Many people argue that data are modern companies’ most valuable asset. There is no denying that the immense amount of data that companies control today are indispensable to their operations. And the larger the organization the more data they need to function. But with this increase in the amount of data companies need to store, comes an increase in their vulnerability. Attacks from malicious players or unintentional human error can cause massive damage to companies. So it’s important for any organisation, large or small to plan ahead and protect themselves against these eventualities. What better way than cloud backups on Azure?
Can your company afford a Data Breach?
The short answer is, no.
According to this study by the Ponemon Institute, data breaches are now on average costlier than ever before, with a near 7% increase year over year increase.
The highest cost per recovery per organisation of any country is the United States, which shouldn’t come as a surprise:
But even for South African companies, the number is staggeringly high, at R37 million rand on average per data breach for large South African organizations:
If you take a look at the South African Financial sector, the cost is even higher:
The costs around a data breach can be enormous and in many cases unfortunately can even lead to the organisation being permanently damaged by it.
The average time to even identify a breach in some cases can be up to 150 days. The average time to contain a breach can be up to 40 days. Costs of recovery are also exaggerated by having to outsource recovery to third parties and disaster recovery firms.
Data breaches aren’t only a factor needed to be considered by large organisations and corporates, every size business needs to data security seriously, in any industry.
Best practices include:
- Having an incident response team dedicated to solving an issue if it occurs, not sidelining it on a to do list.
- Encryption at every opportunity. It’s often that companies only feel the need to encrypt things like passwords and emails, but encrypting every record is best practice.
- Participating in threat sharing.
Types of data breaches:
When data breach is mentioned, the first thing that comes to mind is a malicious attacker hacking into your system. Unintentional human error also contributes to around 25% of the problem, according to the Ponemon report. But usually these are smaller in scope than malicious attacks. Let’s look at some examples of attacks that can commonly occur in larger organisations:
- Malware: Malicious software designed to steal information, such as credit card details, personally identifiable information or other sensitive data.
- Ransomware: Ransomware has become rampant of late. This is when a hacker has gained access to your sensitive or valuable data and threatens to either delete the valuable data or publish sensitive data if payment is not made to the attacker by a certain time. The most famous of this is the wave of WannaCry attacks that has gained notoriety in 2017. This happened to Uber in 2017
- SQL Injection Attacks: This is when a hacker tries to inject malicious code into a database that can, once executed, give the hacker access to the entire databases information and compromise millions of records.
How to protect my organisation against data breach with Azure Cloud Backups
Azure makes it really simple to backup your virtual machines.
From your Azure dashboard, select the virtual machine you wish to backup, then under ‘Operations’ click Backup:
You will need to use a recovery services vault to store your backups in. This is different from normal Azure storage.
Azure Backups can store your backups for up to 99 years, so for obvious cost reasons you don’t want to use normal storage for that. Recovery services vaults are connected to your Azure Storage account, however auto scales based on the amount of backups that you’re taking, so you only pay for what you actually use.
Azure backups also only charge you for the data that is consumed, as well as a small monthly fee per virtual machine.
Next you’ll set up your Backup Policy, by either creating a new one or choosing an existing one:
You can set here how many days you wish to retain your backups. In this example we have it set to 180 days, which means there will be 180 individual restore points stored for our cloud backups.
Click, OK, then click Enable backup
Protecting my data against Attack:
Let’s have a look at how you can set up your Azure backups account to protect against some of the most destructive forms of malicious attacks today.
How we’re going to protect our data is using a combination of two layers of security from your Azure portal:
- Activating Two Factor Authentication
- Using a Temporary Security PIN
Activating Two-Factor Authentication
From your Recovery Services Vault, go to Properties and then Security Settings. From here you can turn on Multi-Factor Authentication:
Next, we are going to Generate a Security PIN. Before performing any Azure Backups operation, you will need to generate this PIN that will only last for 5 minutes.
You can generate this Security PIN at any time. This means for an attacker, they would have to first get your admin credentials, then get past multi factor authentication, which typically relies on something like your phone and then finally get past a third layer of security in the form of the Security PIN, and do all of this within 5 minutes.
It’s highly unlikely any attacker can force a way through this. Still, you should always keep making backups in the event of a data breach. But what do I do to recover from that.
Restoring a backup:
Now that you know how to make backups of your virtual machines, let’s look at how to restore them.
From your Azure Recovery Vault, go to backup items. You’ll see how many items of what type you currently have in your recovery vault:
Click on Azure Virtual Machine. You can now see all of the virtual machines that you are running backups on. Let’s look at one of them:
With this VM selected, click Restore to begin the restore process:
Next, Azure Backups will ask you when you want to restore from. Meaning, at what point in the past do you want to restore to, using the available restore points:
Once you’ve selected a restore point, you’ll have to specify where you want to restore to. In some cases you may not want to overwrite your existing VM with older data, so you can use this as a sort of clone tool to restore that VM to a new location:
That’s it! This will trigger the recovery process:
Note: You can also restore individual files and folders, as opposed to entire machines.
Using Azure Backups, you can secure your data within minutes, with multi-layered security and rapid restoration in the event of an emergency. Of course, there is no better alternative than having experienced and trained professionals set up and manage your backups and security, Dynamics Africa does offer tailored made solutions for your business on Azure Backups and Recovery. Don’t hesitate to contact us to help you keep your data safe and secure.