Imagine one morning you wake up and check your mobile phone for emails and messages and you notice that there is no new data on it. Anxious, you rub your eyes and take a closer look. But you cannot even find your older data. You spring out of your bed hysterically and check your laptop. Your laptop data is also completely wiped-out. You are covered in stress sweat and just then the alarm sets off. You wake up, scramble to your study, and check your phone and laptop only to realize it was a nightmare.
By Mihir Bagwe, Technical Writer, CISO MAG
Studies suggest that people experience nightmares only when they are uncertain or insecure about something. And today, these nightmares culminate from the fears of data breach and a corresponding loss of identity, reputation, and much more. So, to get rid of these worst nightmares, we first need to look at the root causes culminating in a data loss incident.
The H.O.L.I.S.T.I.C. Reasons Behind Data Loss
Data loss is a problem for organizations of all sizes. Loss of data amounts to a loss of time and money required for the restoration and retrieval of critical business information. Data loss incidents can occur accidentally or when someone purposely intends to corrupt it. However, you can minimize the data loss by understanding the following H.O.L.I.S.T.I.C. reasons which lead to a data loss.
Since humans are fallible, they have often been deemed the “weakest link” in a security chain. They sometimes make the biggest of blunders, which are more often accidental. As per research by David M. Smith, Ph.D., Pepperdine University, trailing just behind hardware failure (40% of data loss happens due to this), human failure (29% of data loss happens due to this) is the second most common cause of data loss. In fact, “accidental deletion” and “physical damage” are regarded as the two most common human mistakes. Thus, having your data properly backed up will no longer give you a sunken gut feeling if you accidentally delete a major project.
Consider you are writing a long article and have reached halfway, and suddenly the power goes off. You have not saved the changes made to your document, and now it is all gone. The data is lost forever. But wait, did you keep that auto-save feature ‘ON’? Well looks like even Word has a backup in place, doesn’t it?
This is perhaps the simplest example but imagine working with sophisticated databases or creating detail-rich graphic illustrations. Practically, only a few privileged are not at risk of any natural calamity like floods, earthquakes, or hurricanes. Because even natural disasters can cause data loss – which eventually results in a power outage or structural destruction. Thus, having a data backup for running a data recovery process is of utmost importance.
Lack of Budget
Technology budget is often debated in board rooms. And something that does not make an immediate impact on the profits of any organization is regarded as a liability. The top brass does not believe in spending a fortune on systems that may or may not be used. Thus, constricted budgets often leave IT teams with an option of taking backups of only what they feel is critical as opposed to a complete organizational data backup.
The C-suite needs to understand that it is important to invest in data backup technology than exceeding the existing budget or spending twice of it in a disaster recovery process.
Your organization treats you like a family member and you return to the favor through trust and loyalty. However, not everyone feels this way. Data breaches, as recorded in many cases, happen due to unsuspicious and cunning insiders. One of the largest insider threat episodes, which spanned between 1976 to 2006, was the Boeing incident. Greg Chung of Boeing stole $2 billion worth of aerospace proprietary and highly confidential documents and gave them to China, which was running behind schedule in the race to develop its equivalent of Boeing plane. In this case, intellectual property was lost, denting Boeing’s reputation with a number of stakeholders. Thus, data backups are necessary to fight not just external but also internal adversaries.
You are late for lunch. So, your colleague simply shuts down your system innocently, telling you the importance of a work-life balance. The impromptu software shutdown, which seemed trivial or insignificant in that moment, can mar your data. Improper shutdowns delete your progress or corrupt the data permanently. When software is corrupted, it may not run again, and the data stored in that software is lost forever.
While software corruption can sometimes be the result of power outages or other uncontrollable factors, it is important to implement procedures for properly shutting down software after use. Be careful when powering down your computer and shutting off any programs abruptly. When your employees consistently save documents and follow safe shut down procedures, they reduce the risk of data loss from software corruption.
Threat from Ransomware
Ransomware has been a thorn for IT teams off late. There were nearly 200 million ransomware attacks globally in the third quarter of 2020 alone. Threat actors are evolving and no longer targeting just frontline systems, but also data backups and recovery solutions. Once the data backups are encrypted, it gives ransomware operators an upper hand, which they leverage for scooping ransom payments from victims.
A recent recommendation from the Cybersecurity and Infrastructure Security Agency (CISA) states that organizations should routinely backup systems, reinforce basic cybersecurity awareness and education, and revisit cyber incident response plans. However, evolving ransomware attacks that target backup data, backup catalogs, and even storage array snapshots force organizations to go through the reconfiguration of backup solutions even before recovering the data. Thus, a modern data platform should essentially have built-in protection for backups.
Inadequate Incident Response Measures
The five steps for a successful incident response (IR) are:
- Detection and reporting
- Post-incident activity
A well-prepared incident response team is a powerful weapon in any organization’s arsenal. However, off-the-shelf incident response plans are often outdated and ineffective against evolving threats and changing technology. Besides, lack of communication between teams, unmanaged and inadequate IR tools, etc., also delay the IR activities at times. And this lost time is critical. In case of a data breach incident, data is already compromised, and if there is a delayed incident response, a widespread data loss can then be expected.
Since the onset of the pandemic, more and more people are using BYODs. This often means they are working from laptops or smartphones rather than PCs. Laptop theft is a serious risk and can happen anywhere if a laptop is left unattended. According to a study:
- 25% of IT theft takes place in cars or other modes of transport.
- 23% takes place in the workplace.
- 15% in airports or hotels.
- 12% in restaurants and eateries.
Computer or laptop theft also poses the threat of a data breach. If your employees have access to or store critical business information on portable devices, it is a must to have means of remotely wiping data from those laptops or respective endpoint devices. Also, organizations need to ensure that critical data stored on these devices is backed up to a safe location.
For desktop computers located in office buildings, ensure they are kept in locked rooms with strict authorization. When closing your business overnight, be sure to have a secure lock-up procedure and surveillance to avoid physical theft.
So, this World Backup Day, practice and implement backup policies, because you won’t always have a server room that stores the bulk of an organization’s data.
About the Author
Mihir Bagwe is a Tech Writer and part of the editorial team at CISO MAG. He writes news features, technical blogs, and conducts interviews on latest cybersecurity technologies and trends.