Check your Posture

I have been having a lot of conversations recently with Partners looking at their backup, Disaster Recovery and security postures. This isn't surprising since the figures for Cyber crime, ransomware and Malware have increased over the last few years alone.

In an effort to help I thought it would be good to showcase some considerations when creating your own Cyber security DR and Back up posture.

For all your postures assess the full environment and its needs, yes this takes time, but 2 minutes taken saves 2 hours running around. For example if you collect data check the business requirements for this data, or if you have SLA's think about your recovery Time Objective and Recovery point objective.

For security

1. Consider checking it is enabled or employing simple but effective measures such as MFA and Role Based Action controls.
2. Consider real time monitoring and alerting of your environment so that security issues can be alerted and that best practise can be employed.
3. For platforms such as Azure, consider a "Zero Trust" approach - Never trust always verify.
4. Consider not just having an anti virus tool but also an extended detection response whether this is through Microsoft big players such as Sophos or ESET doesn't matter but always make sure it fits the need and covers you.
5. Often it is the bit between the chair and the keyboard that can be the weak link in a business. Social engineering is now a big part of a hacker's toolkits. Consider therefore using a security awareness vendor to help strengthen the knowledge your staff have.

for DR and Backup

1. Consider any Data Sovereignty and GDPR laws for where you restore and back up your data.
2. Consider using the principle 3,2,1,1,0 - 3 copies of data - across 2 types of media - 1 copy offsite and at least 1 copy offline - 0 be sure to have verified backups without errors.
3. Consider encryption needs such as the user access on backups and replicas.

Of course there are many other areas that you may need to consider but these few tips will hopefully get you started on creating your own postures. I have added some handy links below but, if you want a sanity check or to see if there are areas that need strengthening why not book a free consultation with our Cybersecurity Expert Scott or free who can advise.

Azure features & resources that help you protect, detect, and respond | Microsoft Learn

Zero Trust implementation guidance | Microsoft Learn