The gap between how secure business owners think their data is, and how secure it actually is, seems to be widening. There’s a general misconception that if a business is addressing end-point protection, mail filtering and threat management across devices, then their environment is safe.
Unfortunately that’s just not the case. I’ve put together a few worst-case scenarios (that happen more often than you’d think) to illustrate why it’s always better to be proactive in your approach to IT infrastructure.
Data from my Google Drive/Office 365/Salesforce/Xero/SaaS platform has disappeared
You can make your SaaS platforms secure, and use them in a safe manner. But they don’t come that way out of the box. One of the most disruptive issues I’ve seen for businesses is when data from one of their cloud-based software platforms is corrupted, goes missing or becomes compromised.
Nearly all SaaS platforms don’t have the ability to be 100% restored from a back-up on request with the necessary granularity that you may be accustomed to with a traditional on premises solution. They do offer varying levels of recovery, but you can’t pinpoint and recover data in many instances.
There’s a host of issues I’ve seen occur from these provider requests:
- There’s a limit of around 30 days for most providers. If you’ve missed something older than this, chances are it’s gone.
- The usual method of delivery for your recovered files is to save over the top of your existing account. You’re unlikely to receive a nice package of missing files.
- Standard practice is to recover your entire tenancy, not just files you’ve requested. The amount of data you can end up with is very difficult to sift through.
Talk to your MSP about taking granular back-ups of your platform-based data, and make this a regular maintenance practice.
My personal or business information is being sold or ransomed Online
The rise of the dark web and cryptocurrencies has given hackers an open market where stolen identities and sensitive business or personal information can be sold anonymously to the highest bidder.
The financial and legal ramifications of a data breach can be debilitating. Just ask Equifax Or LinkedIn.
These types of attacks are of particular concern as usually result in the sharing of your email address and an associated password. Tools exist that allow hackers to easily produce all the
logical variations of a password almost instantaneously. With most people using a variation of a similar password across accounts, a lot of your data can be compromised in one hit.
MSPs are using dark web reconnaissance as a diagnostic tool for auditing the security of IT infrastructure by illegal databases for email addresses and other information associated with your domain.
Savvy providers will be able to see the source of the breach that has led to your information ending up in the wrong hands, and provide a solution to tighten up your security to prevent future breaches
My system has been attacked outside of office hours
It’s true that firewalls don’t sleep, but a basic firewall set-up will ultimately rely on a human component to monitor the system and act on alerts. If your environment is compromised overnight, alerts won’t be acted on until your team is back on deck the next morning, and by then the damage is done.
A SOC & SIEM system is the next level up in security, allowing for the provision of monitoring and remediation services for incidents in real time. Think of this as a dedicated security team, which can be consumed as a managed service without a large capital expenditure.
The Security Operations Center (SOC) is a security service desk manned 24/7, dedicated to detecting, analysing and responding to information provided by Security Information and Event Management (SIEM) software. The SIEM itself is a big data platform that uses AI and machine learning to collate and interrogate alerts received from the customer side, using known attack behaviour to prioritise alerts.
Traditionally the cost of these systems has been prohibitive for the SME space, and were used only for enterprise level businesses with high compliance benchmarks. Recently TechSpecialist have rolled out an affordable SOC & SIEM catering for the needs of SMEs that have high security requirements.