What are data security best practices? With so much news about hacking and ransomware, it can be hard to keep up.
In May of 2017 a ransomware attack shook the cyber world as never before. Called WannaCry, the malware encrypted data on more than 200,000 computers in at least 150 countries. Both large enterprises and smaller businesses were thrown into chaos as perpetrators demanded payment in return for a promise to provide the encryption keys that would allow victims to regain access to their data.
This episode has served as a wake up call to many organizations that have paid insufficient attention to ensuring that their business-critical information is protected from the existential threat posed by modern cyber criminals. In this environment, there’s probably no greater benefit Managed Services Providers (MSPs) can provide for their clients than to guide them in implementing top-flight data protection solutions that can keep their precious data safe.
So, what can MSPs do to ensure the safety of their clients’ data?
Start With The Basics
A good MSP will proactively work with clients to fully understand their particular data protection needs and help them develop an appropriate plan. That assessment will include issues such as identifying business-critical information that requires a high level of protection, determining if there are regulatory requirements, such as HIPAA compliance, that must be met, and specifying appropriate RTO (Recovery Time Objective) and RPO (Recovery Point Objective) levels to insure business continuity if a disruption occurs.
Of course the MSP will see to it that regular data backups are performed, including replication to remote sites to insure against simultaneous loss of both the original data and the backup in a fire or other local disaster. Plus, the backup/recovery process will be regularly tested to insure that backed up data can actually be restored.
Continuous 24/7 monitoring of a client’s IT infrastructure is a fundamental element of the services offered by most MSPs. This monitoring should focus not only on potential hardware or software failures, but also on detecting threats and intrusions both from outside and from within the customer’s organization. This will include encouraging the client to maintain and regularly update a comprehensive role-based access management process that strictly limits permissions to those required by each individual’s job responsibilities.
Other basics that must be covered include insuring that anti-malware software is installed and kept up to date, and that all software upgrades and security patches are promptly applied. And a good MSP will seek to educate the client’s personnel about how to avoid falling victim to “social engineering” threats.
Moving To The Next Level Of Data Security Best Practices
Many MSPs already do a good job of providing the basics of data protection for their clients. But MSPs that go beyond the basics to offer enterprise-grade data security at an affordable price will stand out from the crowd and gain a distinct competitive advantage.
Providing that next level of protection has historically been an expensive proposition that many MSPs were simply not positioned to undertake. But now, with the advent of the storage-as-a-service (STaaS) concept, the ability for MSPs to offer enterprise-class data protection has become a practical reality. By partnering with a first-class STaaS provider, MSPs can offer a range of data security services far superior to what most of their competitors can achieve on their own.
A good example of such a partner is Zadara Storage. Through its VPSA Storage Array technology, Zadara allows MSPs to offer their customers top grade data protection services, including:
- Automatic, continuous, incremental backups to both on-premises and off-site remote storage, including private clouds and public clouds such as Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform (GCP).
- Frequent zero-impact snapshots with the retention of multiple versions, allowing customers to keep as long a history of their data as they desire.
- RAID protection that spreads copies of the data across several disks so that a drive failure won’t result in loss of data.
- Automatic failover to virtual servers either on-premises or in the cloud, providing the ability for applications to continue running even when a local disruption occurs.
- Multi-zone and multi-cloud capabilities that can keep a client’s IT services online even if a major cloud provider suffers an outage.
MSPs Can Now Provide a High Level of Data Protection For All Their Clients
By partnering with an industry-leading STaaS provider like Zadara Storage, not only can MSPs offer a technically superior data protection solution to their clients, but they can do so at a much lower cost than was previously possible. Zadara’s offering is based on a pay-as-you-go model in which the client never needs to spend precious capital funds to acquire storage hardware, but simply pays a monthly fee for just the amount of storage they actually use. And that means enterprise-grade data protection can be a reality not just for large companies, but for smaller ones as well.
If you’d like to know more about how you can provide your customers with the highest levels of data protection at a cost they can afford, please download our data protection tip sheet.