Posts

Microsoft Azure Backup – If you have a backup strategy in place, are your backups secure?

 

What is the cost of recovering from the business impact of a cyber-attack? If you have a backup strategy in place, are your backups secure?

While data backups are essential to effective IT security, mismanagement and mishandling of backups can often increase an organisations security woes and with the reported increase in ransomware by the CRN Quarterly Ransomware Report with over 120 separate ransomware families, reporting a 3500% increase in cybercriminal internet infrastructure for launching attacks since the beginning of the year it’s probably a good time to review what measures you have in place to ensure that your backups remain safe.

Having recently reviewed Microsoft Azure backup for a client engagement, it’s new security features for protecting Azure Backup is another testament that Microsoft continues to build security into their cloud services providing security capabilities to protect an organisations cloud backups.

These security features ensure that customers can secure their backups and recover data using cloud backups if production and backup servers have been compromised.

These features are built on three principles – Prevention, Alerting and Recovery – to enable organisations increase preparedness against attacks and equip them with a robust backup solution.

1.Prevention – An additional layer of authentication is added whenever a critical operation like Change Passphrase is performed. This validation is to ensure that such operations can be performed only by users having valid Azure credentials.

2.Alerting – Email notification is sent to subscription admin whenever a critical operation like Delete Backup data is performed. This email ensures that user is timely notified about such actions.

3.Recovery – Deleted backup data is retained for additional 14 days from the date of delete. This ensures recoverability of the data within given time period so there is no data loss even if attack happens. Also, more number of minimum recovery points are maintained to guard against corrupt data.

If you would like to discuss this further, then please contact us on the form below. For more information on how to turn these features on within the Azure platform, simply visit this link.

Send us mail

8 + 0 = ?

The new National Cyber Security Centre (NCSC)

The new National Cyber Security Centre (NCSC) opens its doors and brings together expertise from CESG (the information assurance arm of GCHQ); the cyber elements of the Centre for the Protection of National Infrastructure; CERT-UK; and the Centre for Cyber Assessment to provide a single point of contact for SMEs, larger organisations, government agencies and departments.

Their advice is simple. Have a look around at what the NCSC is saying and work out which bits are most relevant to you. Then focus on getting the basics right. You can’t defend against every attack, but by working out what you care about the most, storing it carefully, monitoring it, and having basic protections in place will make it that bit harder for an attacker to get through.

We at CoreAzure have CESG Certified Professionals which is the UK Government’s approved standard of competence for cyber security professionals and provides an independent assessment and verification process for those working in Information Assurance (IA). CESG Certified Professionals scheme addresses the growing need for specialists within the cyber security profession. It sets the standard for UK cyber security professionals.

CCP is not just a qualification — it is a certification which is awarded to those who demonstrate their sustained ability to apply their skills, knowledge and expertise in real-world situations.

If you would like to discuss your Information Assurance or IT security with a certified professional, please give us a call or use the contact form below.

National Cyber Security Centre

National Cyber Security Centre

Send us mail

1 + 7 = ?