Zero-trust security must include data backup and recovery

Issue 2 2022 Infrastructure

Who can you trust? The straight answer to that question is – nobody. Unfortunately, in today's digital world, the reality of the situation is that the old security maxim of 'trust but verify' is no longer adequate. We deal with borderless, global, mobile, hybrid and cloud-based environments where traditional security approaches do not work, and nobody is to be trusted, including employees, customers and partners.


Byron Horn-Botha.

The notion of a protective shield surrounding your organisation where interactions perceived as trusted and therefore safe, and exchanges outside of it are not safe, is outdated and naive. Zero Trust is a better approach and constitutes an antidote to stale security strategies because it demands organisations entirely remove trust from the equation by denying access to everyone.

Zero trust thinking

Zero Trust is not a specific technology or architecture. Instead, it's a new way of thinking that can help you achieve robust threat protection and gain next-level security. It is about evaluating the security posture of users based on location, device and behaviour to determine if they are who they claim to be. It is also about granting just enough privilege, just in time, so that users can perform work required tasks and operations.

With this model, only minimum permissions are granted at just the right time to get a job done. Such permissions are then revoked immediately upon completion of the project or transaction. A Zero Trust security approach authenticates and authorises every connection, for example, when a user connects to an application or to a data set via an application programming interface (API).

Gartner predicts that by the end of 2023, modern privacy laws will cover the personal information of 75% of the world's population.

GDPR was the first significant legislation for consumer privacy. Still, others quickly followed it, including Brazil's General Personal Data Protection Law (LGPD) and the California Consumer Privacy Act (CCPA). The sheer scope of these laws suggests you'll be managing data protection legislation in various jurisdictions, and customers will want to know what kind of data you're collecting and how it's being used. It also means you'll need to focus on automating your privacy management system. Standardise security operations using GDPR as a base and adjust for individual jurisdictions.

According to Gartner, the percentage of nation-states passing legislation to regulate ransomware payments, fines and negotiations will rise to 30% by 2025, compared to less than 1% in 2021.

That is a significant jump, as shown by the recent US government announcement that it is moving towards a Zero Trust approach to cybersecurity to dramatically reduce the risk of cyberattacks against the nation's digital infrastructure.

Gartner further predicts that by 2025, 60% of organisations will use cybersecurity risk as a primary determinant in conducting third-party transactions and business engagements, and 40% of boards of directors will have a dedicated cybersecurity committee overseen by a qualified board member. These predictions show that compliance is increasingly front and centre for C-suite executives in the management of businesses.

The fact is that organisations must assume bad actors will inevitably get in, and they must do everything to minimise their attack surface and protect business-critical data from being damaged or destroyed.

A successful zero trust strategy

Companies need to be vigilant concerning data backup and recovery strategies. The concept of constantly verifying, continuously authenticating, and always logging who is going where and doing what should apply to regular operations and application usage. It should also apply to data backup and recovery processes. It is crucial to know who is initiating backups and to where they are backing up the data.

It's also essential to ensure that whatever applications you're using for backup and recovery, those applications have embedded authentication mechanisms such as multi-factor authentication, identity services and role-based access.

One example is a worker who needs to have data recovered from their laptop. What are the credentials that allow this employee to restore the machine? What permissions were granted, and do those permissions need to be changed to reflect a new set of requirements? If the IT team is restoring a laptop set up a year ago, who ensures no one else has access to that machine? Zero Trust in data backup and recovery goes a long way to resolving these questions while securing enterprise data further.

Immutable storage should also be part of any Zero Trust initiative. Immutability is when data is converted to a write-once, read many times format. Immutable storage safeguards data from malicious intent by continuously taking snapshots of that data every 90 seconds. Because the object store is immutable, you can quickly restore data even if someone tampers with it.

As data breaches grow in volume and complexity, businesses must consider creative approaches to strengthen their protection against cyber threats. Still, it must be built around a Zero Trust security model – without it, breaches are guaranteed.




Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

VPS hosting set to dominate in 2025
Infrastructure
SME market growth and the increasing need for a digital footprint are pushing VPS growth in South Africa, especially since it is now perceived as a viable business tool, scalable by nature, with improved performance.

Read more...
Threats, opportunities and the need for post-quantum cryptography
AI & Data Analytics Infrastructure
The opportunities offered by quantum computing are equalled by the threats this advanced computer science introduces. The evolution of quantum computing jeopardises the security of any data available in the digital space.

Read more...
Highest capacity ePMR HDDs
Infrastructure Products & Solutions
Western Digital has announced that it is now shipping the world’s highest capacity UltraSMR HDD with up to 32TB leveraging the time-tested, reliable energy-assisted PMR (ePMR) recording technology for hyperscalers, CSPs and enterprises.

Read more...
Axis introduces ACS Edge and cloud storage
Axis Communications SA Surveillance Infrastructure Products & Solutions
Axis Communications has launched two new solutions within the AXIS Camera Station ecosystem, AXIS Camera Station Edge (ACS Edge) and AXIS Camera Station Cloud Storage (ACS Cloud Storage).

Read more...
Autonomous healing systems are the future
Infrastructure Information Security AI & Data Analytics
Autonomous healing software, an emerging technology, is gaining traction for its potential to transform how organisations manage software maintenance, security, and system performance.

Read more...
Navigating a connected, AI-driven future at SATNAC 2024
Infrastructure AI & Data Analytics IoT & Automation
The 2024 Southern Africa Telecommunication Networks and Applications Conference concluded its 26th edition with a call to harness AI to drive positive change across the continent. Moreover, students from Wits, North West and Pretoria universities won the best research paper awards.

Read more...
Cost-effective and reliable remote connectivity
Agriculture (Industry) Integrated Solutions Infrastructure
Companies that operate in hard-to-connect areas now have access to reliable connectivity due to a collaboration between MTN South Africa, Vox and Tarana technology.

Read more...
Data resilience in the age of AI
Infrastructure AI & Data Analytics
The discourse around AI has reached a fever pitch, but this ‘age of AI’ we have entered is just a chapter in a story that has been going on for years – digital transformation.

Read more...
Is cybersecurity broken?
Information Security Infrastructure
Companies are spending large amounts on cybersecurity, yet cyber threats continue to persist and thrive. Security executives are under tremendous pressure, and companies are questioning the wisdom of their security budgets.

Read more...
Data resilience for companies of all sizes
Technews Publishing Infrastructure Products & Solutions
Nakivo offers backup, recovery and replication solutions for all companies, but is focused on small- to medium-sized businesses where customers need affordable solutions that are simple to use and reliable.

Read more...