Companies, organizations and governments have massive volumes of data, and the primary focus for its security is placed on that which is stored in the cloud, but many are not following best practices of taking the extra steps necessary to ensure their backed up data is secure, complete and uncorrupted. This story is to talk about using the 3-2-1 rule for cyber resiliency (keep three copies of data, on two different formats–both encrypted, one of which is stored off-site and offline) and discuss anecdotes of what can happen when cyber resilience plans are not put in place or followed.
Companies, organizations and governments have massive volumes of data, and the primary focus for its security is placed on that which is stored in the cloud, but many are not following best practices of taking the extra steps necessary to ensure their backed up data is secure, complete and uncorrupted. This story is to talk about using the 3-2-1 rule for cyber resiliency (keep three copies of data, on two different formats–both encrypted, one of which is stored off-site and offline) and discuss anecdotes of what can happen when cyber resilience plans are not put in place or followed.
Data is the most important asset an organization has, whether it’s a business, organization or a government. At the same time, the frequency of cyber attacks that compromise data are increasing. Ransomware continues to be a plague, with some reports showing more than 14 publicly claimed attacks daily for the first half of 2024. Having a plan to thwart cyberattack is only part of the strategy. Equally important is how to rapidly recover and restore operations after a ransomware disruption has occurred. Share anecdote about OVHcloud data center that burned down in 2021 with backups in it – all assets destroyed and websites down for days. also might be good to mention the latest ransomware attack on University of Texas healthcare that is still not fully operational, 3 weeks after the attack and counting. it is unknown if they paid the ransom, but if they did and they’re still not operational, that goes to show how unreliable the ransomed data is. Apricorn’s own research shows that only half of U.S. respondents are conducting automatic backups to both a central repository AND a personal repository. Additionally, more than 25% of survey respondents were unable to recover all of their data successfully
If attackers are successfully breaching data and holding it for ransom, organizations have to be able to recover complete backups of their data in order to a) avoid paying the ransom and b) assure the original data needed for restoration of operations is complete and intact, which statistics show, frequently is corrupted and incomplete when ransom is paid. One of the easiest and most effective ways to rapidly restore operations after a ransomware attempt is to keep multiple copies of integrity-checked data so you can fully recover it if it’s compromised. The 3-2-1 rule is a proven cyber resilience best practice. The 3-2-1 rule calls for keeping at least three copies of your data on two different types of media, with one being encrypted and offsite. This is where Apricorn comes into play - we make the highest grade, portable data encryption products on the market. Our products are security focused - 100% software free, FIPS certified, non-Chinese chips and so many unique features such as admin AND user forced enrollment, programmable PIN lengths, brute force defense, self destruct PINS and more.
Learn more about Apricorn: https://itspm.ag/apricomebv
Note: This story contains promotional content. Learn more.
Guest: Kurt Markley, Managing Director, America's, Apricorn [@apricorn_info]
On LinkedIn | https://www.linkedin.com/in/kurt-markley-1596054/
Resources
Securing Data with Hardware Encrypted USB Drives: https://itspm.ag/apricoy0dm
Learn more and catch more stories from Apricorn: https://www.itspmagazine.com/directory/apricorn
Learn more about 7 Minutes on ITSPmagazine Short Brand Story Podcasts: https://www.itspmagazine.com/purchase-programs
Newsletter Archive: https://www.linkedin.com/newsletters/tune-into-the-latest-podcasts-7109347022809309184/
Business Newsletter Signup: https://www.itspmagazine.com/itspmagazine-business-updates-sign-up
Are you interested in telling your story?
https://www.itspmagazine.com/telling-your-story
The 3-2-1 Rule for Cyber Resiliency | 7 Minutes on ITSPmagazine | An Apricorn Short Brand Innovation Story with Kurt Markley
Please note that this transcript was created using AI technology and may contain inaccuracies or deviations from the original audio file. The transcript is provided for informational purposes only and should not be relied upon as a substitute for the original recording, as errors may exist. At this time, we provide it “as it is,” and we hope it can be helpful for our audience.
_________________________________________
Sean Martin: [00:00:00] And here we are ready for another seven minutes on ITSB magazine with a new short brand story. Today I'm joined by Kurt Markley, Managing Director for the Americas at Apricorn, the leading manufacturer of software free 256 bit AES XTS hardware encrypted USB drives, the safest place for your data at rest.
Welcome,
Kurt Markley: Kurt. Sean. for having me today.
Sean Martin: This is going to be a fun conversation, uh, all rooted in Apricorn. In data, almost all rooted in oil because data seems to be the new oil. And, uh, with respects to the amount of data and the value it has to businesses these days, what have you seen in terms of organizations try to get a handle on managing their data safely?
Kurt Markley: Well, uh, I don't think anybody would be surprised by the fact that. Ransomware and everybody's coming after your data. I don't care what kind of organization you are, government, uh, healthcare, enterprise, people want your data. Um, and, and they [00:01:00] either want to monetize it by what the contents are, or they want to monetize it by putting it for ransom.
You're, you're seeing a lot of that happening in the, in the. In the world. Um, you know, I think it's 14 major publicly announced ransomwares are being announced daily now. So it's this is a major problem that that everybody faces at this point. And corporations and organizations are having to figure out how to get their hands around it.
Um, and I think the best way to look at that is is how The organizations are structuring their data and, and how they're keeping it protected, best protected.
Sean Martin: So traditional backup systems are one way to, to keep, keep data safe perhaps, but for, for redundancy purposes, but resiliency means much more than, especially in the context of ransomware, so where are some of the challenges you see organizations facing, uh, in protecting their data?[00:02:00]
Kurt Markley: Certainly. Uh, if you look at the amount of tools that any organization at this point Employing in order to, um, keep their security top of mind. Um, you know, there's just a litany of things that they're, they're incorporating now. And then they're also, uh, they're not utilizing, uh, educating their, their employees very well, you know, so that's another thing that people really needed to look at when you're trying to ransomware.
As you mentioned, backups are certainly Um, a center to a very safe and secure way to keep your data protected from a ransomware if you're keeping it in an encrypted offline. Um, storage, you're, you're much more likely to be able to get back up and running, um, in the event of a ransomware attack, which we know will happen at some point.
So if, if you're relying completely on the cloud, which again, acorn, we use the cloud, and here we are storage manufacturers. Um, everybody [00:03:00] uses the cloud. It's just ubi ubiquitous in, in the world at this point. But the, the complete reliance on the cloud is, is where I think organizations are. Are really kind of testing the limits of, um, of their security.
Because if you're only looking at the cloud, you're, you're missing out on the opportunity to take that data away from the cloud and from those people who are trying to attack it.
Sean Martin: And we can't forget that, uh, the, the smart advanced, maybe not even advanced, but those that who, Those attackers that really want to access or control the ransom will, will likely take the cloud offline and the networks offline as well, which makes it difficult to, uh, to recover from.
So what, um, what are some of the ways you've seen your customers kind of get a handle on this now? Where do you, where do you, where do you fit in with Apricorn?
Kurt Markley: Sure. Um, I think we're, we're in kind of a unique space, uh, because we do, as you mentioned earlier, where we do external encrypted [00:04:00] software free encrypt, uh, or I said, encrypted, um, drives.
So what that allows you to do as an organization is. You want to always use the 3 2 1 rule. That's just a constant, um, that the industry should be well aware of at this point, but a lot of people still aren't utilizing that well. Um, 3 2 1 is having three copies of your data, uh, two, um, in two separate spots, one of those being off site.
And ideally, those are, uh, your, the two spots. Two different medias that you're collecting it on are encrypted. So we come into play in that because you're utilizing cloud already. There's one of your, one of your sets of data, but then if you put it onto an encrypted external drive, keep it offline and that way, in the event of a ransomware attack, you can't, you can't get your organization back up and running fairly quickly by being able to use that, that backup.
Because, um, let's face it, when you go through a ransomware attack, Even [00:05:00] if when paying the ransom, you look at the data and the statistics, most people aren't getting their data back when they get it back. If they, what they do get back, they're not getting back immediately. Um, and then, then, then they're trying to recreate their, their whole system.
Off of these bits and pieces as they've been provided through, um, what the ransomware attack is providing. So this allows you, if you do a full backup on encrypted external drive, that is offline, you could probably be back up and running as fast as, as would be possible in this scenario.
Sean Martin: And so talk to me about the, the process there.
Um, I mean, the whole idea is to get backup on online quickly, uh, when we're talking about networks and things like that. Not every organization tests that recovery process, right? And perhaps, and perhaps with a hardware based device, uh, the speed with which the recovery, uh, can be much faster. So talk to me about that process a [00:06:00] little bit.
Kurt Markley: Uh, yeah, it's as simple as, you know, it, it, Everybody's got a little bit of a different system, right? You're using various OSs and that type of thing, and you're having to back up, um, all sorts of different sets of data. So, you know, that's one of the inherent issues with the cloud. You don't necessarily know all the stuff that's up in the cloud.
You don't necessarily know what you're keeping on the network. But as long as you keep everything backed up on the drive, um, you know, in a much more organized manner, When it's on that drive It should be pretty easy for your it group to to rebuild the systems from it
Sean Martin: and the devices themselves as we wrap up here are 100 software free as you noted FIPS certified, which is no small feat
Kurt Markley: Manufacture all of it here in San Diego, California. Uh, we, we do not use Chinese manufactured chips. We're very, uh, very strict on, on how we, how we look at this whole environment. So
Sean Martin: that's fantastic, Kurt. And that [00:07:00] is seven minutes here on ITSB Magazine. Thanks everybody.