Cyber resilience is the ability to keep operating, even in the face of serious cyber attacks.
It’s a big shift in cybersecurity thinking. It accepts that breaches are inevitable in today’s digital landscape. Instead of relying solely on preventing cyber incidents, it focuses on designing and implementing systems that withstand attacks and gracefully recover from them.
Cyber resilience operates on the principle of ‘defence in depth,’ a comprehensive strategy introducing multiple layers of security measures to create robust, interconnected barriers against cyber threats.
Defence in depth is a cybersecurity strategy employing multiple security measures to protect an organisation’s digital assets.
This multi-layered approach enhances security by creating multiple barriers that attackers must overcome, making it much more difficult to breach a system.
The Essential Eight is a set of eight simple and effective strategies developed by the Australian Government’s cyber experts to protect your business from cyberattacks. It’s a robust framework for enhancing cybersecurity, mitigating cyber threats and protecting critical information in an organisation.
One of the strategies included in the Essential Eight is data backup, which involves regularly backing up important data to ensure its availability and integrity in case of data loss or cyberattacks. This strategy is crucial in safeguarding against data breaches, ransomware attacks and other potential threats.
Fortified backups are a special way of protecting your important data. They’re managed separately from your regular IT team and external vendors. This separation adds an extra layer of security, ensuring your data stays safe and available.
By keeping your backups separate, we ensure your data is safe and secure – even in the event of a complete takeover of your IT systems.
Unlike in-house IT teams or MSPs with diverse IT priorities, we specialise exclusively in safeguarding our customers’ data.
Our deep security expertise focuses on risk mitigation and data security, complementing your existing IT team or MSP and allowing them to focus on more general tasks. This extra layer of protection ensures security, even if there is a complete IT system takeover.
Some key advantages of using Cybersecure are:
Maintaining separate administrative control over backups is crucial for enhancing security. Doing so establishes a clear barrier between the team responsible for production systems (i.e., your IT team or MSP) and the team managing backups (Cybersecure).
This separation reduces the risk of accidental or intentional alterations to backup data and the spread of security breaches from production systems to backups. It adds an extra layer of protection, ensuring that backup copies remain secure, reliable, and readily available in case of data loss or cyberattacks, safeguarding your organisation’s critical information.
Using Cybersecure attains full compliance with the Essential Eight Level 3 for backups.
Having your IT manage everything for you may seem convenient at first glance, but having multiple roles under the same team or vendor increases risks rather than reduces them.
If your IT team or vendor has access to all your digital assets, including backups, a cyberattack may compromise everything and make recovery difficult.
Best practice IT security reduces risk through separating roles. By separating IT roles, you can limit the access and authority of each IT team or vendor and ensure they only perform the tasks they need to do. This way, you can reduce the risks of human error, fraud or sabotage and improve your system’s security.
Having separate oversight and controls for backup systems is a smart way of protecting your business from data loss and system downtime.
Giving your internal IT team complete administrative control over production and backup systems carries a substantial risk. When the same team manages both areas, any issues or security breaches affecting one can easily spread to the other, elevating the potential for data loss and system downtime.
This lack of segregation in control domains can undermine data security and resilience, which is why maintaining clear separation is cybersecurity best practice.
No, separating administrative control of production IT and backups is always best. If an MSP has full administrative control over production and backup systems, a cyber attack can simultaneously impact both systems, increasing data loss and system downtime vulnerability.
Having a single IT MSP also diminishes flexibility and control over your data. If you switch IT providers in the future, your backups and historical data could become tied to the incumbent provider, limiting your ability to make seamless transitions or data management changes.
Relying solely on internal IT or an MSP for managing backups may not fully comply with the Essential Eight standard, as it breaches the principle of separating duties and data.
To align more closely with the Essential Eight principles, you should maintain separate administrative control of backups and your production IT environment.
Using Cybersecure attains your full compliance with the Essential Eight Level 3 for backups.
This setup doesn’t provide sufficient backup security as your MSP has a direct relationship with the third-party provider and still holds authority over your data.
Your MSP would have administrator-level access to your outsourced backups and primary systems. This would give them the technical capability to accidentally or intentionally change or destroy your data across production and backups without your consent.
Yes, backup checks and balances are crucial for backup quality and security. Backups often show symptoms of underlying problems, threats or cyber incidents. Cybersecure uses an independent set of checks and balances for better protection.
Changes within your IT team or switching MSP suppliers do not impact your backups. Your backups are kept entirely separate, so they are safe and secure with us, no matter what changes with your IT management.
You don’t have to worry about losing or transferring your data. You could also save money by avoiding hidden switching fees. We’ll protect your critical digital assets, regardless of your IT situation.
Even with multiple backups and Multi-Factor Authentication (MFA) in place, the fact that your IT team maintains administrative control over both your production systems and backups introduces significant risks.
While MFA adds a layer of security, it does not eliminate potential harm. Here’s why:
So, while MFA is a valuable security measure, it should be part of a broader security strategy that includes role separation between production and backup systems. Complete role separation offers additional protection, reducing the risk of unauthorised access or manipulation and making your data more resilient against both external and insider threats.
While designed to prevent unauthorised changes or deletions, immutable backups can still be vulnerable if the key person responsible can access the right credentials or systems. If this individual has the authority to modify or delete data, they can potentially override the immutability settings, rendering the backups susceptible to alterations.
To maintain the integrity of immutable backups, it’s essential to implement strict access controls and separation of duties to prevent the modification or deletion of critical backup data.
By rigorously maintaining clear segregation of roles and data, we establish an air-gapped backup solution from your systems to ours so we can guarantee the safety and security of your backups even in the event of a serious cyber attack.
An air-gapped backup solution is one of the best ways to ensure the security and availability of your backups. It means that your backups are stored on a device or network physically or logically disconnected from the internet or any other network. This way, hackers cannot access or damage your backups remotely, even if they manage to compromise your systems or accounts.
We have a proven track record of successfully recovering data and restoring systems for our customers, even in cases where they faced a complete compromise of their most privileged accounts.
Because your backups are deliberately segregated from your IT or MSP, even your most privileged IT admin accounts cannot alter them. Therefore, if your IT admin accounts are hacked, your backups are completely safe. We can quickly restore your data and keep your business running in the face of any compromise to your IT admin accounts.
Your backup data is stored separately from your systems, so it will not be affected by ransomware or malware. We also set your systems up with defence-in-depth, so you’re resilient to malware from inside your network. Defence-in-depth is a cybersecurity strategy employing multiple security measures to protect an organisation’s digital assets.
We maintain strict isolation from your production systems and by offering a restricted set of services by design, which means we have a reduced ‘attack surface.’
By implementing rigorous demarcation of roles and data, we create a formidable ‘air gap’ between our systems and yours. This fortified approach guarantees that in the unlikely event of a security breach on our end, potential attackers remain entirely barred from gaining any access to your systems.