The Covid-19 crisis has forced the hand of many organizations which urgently needed to implement remote working for all or part of their teams.
In some cases, due to a lack of infrastructure availability, remote work is carried out on employees' personal devices, without any real protection. While this phenomenon of nomadic employees is not new and has been on the rise for the past twenty years with the development of new information and communication technologies, it is taking on unprecedented proportions with this health crisis. And this new trend may well turn out to be permanent because, according to the latest reports on the health crisis, the probability of new waves of contamination and future repeat lockdown periods remains high.
Some sectors are particularly impacted have already taken the decision to put all their employees on remote work until the end of 2020. Faced with this situation, organizations must quickly learn the lessons of what needs to change and to be (better) prepared if there is a next time.
Providing infrastructure to allow teams to continue their activity remotely is an essential mark of resilience for any company. In addition to the management of workflows and human resources, the issue of cybersecurity is a stand-out priority. Prior to this crisis, more than 25% of companies reported that data loss had impacted their business. However, since the crisis, the number of phishing attacks has increased by 667%, further weakening an ecosystem forced to hastily adapt. Faced with this exponential increase, Atempo, European leader in data protection, is taking stock of the first lessons to be learned from this health crisis in order to address security issues with resolve and calm during this period of uncertainty.
Towards greater resilience...
Resilience, again and again; the word has never meant as much as it does today. The keystone of any cyber resilience program is an organization's ability to ensure that its information systems function properly. Long before the current health crisis, information and communication technologies (ICT) were already a major point of vulnerability for companies. Covid-19 has simply accentuated the trend.
The main reason lies in the isolation of employees, who are less well protected against malicious acts when working from home. This isolation distances the employee from the IT team and the company network and firewalls. It can lead to slowdowns in the case of poor mastery of IT tools or involuntary manipulations leading to data loss. And even if the announcement of the end of lockdown may encourage a partial recovery of the economy, companies are encouraged to keep their teams working remotely as much as possible.
In this context, it is therefore necessary to adjust the business continuity plan so that it best meets the constraints of an increasingly fragmented architecture. One of the essential notions to be aware of when addressing the issues of the business continuity plan (BCP) is the recovery point objective (RPO): this is the volume of data that a company can accept to lose following an incident. Knowing this value is essential because it allows you to plan the recurrence of your backups based on the maximum interruption time of a resource. Although often overlooked in continuity strategies, backup programs play a central role in BCP. To resume: the lower the Recovery Point Objective (RPO) and the shorter the Recovery Time Objective (RTO), the more frequent the backups.
To ensure the availability, accessibility and integrity of data, vital to the preservation of the activity, it is obviously necessary to identify it by, for example, conducting an audit with business unit managers. Those who own the data are usually best able to determine which data is vital to them. Once this data has been defined, it is necessary to identify its location.
With remote work, this data may have been scattered across employees' desktops or in a more or less secure cloud. Remember to centralize it before launching a backup that will copy it to a dedicated media and consider organizing a second automatic copy to an "air gap" media for even more resilience. As a reminder, the principle of the air gap is to keep a copy of the backups in offline storage, disconnected so as to make it inaccessible to cyberattacks that increasingly target backup storage.
For more independence
Whether in the office, on the road or at home, guaranteeing the user's independence from his or her activity remains an important point. For example, a sales executive on the road must be able to find a customer contract that has been deleted or modified by mistake.
It is in these very common situations that a backup tool adapted to your needs will make the difference. It is not enough to limit yourself to a storage that is only accessible on premise that will respond to a major disaster. As you know, small incidents are much more common and in the long term, they have a genuinely negative impact on an organization's business.
Always opt for a backup solution that allows you to restore from anywhere and quickly, no need to mobilize significant resources if the user is autonomous on its restoration.
The backup of data stored on nomadic workstations is therefore part of this preparedness strategy in order to be able to respond to post-disaster recovery needs.Crisis management processes should, ideally, be implemented upstream of the crisis, but they can also result from an awareness of an event such as today. Cyberesilience especially is an integral part of a cybersecurity strategy which, for information systems, is based on five fundamental pillars: anticipation, protection, detection, response and recovery.
Far from being fatalistic, these processes aim to reduce the impact of future incidents on organizations and strengthen their ability to deal with the unexpected.