The need for organizations to deploy modern processes to secure and manage their data is more critical now than ever.
Data continues to grow at exponential rates. At the same time, the largescale work-from-home (WFH) arrangements – and employees accessing the company network from their own devices – has increased the surface area for cybersecurity attacks.
Organizations today need to address both challenges.
DigiconAsia sought out some answers to these challenges from Marcus Loh, Chief Technology Officer, Asia Pacific Japan, Cohesity, who also offers some pointers for organizations to effectively manage WFH arrangements.
Work-from-home (WFH) arrangements are here to stay. With this in mind, how could organizations effectively and securely manage their data?
Loh: A key way to do that is by utilizing software-defined data management solutions that span across environments. IT teams can leverage these solutions to help manage data through a single interface, greatly simplifying data management across multiple clouds, data centers, and edge locations.
With these capabilities, organizations can understand what data they have, know where it’s located, ensure their data is backed up and in compliance, improve their security posture, reduce operating costs, streamline previously complex tasks, and spend less time supporting infrastructure and more time on innovation.
Additionally, businesses must also consider the following factors to manage their data effectively and securely:
- Train employees on security best practices
Using COVID-themed emails, bad actors are using WFH arrangements as attack vectors. It’s not surprising that many security breaches are a result of human error, which can position employees as the weakest link in an organization’s security infrastructure. While IT teams can implement security procedures to safeguard the business against intrusions, security may be comprised without the employees’ full cooperation. With properly communicated safety protocols, employees can develop a stronger understanding of the risks related to mishandling data.
- Ensure data is backed up and recoverable
Organizations are accumulating vast amounts of diverse and often fragmented data. Most of the data consists of data used for backup, file and object shares, dev and test, archiving, and analytics. It’s critical that organizations deploy modern solutions that makes the backup and recovery process simple and fast. Organizations cannot afford to go days trying to restore backup copies of data in the event of an outage, natural disaster, or ransomware attack. With respect to ransomware attacks, it’s also critical that organizations deploy software-defined data management solutions that provide a multi-layered approach to preventing, detecting, and if necessary, responding to attacks – helping ensure business continuity while keeping cybercriminals in their place.
- Utilize the cloud
Moving data to the cloud can make it easier for organizations to share and access data safely while providing end-to-end and unified data protection. With security measures offered by the cloud such as firewalls, encryption and monitoring, businesses can benefit from the cloud in terms of enhanced data protection while WFH.
How can companies comply with regulations and data protection laws without overburdening employees with additional technology load and adjustments in WFH settings?
Loh: Compliance with regulations and laws such as the General Data Protection Regulation (GDPR) require WFH companies to implement measures to protect Personally Identifiable Information (PII). To meet the stringent requirements to stay compliant, resources should be allocated to ensure that the business monitors the following:
• The type of PII used in production and stored in backup systems on-premises and the cloud.
• The length of time the information is stored.
•The protocols in place to safeguard the security of data.
• The ability to quickly modify or delete data based on requests.
Modern data management and protection solutions such as those offered through Cohesity can help streamline compliance, both during and after WFH time periods.
These solutions help organizations stay vigilant and improve security and compliance by providing technology that makes it simple for organizations to deploy best practices, including:
- Governance – Keeping auditable operations logs and processing for data protection and compliance.
- Storage and retention – Knowing where PII is stored and keeping it only for the purpose it was acquired for and within a specified time frame.
- Response to individual rights – Processing PII deletion and removal requests, as well as information access or change requests.
- Breach notification – Prompt notification of breach within 72 hours from discovery.
3. How can organizations with multi-cloud and hybrid cloud environment manage their data efficiently and effectively?
Loh: Hybrid cloud is increasingly becoming the norm for businesses. With data stored both on-premises and in the cloud, enterprises are having challenges managing, gaining visibility, and deriving value from all this data in a cohesive fashion. One of the key challenges that organizations face is mass data fragmentation, where data is heavily siloed across data and infrastructure silos that span on-premises and public clouds.
The key way to address this challenge is to deploy a modern, web-scale data management platform, like the Cohesity DataPlatform, that brings all of these silos together. Organizations can then manage the vast majority of their data – data used for backups, files shares and object stores, dev / test,
archiving, and analytics – from a single dashboard that extends across on-premises, cloud, and hybrid environments. This enables organizations to reduce costs by reducing infrastructure, improve data visibility, governance, and security, while also enabling organizations to benefit from the flexibility provided by the public cloud.
Cohesity’s cloud-agnostic design offers broad support for all major public cloud platforms and features a distributed file system that spans hybrid and multi-cloud infrastructure. With a software-defined data management platform, organizations can also accelerate their enterprise data center modernization and multi-cloud adoption initiatives.
Could you share some tips for organizations on how to effectively manage WFH arrangements?
Loh: Here are some pointers:
- Appoint members from the leadership team to oversee a cross functional, global team that includes representatives from facilities, security/IT, customer support, and all other major organizations. Have this team meet regularly to discuss and formulate solutions to complexities and challenges resulting from WFH mandates.
- Discuss policies that must be adopted company-wide that will ensure proper data management takes place and that security postures are enhanced as much as possible.
- Enhance internal employee communication, whether that’s through email, company-meetings, manager communications, video conferencing, and/or through team messaging platforms. As part of these communications, be very deliberate in communicating security best-practices.
- Increase manager communications. It’s critical that managers reiterate messages with their teams in terms of best practices that will keep company data and infrastructure secure.
- Ensure employees know who to call or how to access information in the event of security, health, or wellness event that must be addressed.
- Communicate effectively externally with customers and partners about steps your company is taking to ensure optimal levels of productivity and support during this WFH period.