In a data integrity exercise, a company simulates how it would use its data protection, data recovery, and other technology solutions. However, it is important to include SaaS applications and multiple cloud providers. A comment by Christian Keil, Commvault.
The rise of cloud services is leading to increasingly complex hybrid IT environments, and an ever-increasing number of cyberattacks attempt to exploit this complexity. While in the past IT departments could only recover their on-premises infrastructure after a cyberattack to achieve cyber resilience, today they must protect a much broader infrastructure that is not entirely under their control. She is responsible for dozens of SaaS applications and multiple cloud providers, as well as the on-premises infrastructure and employee devices.
Train properly for emergencies
Technologies such as comprehensive security systems, highly available cloud services and robust data backup and recovery solutions help companies to protect their data. But they still do not guarantee smooth operation. Despite intuitive interfaces and automation features, these technologies can be complicated to use. It takes practice to be prepared just in case.
On the other hand, IT teams that have not trained in the use of this technology in simulated damage scenarios will need much more time to restore their environments in an emergency or will even fail at the task. On the one hand, this is due to the fact that many companies still design their crisis training as if all the affected applications were running in their own data center, and on the other hand, because they consider a natural disaster to be the greatest possible threat to their own data.
In a data integrity exercise, an organization simulates how it would use its data protection, data recovery, and other technologies to restore the integrity of its IT environment following a data loss. In order to properly conduct such exercises, companies should:
- establish a data protection team that includes all those responsible for dealing with data failures,
- confront this team with a variety of different threat scenarios,
- Create a culture that values data integrity so both the data protection team and the entire organization understand why they should invest significant time and other resources in these exercises.
With such exercises, companies gain valuable experience and learn to better assess their own capacities in preventing attacks or in the event of recovery. Repeated tests also achieve a training effect, so that in the event of an actual data failure, everyone involved can react efficiently and effectively.
Establishment of a data protection team
When a situation arises where data is compromised, IT department members aren't the only ones who face the consequences. If it is a cyber attack, for example, the legal department must inform the customer if sensitive data was disclosed during the attack. Otherwise, a company could face a hefty fine.
The HR department is also responsible for informing employees (and possibly partner companies) about the impact of the crisis situation. The IT department's data security professionals need the support of those on the IT team responsible for SaaS applications, cloud services, on-premises infrastructure, and other aspects of the disaster-affected environment to bring them back up and running.
Therefore, in addition to IT, the data protection team should also include those responsible from the areas of law, human resources and operations, as well as all other stakeholders who would play an important role if the worst came to the worst. At the same time, responsibilities must be clarified, meaning that each member must be assigned a specific area of responsibility. Only then should companies begin comprehensive training in the event of a crisis situation.
Train the data protection team with a variety of exercises
If a worst-case scenario does occur where data is destroyed, corrupted, or access to it is severely restricted, those responsible for data security are unlikely to have advance knowledge of the timing or nature of the disaster. Therefore, companies should schedule their test runs for different days of the week and at different times so that no routines creep in and the test time always comes as a surprise to the team. However, since this is always an exercise, it is best to avoid testing on busy days, such as the end of the quarter, for the sake of smooth operations.
The type of exercises should also vary so that team members can train their response to different types of crises affecting different aspects of their organization's data environments. An exercise can simulate a natural disaster damaging a data center, a ransomware attack, or a terminated employee who willfully wipes company data when they leave. Through different exercise scenarios and test times, the organization's existing processes and technologies for troubleshooting and recovering from data failures are used as in a real disaster.
The surprise effect challenges the skills of the teams and provides insights into the actual level of performance in the event of a crisis. Such exercises also show whether weak points or vulnerabilities in certain applications, infrastructures and other parts of the IT environment are becoming apparent in the face of constantly growing amounts of data.
Create a corporate culture that values data integrity
Security leaders are likely to encounter resistance from within the organization to conducting data integrity drills. Because working in the data protection team and conducting data integrity exercises takes up employees' time that is not available to them for their daily tasks.
For this reason, it is important to create a corporate culture that views data integrity as an essential business strategy, fundamental to commercial success. Those responsible must be aware that if the worst comes to the worst, the time required to contain a cyber attack unprepared and to repair the damage significantly exceeds the testing effort.
Put the focus on data integrity
Today's data environments not only serve as the proverbial nervous system for most companies' business operations. These environments also provide the data needed to predict customer behavior, increase operational efficiencies, set corporate strategy, and thereby improve business outcomes.
Therefore, companies should test their IT resilience with at least one data integrity exercise. It may turn out that your organization already has all the skills, processes, and technology needed to protect critical data from any threat. What is more likely, however, is that the exercise will show which departments and processes have urgent catching-up needs and where they need to be upgraded to address those issues before a real emergency occurs.
More at Commvault.com
About Commvault Commvault is the leading provider of backup and recovery. Commvault's converged data management solution redefines what backups mean to the advanced business with applications that protect, manage, and utilize their most valuable asset: their data. Software, solutions and services are available directly from Commvault and from a global network of proven partners. The company employs more than 2.300 highly qualified people worldwide, is traded on the NASDAQ (CVLT) and is headquartered in Tinton Falls, New Jersey, USA.