Data Protection: Why Adding a Last Line of Defense to Your Cybersecurity Measures Makes Sense

Cybersecurity is top of mind for IT pros today. Consider this: the number of Trojan password-stealing ware (Trojan-PSW) rose to more than 4 million detections in small businesses between January and April this year. Remote desktop protocol (RDP) attacks grew to 51 million over the same period. It gets worse. The Verizon 2022 Data Breach Investigations Report (DBIR) notes that the year-over-year increase in ransomware attacks totaled more than the past five years combined.

While you should—and must—make investments in cybersecurity prevention technologies like antivirus software and firewalls wherever possible, the real challenge is that the 2022 DBIR found that 82 percent of analyzed breaches over the past year involved the human element. That includes social engineering schemes, human errors, and misuse of access privileges: threats to your data that are much harder to prevent. That’s why data protection must be a core consideration as you assess and update your cybersecurity strategy.

Data Protection Defined

TechTarget defines data protection as the process of safeguarding important information from corruption, compromise, or loss through backup and recovery. Data protection is about being prepared—and ensuring you can recover your data no matter what.

Before we dig into the backup and disaster recovery side of the equation, here are some data protection basics you should seriously consider implementing.

Authenticate Everyone and Control Access Everywhere

Identity and access management (IAM) technologies such as multi-factor authentication (MFA) and role-based access control (RBAC) help keep unauthorized users from accessing your data.

• MFA requires two or more verification methods to authenticate the user's identity before accessing your resources like applications, online accounts, or your network.
• RBAC restricts users’ access to your networks, applications, and data based on their role within your organization. With RBAC policies assigned to every job within your organization, you can automatically control which permissions the system grants to the user.

Invest in Intrusion Detection and Prevention

A report from Sophos found that cyber attackers spend an average of 11 days after breaching a network before they are detected. And often, that discovery only comes to light because the hackers have deployed ransomware. That’s why it’s worth looking into intrusion detection systems (IDS). IDS is usually split into two types:

• Network intrusion detection systems (NIDS) that analyze incoming network traffic—the external data protection component of IDS.
• Host-based intrusion detection systems (HIDS) that monitor your essential operating system files—the internal data protection component of IDS.

Data protection starts with ransomware prevention and cybersecurity. On the prevention side, Arcserve includes Sophos Intercept X Advanced in our award-winning Arcserve N-Series, giving you next-level data protection thanks to Sophos’ signature-based and signatureless malware detection, a deep learning neural network, and anti-exploit technology.

The solution includes CrytoGuard, which constantly monitors your file writes for encrypted files. If it detects actions that behave like ransomware, it restores the impacted files and stops the execution of the detected process. The solution also includes WipeGuard, preventing cyber criminals from encrypting your master boot record (MBR).

Backup and Disaster Recovery: Your Last Line of Defense

No matter how well you’ve defended your data, stuff happens. Maybe the human element comes into play, and someone on your team clicks on a malicious link or downloads a ransomware-infected file that gets past your email filters. Or, a disgruntled employee decides to delete your backups (which should be your reminder of the importance of RBAC and MFA). At that point, it’s too late to worry about prevention. Recovering your data is what matters.

That’s why you must have a current disaster recovery plan that you test regularly. You’ll find a step-by-step guide to creating a plan in this blog post. Your next step is to invest in the solutions that can meet the RTOs and RPOs you’ve spelled out in your plan. Regardless of the solution you choose, there is one feature you should look for above all else. Immutability.

Why Immutability Matters

We’ll state it plainly: choose a backup and disaster recovery solution that features immutable object storage. Immutable backups are write-once read-many-times files that can’t be altered or deleted, and it’s core to today’s 3-2-1-1 backup strategy. So even if ransomware gets past all your other defenses, your data is protected, and you can be confident that it can be recovered.

Get Expert Data Protection Advice

When choosing the right solution to protect your data, many factors come into play. That’s why we recommend you select an expert Arcserve technology partner to help guide you through the process. Or check out our free trial offers to see how Arcserve products perform for yourself.