Keeping data safe from exposure after an attack

The recent NotPetya and WannaCry attacks on organizations globally not only resulted in ransom paid to perpetrators for some but significant loss in terms of revenue, productivity and legal implication for those affected. The truth is organizations will continue to be vulnerable to threats like this since it is inevitable that operating systems and applications will succumb to bugs now and
then.

Now, despite investing millions of dollars into perimeter defense and endpoint security, these preventive measures have proven to be useless against malicious threats like Ransomware; since they tend to exploit known vulnerabilities in the system. Threats like these are “zero-day” and can easily infiltrate into a network by infecting critical systems, by-passing your firewall.

Another viable option is to implement a patch management mechanism that will ensure that all servers and endpoints are patched in a systematic and timely fashion. In theory, this may work. But in reality, we know that patching servers require tedious and meticulous testing before any patch can be promoted to production environment. Moreover, this does not apply to EOL systems and the
period before patches are released to the market.

The saving grace may be in the form of scheduled and isolated backups; albeit an extended down time is certain for restoring those backups. The million dollar question remains: What happens to your sensitive data that was stolen? Fact is, your sensitive data remains compromised and exposed whether or not the ransom is paid, even if the data is returned.

This is where securing your data becomes your last line of defense. It is imperative that sensitive data, structured or unstructured, should be protected all times. This can be achieved by adopting a finer grain of access control at kernel level with an easy-to-deploy encryption mechanism. This mitigates the risk of data exposure in the event of a Ransomware attack, hackers or even theft from
an malicious insider.

While the attacks are getting more sophisticated and rampant over time, it is high time for
organizations to focus more on safeguarding its sensitive and proprietary data. The impact of losing
such data may not only result in revenue loss but also potential harm to an organization's reputation
and brand equity.