Data loss, disaster recovery and coronavirus

The coronavirus pandemic has brought with it a wealth of data security issues, including increased risk of data loss. GDR spoke to KPMG chief information advisory manager Nick Amin about the new risks and what businesses can do to avoid losing valuable data.  

Why is there an increased risk data loss because of covid-19?

Covid-19 has impacted every company regardless of their size or specialty. While this has triggered many businesses to quickly react with their disaster recovery plans, no one really expected the need for all employees to start working from home at once for an extended period of time. This, in many instances, puts a huge strain on the IT infrastructure where users are saving data locally, or in areas that are much more convenient, but not ‘authorised’. Working from home requires practice, and for those that have never worked from home before, data can quickly become very disorganized.

What are some of the possible consequences of losing data? 

People often need to use their own personal equipment to complete their work outside of the office, and this equipment is always considered less secure. Many business applications behave best when used from the local office and some perform poorly over VPN [virtual private network] connections due to high latency. Such issues can cause significant delays and loss of productivity, consequently forcing many companies to relax their security standards purely to get business to an operational level. 

How do these consequences differ depending on the type of data that may be lost – such as personal data, proprietary data, even trade secrets?Poor internet connections at home can make it virtually impossible for users to access large files, or back them up to the network to save the latest copies. These files would then go unprotected when stored on machines outside of the network. This can lead to anything from proprietary data to trade secrets being put at risk.

Do data-loss prevention methods therefore differ depending on the type of data being protected?

With most protection from hackers coming from firewall perimeter equipment that blocks malicious sites and traffic, users working from home are often completely vulnerable to malicious attacks. Security firms and organisations have noticed that there is an uptick in the number of attacks being presented as covid-19 treatments, announcements, or something similarly relevant.

Companies that have deployed remote application delivery solutions (such as Citrix or Remote App from Microsoft) are able to keep sensitive data local to their data centres, so users can still access the data remotely but it stays safe from any malicious code that could potentially damage the client’s device.

Is the issue purely a technical one?

The issue is mainly technical but it also stems from the unexpected impact of everyone working from home for an extended period of time. Companies that prepared for a disaster recovery scenario planned to have the main data centers relocated, or a simple office building shutdown for a week or two. No one, however, predicted a situation where all staff members would have to be dispersed with very little, to no, notice. In this case it is technical, but also shows a lack of planning for this exact scenario.

An appropriate plan to tackle this scenario requires proper policies of what to do if everyone is going to be working remotely and how data is handled and protected - including available IT resources, a method of how to keep users protected (security patches, data back-up and so on), user training, and an available budget to cover the expenses for however long it takes.

What are the fundamentals of disaster recovery? Has covid-19 changed anything about these fundamentals?

The main fundamental of disaster recovery is the ability to switch from scenario A to scenario B when a disaster is declared. The specifics of this include how long it takes for this switch to take place; how it will impact business continuity; and what safeguard methods are expected to remain, such as data backup, vulnerability protection, and maintaining acceptable performance.

Covid-19 exposed a scenario that countless businesses did not anticipate. Many companies have remote access policies, but they are often limited to around 10-30% of the users. Going over their capacity could impact performance, as the infrastructure may not be able to handle it or they may need to acquire additional licences. Consequently, many of those remote working policies proved unhelpful in this disaster recovery scenario.

Moving forward, disaster recovery will be a critical element to not only large enterprises, but also SMEs, and may also include scenarios that were once deemed impractical. There are several trustworthy softwares, such as PeerSoftware’s PeerSync and GuruSquad’s GS RichCopy 360 Enterprise, that offer an unmatched level of service by autonomously cloning and protecting data. Many unprepared businesses should seek this kind of service in protecting themselves from any unexpected disasters that may follow the outbreak of covid-19.