Cybersecurity is the practice of securing data centers, servers, networks, endpoints such as laptops, desktops, mobiles, tablets, SCADA systems, electronic systems from hackers and malicious attacks. This is the most critical aspect of keeping data safe.With an increasing work from home culture, organizations are finding it increasingly difficult to monitor their data centers if they do not have relevant monitoring tools. Therefore, it is imperative to build a comprehensive cybersecurity procedure to get cyber resilience from the inside out. Furthermore, it is crucial to protect your environment by implementing high-class security measures. If a hacker finds even a single vulnerability in your system, he can easily penetrate your network and steal business-critical data quickly. This may lead to the loss of intellectual property and efforts of multiple years.
Robust firewalls such as Palo Alto, Check Point, Cyberoam, Sonicwall, Fortinet, etc., must be deployed at the networking level to segregate & stop the irrelevant traffic from entering your domain and activating various security policies for enhancing security. Unfortunately, Internet service providers don’t block any such traffic. Hackers exploit these to breach the security layers and initiate attacks by sending various irrelevant packets.
The next step in the security layers is deploying Anti-Virus & Anti Malware Applications such as McAffee, Symantec, Crowdstrike, etc. We can even activate the Windows Defender services if you don’t want to use any external Anti-Virus. These help in restricting the attacks at a machine level. These are deployed in all servers and endpoints. It is vital to limit the number of input devices when a comprehensive security strategy is applied. We need to secure our organization’s data by blocking USB and Input drives to reduce the level of attack up to some extend.
The emailing solution has become a potential source of attack for any organization. Even if you use Office 365 for email, we get standard security. Exchange Online Protection is Microsoft’s cloud-based email security service that filters out spam and malicious emails from your inbox. You can enhance your security by using an external Emailing Security Solution such as Barracuda, Proofpoint, Mimecast, CISCO, etc. These solutions can quarantine phishing attacks using their Artificial Intelligence algorithms. In addition, you can whitelist domains based on your interactions and enhance the security level.
For our organization we have deployed Barracuda Email Security Gateway as the emailing security gateway that manages and filters all inbound and outbound email traffic to protect organizations from email-borne threats and data leaks. In addition, it provides cloud-based advanced targeted attack protection, email continuity, encryption, and data leakage protection and archiving.
Zero trust architecture and Micro-segmentation are becoming important by the day. Micro-segmentation is a security practice that aims to make security as granular as possible. It is achieved by dividing the network into isolated segments to monitor and control the traffic to each component.
ColorTokens Inc. is a leading innovator in SaaS-based Zero Trust cybersecurity solutions, providing global enterprises with a unique set of products and services for securing applications, data, and users across cloud and hybrid environments.
The data center attacks are on the rise globally after the pandemic. These attacks are the most sophisticated attacks performed using programmed bots. It is challenging to find the origin of such attacks as they don’t let people understand their modus operandi. The hackers wait for a long duration to initiate such attacks. The most potential area of infection is the lack of security in email solutions. All the organizations deploy their best-in-class solutions to reduce the risk of getting an infection drastically.
The most sophisticated ransomware attacks change the file extensions and encrypt the files. It is challenging to restore such files until you pay a hefty amount to these hacker groups. The threat is increasing day by day, and attacks are made using a very new technique beyond the control of most updated anti-virus solutions. Most attacks are performed in the Microsoft Windows environment due to widespread usage. Linux environment is still safe, although not immune.
If such an incident occurs, it becomes difficult for the organizations to recover, and they lose their complete information and precious data instantly. In such cases, the first action to be performed is to shut down all the servers and disconnect the leased line connectivity in all the impacted locations. It is difficult to determine the origin of the attack, and in exceptional cases, such attacks try to destroy the backup before initiating the attack.
It is recommended that at least one copy of the data backup be retained. As per the best practice, the 3-2-1 data backup rule protects the organizational data.
It means that for safeguarding the data backup, the following actions should be taken:
Keeping at least three copies of data; That includes the original copy and at least two other backups.
Keep the data backup on two different storage devices
The chances of having two failures of the exact storage type are much higher than for two completely different types of storage. Therefore, keep data on a storage device in the Data Center and keep one copy on the cloud, tape drive, or both in an encrypted format.
Keep at least one copy of the data offshore
We keep two copies on two different storage types – The original one is saved locally, one copy is kept at another storage in another offsite data center. One more copy is kept on the cloud or taped in a far-off location for compliance to safeguard the data. Retrieval of this data takes some time as per defined vendor SLAs.
Define measures
If an attack is performed, the criminal complaint against the unknown persons can be filed at the Local Police Station. The organization should make a proper procedure for addressing a situation if an attack is performed on the data center.
About the Author:
Mr. Dalveer Singh
Associate Vice President | Head IT
Mr. Dalveer Singh is a Strategic, Focused, Growth & Solution-Oriented Award Winning IT leader with over 24 years’ rich experience in Application, SAP, Infrastructure, IT Security, Computer System Validation(CSV), IT Governance, etc.
Working in Pharmaceuticals industry for over 15 years and implemented SAP in over 15 countries. Engaged with Kusum Healthcare, New Delhi as AVP and Head IT. Driving digital transformation to make organisation paperless and process oriented.
Implemented SAP S/4 Hana, Project delivery of Caliber LIMS/QAMS/DMS, Citrix SDWAN/VPN/VDI, MS Office 365, Veeam Backup, VSAN, VMware, Palo Alto Firewall, Colortokens Zero Security Architecture and Micro-segmentation, Barracuda Email Security Solution and Data Center refresh projects to enhance security.
Experience of SAP Project management, management consulting, SAP solution architect, SAP integration, SAP Upgrade & Implementation globally in over 15 countries as follows:
- Europe – Germany, Italy, Poland, Spain, France, Belgium, Lithuania & Sweden
- Asia – India, Thailand, Hong Kong, Latvia
- Africa – South Africa, Nigeria & Morocco
- Australia
Managed SAP MM/WM/SD/FICO/PS/DMS/PP/QM/PM/ HR modules. Integrated business processes of warehouse with SAP landscape using SAP HCI/CPI/PO/PI in over 10 warehouses globally for supply chain excellence and automated their business processes using SAP IDocs.
Involved in India’s largest mergers of Sun Pharma and Ranbaxy for integrating SAP with Sun Pharma System.
Won over 15 national awards and keep on contributing my knowledge with my followers. Actively remain engaged for learning new technologies and executing them for the benefit of the organisation!
He can be contacted at :
Email : [email protected] / [email protected]
LinkedIn : www.Linkedin.com/in/dalveers