News & Commentary

01:03 PM
Michael Krutikov, Symantec
Michael Krutikov, Symantec
Commentary
50%
50%

Don’t Break the Bank: Back up Your Files

The loss of sensitive and confidential information, be it by theft, accident or natural disaster, can be devastating.

In the early days, protecting the most valuable contents of a bank only required a well-constructed vault and a solid, locked door to seal it off from would-be criminals. Today, financial institutions are responsible for managing and protecting more than just cash and coin. What else could be so valuable? Information, a lot of information. For today’s smaller financial institutions, information is a new and highly valued currency. The loss of sensitive and confidential information, be it by theft, accident or natural disaster, can be devastating.

A recent survey conducted by Symantec revealed that small businesses perceive their information as making up 40 percent of their organization’s value. Losing any sensitive information, regardless of how it’s lost, can be disastrous. When it comes to protecting information, security is important but only one piece of the puzzle. Often overlooked, underutilized and sometimes simply ignored until it’s too late, the importance of backing up critical data has never been more significant as more and more business is conducted online.

There’s a perception that backing up information is a lengthy, complicated process that slows down machines and leaves it difficult to restore information. And yet it seems we are more exposed than ever to natural disasters, human error and criminal activity that could easily cause damage and information loss. How can today’s financial businesses protect their information by implementing backup in an effective way? With the proper planning, backup will benefit today’s small financial institutions with minimal disruption of IT operations. But not all backup solutions are created equal.

The Technology

At the core is the technology your backup solution delivers. Not only is the sheer amount of information smaller financial institutions store increasing, but it’s often distributed across more environments such as virtual infrastructures and accessed via multiple devices. One challenge is that at any time, financial institutions may be running multiple backup solutions, increasing complexity with extra time spent maintaining and managing them and that also brings additional costs. What can be done to simplify and reduce costs? The first step is to look for a single backup solution that can back up information from physical and virtual machines, while reducing the amount of data you need to store and manage.

The actual usability of the backup solution is also an important part of the decision-making process. Recovery time is a critical part of a backup solution, so make sure you are able to recover the type and level of data you need quickly across your organization. Most often the required recovery is of single files or application properties, it is critical to make sure that’s available.

Backup is available in three different platforms, depending on the specific needs. If, as a financial institution, you prefer to keep all your information in-house, you might choose backup software. This integrates into your existing hardware, although it requires technical expertise to set up and maintain, as well as increasing storage periodically to match the increase of information. Another in-house solution is the backup appliance. The appliance provides the software and hardware in one complete package, making it an ideal solution for businesses that are looking to upgrade and consolidate to a single solution. Appliances are also simpler to maintain than software, for those that have a minimal IT presence on the premises. Another, easier option is a cloud-based subscription backup service, which involves contracting with an outside provider to perform and maintain backups – no storage hardware is required. All backup functions take place over the Internet via a secure encrypted tunnel and the data is stored in a secure third-party site. Due to ease of set up and management, this may be the best route for offices without a regular IT presence.

The People

While technology plays an important part in an effective backup program, just as important are the employees within today’s smaller financial institutions. Backup may be able to remediate mistakes employees make, but the best strategy is to educate your employees on effective information management policies. To prevent information loss, ensure that everyone is aware of the need for constant vigilance in emails, downloads and other online behavior.

In addition, establish practical and easy-to-understand information retention policies. Many financial institutions have a policy of retaining files indefinitely, which has several disadvantages. First, it means there is more information, requiring more storage space. Additionally, backup is intended to help with files that are frequently accessed. Older files should be archived to less expensive storage, which also makes it easier to search in order to fulfill legal requests.

Backup no longer needs to be a neglected part of a company’s IT strategy. Carefully research and deploy the solution that best fits your organization’s needs. Combined with effective information management policies, you can ensure that your organization is well prepared to avoid information loss. And in an industry where information is money, that can mean the difference between success and failure.

Michael Krutikov is Senior Global Marketing Manager, SMB Data Protection, at Symantec

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This is a secure windows pc.
Current Issue
Security Operations and IT Operations: Finding the Path to Collaboration
A wide gulf has emerged between SOC and NOC teams that's keeping both of them from assuring the confidentiality, integrity, and availability of IT systems. Here's how experts think it should be bridged.
Flash Poll
New Best Practices for Secure App Development
New Best Practices for Secure App Development
The transition from DevOps to SecDevOps is combining with the move toward cloud computing to create new challenges - and new opportunities - for the information security team. Download this report, to learn about the new best practices for secure application development.
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2017-0290
Published: 2017-05-09
NScript in mpengine in Microsoft Malware Protection Engine with Engine Version before 1.1.13704.0, as used in Windows Defender and other products, allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and application crash) via crafted JavaScript code within ...

CVE-2016-10369
Published: 2017-05-08
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).

CVE-2016-8202
Published: 2017-05-08
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected version...

CVE-2016-8209
Published: 2017-05-08
Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.

CVE-2017-0890
Published: 2017-05-08
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the search dialogue.

Dark Reading Radio
Archived Dark Reading Radio
In past years, security researchers have discovered ways to hack cars, medical devices, automated teller machines, and many other targets. Dark Reading Executive Editor Kelly Jackson Higgins hosts researcher Samy Kamkar and Levi Gundert, vice president of threat intelligence at Recorded Future, to discuss some of 2016's most unusual and creative hacks by white hats, and what these new vulnerabilities might mean for the coming year.