62 INTERVIEW Planning for business survival Kyndryl’s Duncan Bradley explains why organisations should consider implementing greater protection for their critical data and platforms on Azure and Microsoft 365 Whether it’s a fire, data corruption or the disruption of vital platforms, disaster can strike an organisation at any time, causing potentially catastrophic losses of critical information. While cost and the demands for greater availability has ended the days of taking tapes to a recovery centre to provide resiliency, the rise of ‘highly available’ systems which replicate data from one centre to another has exposed organisations to new, unforeseen threats. “This setup essentially provides only one copy of the data,” explains Duncan Bradley, director, and UK and Ireland security and resiliency practice leader, at Kyndryl UK. “Even with multiple replicated copies, it is still just the same data being replicated. In 2017, the NotPetya attack demonstrated how malware could infiltrate an organisation. While this attack corrupted the operating systems, it would have been far worse if it had corrupted organisations’ actual data, as this corrupted data would then replicate to its secondary data centre, or even to platforms like Microsoft Azure, meaning the information is effectively lost or not available without paying ransoms or for lengthy forensic recovery. This highlights the critical need for organisations to be able to restore data from cyberattack-tolerant backups.” Bradley suggests organisations should consider enhancing their business continuity plans to take account of threats to these highly available platforms such as Microsoft 365 (M365) and Microsoft Azure, especially if their business is covered by new regulations such as DORA. “M365, for example, is an excellent platform, designed with flexibility so you can adopt its features as needed,” says Bradley. “However, the responsibility for protecting your data lies with you, not Microsoft. While M365 provides a recycle bin to recover deleted data, it would not be effective in the event of a mass deletion or corruption attack. Regulated customers, or those with critical business processes in M365, should definitely plan for potential outages caused by cyberattacks and consider how they would recover in such scenarios. This is where Kyndryl and Microsoft can collaborate effectively to advise on the desired outcomes in case of risks such as a cyberattack within M365.” Kyndryl advises that when assessing their business continuity plans, organisations should consider more scenarios they would need to protect themselves from, including ransomware data attacks, develop their strategies accordingly. “Most national or regional regulations emphasise planning for three main scenarios,” says Bradley. “The first involves traditional disasters, like a flood affecting a Microsoft data centre. The second scenario revolves around stored data becoming corrupted. Finally, the third scenario is related to the failure of a critical third party, such as the collapse of a network provider.” Many organisations also do not know how long it would take to recover, or the BY ALEX SMITH “ The responsibility for protecting your data lies with you”
RkJQdWJsaXNoZXIy NzQ1NTk=