Achieving cyber resilience with a flexible, high-performance, cost-efficient storage platform
In association with Logicalis Solutions
A business’ ability to respond to disruption can be its greatest asset, or its greatest liability. In the event of a cyber-attack, data breach, outage, or natural disaster, it is no longer enough for a business to ensure its systems are up and running, it must be able to ensure the availability and integrity of its data remains intact.
It is no surprise then that cyber resilience is among many businesses’ top security priorities. Cyber resilience refers to the preparations made to deal with cyber threats and vulnerabilities, as well as the defences that have been developed, and the resources available for mitigating a data security failure.
Those looking to achieve cyber resilience must start by developing a resilient foundation for their data. “Building that strong foundation is essential,” says John Bailey, enterprise division sales manager at Logicalis Solutions. “Traditionally, organisations looking to improve their chance of recovery if an incident occurs start by protecting themselves against the likes of device failure. The next step above that would be an area such as disaster protection. Then, they might look at component failure in order to mitigate the risk of a site being completely knocked out if an attack did occur. From there, they could advance to data theft protection, or protection against cyber-attacks.”
Having established a robust foundation, Bailey says a business must next ask what they could do to further enhance their standard of protection. “If you’re data becomes corrupted, what’s your method for recovery? Can you trust that what you’re recovering hasn’t been infected? These are questions you must consider. Look at what is functioning well and ask how you could improve its standard of protection. Maybe you’ve been continuously and instantaneously replicating your data, but perhaps you should also arrange for a point-in-time copy of that data to be stored in an isolated location. Review what you have and ask if it actually does what you need.”
Taking a holistic approach is Bailey’s preference: “I always say this: any change to any thing, can affect everything. That’s to say, if something in your environment changes, there’s potential for a ripple down effect. You can’t look at your recovery procedure in isolation. You need to consider how one change can impact everything else.”
To that end, Bailey warns that having an imbalance of security can be dangerous. “There’s real potential for problems if one part of your environment is highly secure, but another is not. There’s no logic in having point-in-time, immutable copies of your data if everything else within your environment is out of step. Restoring that data won’t help you. To insure your business for cyber risk, security must be applied pervasively and verified to a standard that underwriters are happy with.”
If a breach is detected, time can be your best friend or your worst enemy. Rapid detection greatly enhances recovery capability, while a slow response reduces potential for recovery.
“If you don’t have a means to detect an attack that might have occurred, then it doesn’t matter if you’ve safeguarded a copy of your data,” says Bailey. “A slow response time allows the problem to propagate across your environment, which means it will take you longer to purge the problem.”
Every company is under the threat of cyber-attack, even those that are highly vigilant can be vulnerable: “It can occur when a business concentrates its efforts too narrowly,” says Bailey. “All their data may be perfectly encrypted, but if their identity and access management is compromised, for example, then they’re in trouble.”
Bailey warns: “The dark elements are counting on you not having your act together so that you feel unable to reject their demand, you feel forced to pay the ransom. It doesn’t have to get to that point.”
That’s where consultancy services come in to play. “IBM GBS and Logicalis Solutions help businesses address the big security picture. Once a business faces the inevitability of a breach occurring, then it can look to ensure it has the appropriate recovery measures in place. Many foundation technologies today are riddled with vulnerabilities. In future that’s not going to be an acceptable risk. Companies will end up being uninsurable for cyber threat, the same as if they were living on a flood plain”
As a result of its integration between innovative technology and comprehensive portfolio of software and hardware offerings, IBM Storage for cyber resilience provides the end-to-end solutions a business needs to prevent, detect, and respond to cyber-attacks.
“IBM FlashSystem data storage solutions can serve as the foundation of a flexible, high-performance, cost-efficient cyber resilience approach to significantly reduce the risk of disruption and financial losses due to user errors, malicious destruction, or ransomware attacks,” says Bailey. “The storage arrays offer many data protection and high-availability features through their use of IBM FlashCore technologies – from leading-edge flash management to complete component redundancy – but the real key to building powerful cyber resilience solutions stems from leveraging the wide-ranging capabilities of the IBM Spectrum Virtualize software that provides the data services for every IBM FlashSystem storage solution.
“For enterprise-grade business continuity, disaster recovery and cyber resilience, IBM Spectrum Virtualize offers two site advanced replication and mirroring support based on IBM technologies, such as FlashCopy and Metro and Global Mirror and enhanced by the addition of IBM Spectrum Copy Data Management,” says Bailey. “The Safeguarded Copy function supports the ability to create cyber-resilient point-in-time copies of volumes that cannot be changed or deleted through user errors, malicious actions or ransomware attacks. The system integrates with IBM Copy Services Manager to provide automated backup copies and data recovery.
“In providing multi-layered security and high resilient functionality, IBM’s portfolio can help organisations reduce the risk of business disruption and financial losses due to user errors, malicious destruction or ransomware attacks.”
For a business looking to simplify its operation, Bailey recommends seeking tools from a single vendor where possible. “The less vendors at play allows you to unify and, by extension, simplify security operations. While security might have various leaders across specific fields, IBM is unique in that it covers the full breadth of leading software, services, cloud and infrastructure technology in its portfolio,” continues Bailey. “Nobody else has the capability to provide a complete security picture. IBM has all 52 cards in its deck. Whatever the platform, it has the answer. Logicalis Solutions is the leading IBM croupier in this analogy, and we will always deal our customers the right combination of a winning hand for their business in the high stakes security game.”
To learn more about security offerings available from Logicalis Solutions and IBM, e-mail firstname.lastname@example.org