicking on links or opening attachments in emails from nefarious senders
• Phishing or Social Engineering scams

Social Engineering

Social Engineering & Phishing are quite different. Social Engineering usually involves the offenders manipulating people into divulging information or taking inappropriate actions.

Kevin Mitnick is a famous convicted hacker turned computer security consultant. Many of the crimes he committed were via Social Engineering. In one of his books, he describes contacting various people inside companies & convincing them to divulge information such as usernames, passwords, IP addresses & more, just by posing as another employee over the phone.

Phishing

Phishing is mainly performed via unsolicited emails that as masquerading as an important item. We've all seen emails purporting to have been sent from financial institutions asking for your client number & password, or other sensitive data. Sometimes these emails are very obviously fake, but there are times when they can be quite convincing in their appearance & wording.

It can also be conducted via Typosquatting / Cybersquatting. This is when someone builds a website with a common name but with a typo that is easy enough to accidentally enter (eg: www.gooogle.com). The wesbites are crafted to look almost identical to their legitimate entities, but will log the user data when entered.

What are you looking for?

• Suspicious looking sender email addresses & links that appear to be possibly correct, but don't look quite 'right'. Referring back to the earlier comment of financial institutions being a big part target for phishing scams, consider these email addresses & websites:
  • www.nab.com.au (actual link for the National Australia Bank)
  • www.natbank.net (made up for the purpose of this document)
  • noreply@nab.com.au (actual address used by many companies for sending client emails out from, noreply@dctwo.com.au, noreply@google.com etc)
  • ceo4768@natbank.net (made up for the purpose of this document)
• If there is a link in an email, you can often hold your mouse cursor over it, to reveal the destination of the link
• Does the email ask for confidential info, such as a client number & password, credit card info or pin numbers? Chances are that's not a legitimate email
• Does the link take you directly to a login prompt, & not the company home page? Use caution here, there's a good chance it's not legitimate

It can be quite difficult keeping on-top of everything, & ensuring that the emails are legitimate. Some steps to consider are;

• Do you have any previous, legitimate emails from the company you've received a suspicious email from? Does the new email share any similarities, such as the senders address or destination URL? Are there any obvious typos?
• Review the email with your colleagues & peers
• Contact the senders company by phone to confirm the legitimacy of the email. Many larger companies have a dedicated resource towards identifying spam & phishing attempts

• Get your IT administrator to review the email in question
• Ensure your provider or IT department has sufficient pre-filtering of mail
• Regularly train your team on the risks and things to avoid

Our valued MSP partner, activIT Systems is our Cybersecurity training specialist. Where we can provide infrastructure, they can provide the training for your team for all aspects of security.

What We Can Offer Your Business

At DC Two, we have the ability & capacity to offer any business, of any size from small to large enterprise, a scalable disaster recovery solution in a cost effective package.

Amongst a lot of options, we can - for example:

• Sandbox parts of your operational environment, to isolate it from your primary network. This provides an additional level of security & any attack can be kept under control
• Retain a copy of your entire environment in the backup process, so recovery time from a disaster will be kept to a minimum
• Provide you with advice & assistance on implementing & managing your secure DRaaS setup

DC Two provisions all of our own services on or own infrastructure, across our own multiple datacentres located within Australia. We have local, friendly technical support available to you on any business day of the year.

We can provide you with a free advisory service, by looking at your critical business operational needs, discussing your concerns and tailoring a solution to fit your needs perfectly.