The public sector must be diligent in intersecting the cloud and ransomware


Rick Vanovar, Senior Director of Product Strategy at Vim

Often, when a citizen contacts a government agency, a portion of personal information is provided and stored. This means that ransomware attacks threaten to disclose both internal government data as well as citizen information.

Photo identification documents from motor vehicle records – the ownership of citizen data puts government agencies in a more precarious position than private companies.

According to a summary of recent Maximus research, 91% of Responsive Federal Employees Indicates that “all, most or some of their systems and solutions are in the cloud.” As current work from the home environment has helped cultivate and expand the epidemic cloud power, SaaS has become equally necessary for public and private industries.

The federal government is estimated to have spent more than িয়ন 6 billion on cloud computing in 2020, which is expected to increase in the future.

As we develop how and where we store personal data, our competitors also develop the ways in which they target it. And, because of this increase in personal information stored in the cloud, bad actors often target the power of the cloud.

With The recently published Telework Guide to the Office of Personnel ManagementThe recommendation to increase telework access means continued reliance on the cloud and SaaS and the potential for cloud-targeted ransomware attacks.

It is estimated that by 2025, 75% IT companies With at least one ransomware attack hit, it is more important than ever that companies back up their data using SaaS and cloud programs.

A three-step process for the resilience of government agencies

Cloud and SaaS capabilities will continue to be key components for federal agencies, so how can the government ensure that they protect and back up data to prevent ransomware attacks?

For government agencies to effectively protect cloud-hosted data and related web-based software, they need to know their opposition, implement a robust backup infrastructure, and establish procedures to deal with post-attack situations.

Ransomware attacks follow remote access methods that are not created securely), use phishing attacks, or capitalize on system vulnerabilities. By implementing secure remote access, training staff about phishing, and ensuring systems and software are always up-to-date, companies can take a defensive stance against ransomware.

Since ransomware agents want to block system access in exchange for payments, the best defense against these attacks is a strong backup infrastructure and data protection system.

Implementing multi-factor authentication for SaaS applications can strengthen data protection because it reinforces accessibility requirements. And, while it is important to note that data should always be backed up, it is especially important that cloud-based data backups are stored on devices that are not connected to a network. According to Veeam’s 2021 Cloud Trends ReportMore than half of SaaS administrators agree that data should be backed up to protect an agency against a cyber event.

And, although many government agencies already use data encryption, they should take that practice one step further by encrypting backups for an extra level of security.

Unfortunately, no matter how well-prepared the agencies are, there is a possibility of ransomware attacks in the coming years. Therefore, it is essential that the government has the necessary and necessary procedures in place to conduct a successful attack.

To get started, government agencies should prepare an emergency contact list that identifies who and how to contact the necessary IT team, staff and external resources in security, incident response and identity management.

Ensuring an immediate response can help to recover necessary data more effectively as well as reduce the risks associated with lost data. If data loss affects citizens and their personally identifiable information, cross-agency cooperation will ensure appropriate measures are taken to protect victims.

After a ransomware attack, rebuild and restart

Ideally government agencies would not see an increase in ransomware attacks on cloud capabilities although systems often benefit them due to the proliferation of remote work. To be vigilant, they should know their potential enemies, implement a strong backup infrastructure and establish mechanisms to deal with the situation after the attack.

About the author

Rick Vanovar is a senior director of product strategy at Vim. Rick is an expert in intelligent data management and backup. In his role in Vim, Rick sits at the corner of many types of storage. Be it storage system, critical application data, cloud data or any of these data; Rick has experience in data management practice as IT practices change with new technologies. Follow Rick on Twitter RickVanover and can be contacted online

Notice of fair use: Under the “fair use” law, other authors may restrict the use of the original author’s work without permission. 17 According to US Code § 107, some use of copyrighted material is “not a copyright infringement, for purposes such as criticism, comment, news reporting, teaching (including multiple copies for classroom use), scholarship or research.” As a matter of principle, fair use is based on the belief that parts of copyrighted material are free to be used for the purpose of public comment and criticism. The privilege of fair use is perhaps the most significant limitation of the exclusive rights of a copyright owner. Cyber ​​Defense Media Group is a news reporting company that reports cyber news, events, information and much more on our website Cyber ​​Defense Magazine at no charge. All images and reporting are done exclusively under the fair use of US copyright law.

Source link