How a Defense in Layers approach improves cyber security

Keeping an offline version of your data is an important part of your data security strategy

You can’t escape the harrowingstories about cyber crime and how it’s affecting our daily lives. At any date, any time, anywhere on the globe, a news story is always hitting about a large organization or institution being hit by a cyber attack. And for every cyber security incident at a large organization that makes the news, there are dozens if not hundreds of cyber crimes happening to small organizations and individuals that never make the news.

Organizations today are faced with innumerable cyber security pressures. From maintaining their reputation with clients and stakeholders, to protecting sensitive personally identifiable information, to concerns about financial repercussions to ransomware, to an evolving regulatory landscape, companies must now add the following to their list:

• The necessity to get back up and running quickly after a cyber security incident.
• Difficulty getting cyber liability coverage, or getting a full payout when you do have a cyber security incident.
• The need to not only protect data from theft, but to ensure that it’s immutable from tampering.

A Defense in Layers security strategy

The strategy that we at Rimage recommend is a Defense in Layers (DIL) approach to data security. The underlying premise to a DIL strategy is thatthe vast majority of networks are vulnerable to attackand there’s no one tool or solution that’s going to prevent 100 percent of cyber security incidents. Because employees are an organization’s greatest vulnerability, it’s impossible to remove the human factor in cyber security.

A Defense in Layers strategy does exactly what its name suggests: it layers different protective tools and solutions over your most sensitive data to deflect as many types of cyber crime as it can. And it places a pragmatic emphasis on tools that help an organization quickly recover from cyber attacks, which are increasingly inevitable even with multiple layers of defense.

The power of offline

Another piece of good news is that organizations often have tools and solutions already in place that they can repurpose into a Defense in Layers strategy. One of the most critical is offline, removable media. Since the vast majority of cyber crime happens online, savvy organizations are taking a second look at some of the proven offline solutions they’ve used for years and strategically moving them into the data security stack.

Here are Rimage, we’ve been providing our clients with safe, reliable, proven offline backup solutions for more than 40 years. Rimage’s suite of offline, removable data management products are uniquely suited to give organizations the Defense in Layers offline data security they need in order to keep their data safe, ensure “quick restart” business continuity when they’re attacked, prove to insurers that they’re compliant with cyber crime liability policies, and ensure data is immutably written with Write Once, Read Many (WORM) technology.

The offline security layer

The four core tenets of the offline layer of a Defense in Layers strategy are:

• Removable data storage. Offline, removable data management is taking an increasingly important role in the data security stack. Data stored on offline media such as CDs, DVDs, Blu-ray and USB is kept safely out of the reach of cyber criminals.
• WORM technology. WORM technology is a critical piece to any organization’s data security strategy because cyber criminals aren’t just interested in stealing data—sometimes they want to manipulate it. With WORM technology data is written immutably on removable management media so it can be read any number of times but never manipulated or changed.
• Chain of custody. Chain of custody allows the movement of data to be tracked through its lifecycle to document each user that handles it. This provides accountability and the ability to trace any nefarious activity that might have occurred to any piece of sensitive data back to an individual.
• Backup and recovery. With air-gapped, offline backup and recovery, a copy of your data is kept offline and inaccessible to the internet so cyber criminals can’t get their hands on it.

You’re not powerless over cyber crime

The truth is, it’s not a matter of if you’ll suffer a cyber attack, it’s a matter of when. The news can feel dismal, but there is a silver lining: organizations aren’t completely at the mercy of cyber criminals. While it’s true that it’s nearly impossible to completely prevent a cyber attack, a Defense in Layers cyber security strategy can ameliorate the effects of a cyber security incident.

Organizations’ cyber security needs are only growing more complex by the day. That’s why a Defense in Layers approach that incorporates tried-and-true offline tools is the only strategy that makes sense for today’s threat landscape.

Want to know more about how an offline solution can shore up your Defense in Layers strategy? Check out this FAQ.

Chris Rence, president of Rimage Corp., is an innovation leader and expert in global security data protection.

Was This Article Helpful?