How DR minimises impact from Cyber attacks
In part 1 of this series, we discussed how BCDR solutions attempt to reduce the impact from all types of disasters that can be natural, accidental or deliberate.?Of the seven potential disasters discussed, it is Cyber-attacks, such as ransomware that will be keeping IT managers awake at night.?The method, point of entry and technology used all changing rapidly.?Threats have a complex profile and require specialisation as well as ongoing attention (and investment) to keep up to date with the necessary protection.
Occurrence and impact of Cyber attacks
Cyber-attacks, such as ransomware are in the news each week, this year 2021, we have already seen many headline stories reporting large, often tech savvy companies, being victims of breaches or ransom demands?Linked-In [June 21, 700m users]; Accenture [Aug 21, $50m]; Acer [May 21 $50m]; AXA [May 21, 3TB]; RB [£107m] and KIA [Feb 21 $20m]. ?Sometimes the failure to adequately manage breaches can also lead to regulatory consequences, as was seen with British and Foreign Bible Society fined £100,000 by Information Commissioner’s Office because of failure to adequately protect customer data.
To get an independent view of the extent of this the problem, the UK Government office of national statistics publish an annual report on this topic. ?The latest 2020 survey reports that nearly half of all UK businesses [46%] were subject to a cyber security breach/attack in the previous 12month.
Attack rates vary according to size or type of companies, one in four charities being attacked with 26% the lowest reported rate.?Medium and large companies were attacked nearly 3 times as much (68% & 75% respectively).?Microsoft believe that Cyber security is now the number one threat to every business and is costing $6Trillion globally each year (expected to rise to Over $10T by 2025).?Serbus Group estimate attacks cost UK businesses a total of £365 million last year and Cloud Wards believe a third (32%) of users will actually pay the ransom to avoid large recovery costs and loss of data.
How does Cloud DR help?
Cloud DR systems offer protection of two elements: customer data and the production system.?Hot DR solutions will often replicate the production environment to a second system, ready to go, with almost live data, should the prime go down.?This protects the system, but not the data.?Any corrupt or encrypted data in the production system will also be replicated to the DR environment.
Cloud DR protecting SAP on-prem production systems?
To protect the data, backup copies of the data need to be taken regularly to provide multiple valid restore points.?Companies being held to ransom, will likely also find their recent backups have also been encrypted often with the use of malicious time bombs that can corrupt the data when attempting to extract it. ?Faced with a choice of restoring from the previous month, or the month before that, resulting in a big loss of data, organisations consider paying the ransom. ?Hackers will pitch the amount of money demanded so that submitting to the ransom is seen as a more effective option.
DR services often provide multiple backup solutions and services to better protect user data with more valid restore points, should the organisation be breached.?DR backups should automatically encrypt protected files to reduce the risks of backup data also being breached.?Regular data integrity validation and fail-over testing services will also provide peace of mind that the DR will be effective when required.
Protecting SAP HANA databases
SAP HANA uses a single in memory database shared between all applications with one master source of the company’s entire data set.?HANA databases are very fast changing and demand very high IOPs.?They are also often large, with average database sizes being 2-4TB and much larger databases now available and growing in the future
领英推荐
Conventional IT file, VM or disk backup/replications tools and solutions are unsuitable to ensure data integrity of HANA databases.?HANA systems can only be replicated as the whole system, backups being done at a point in time, permits the potential for loss of data (between time of last backup and time of failure). ?The preferred solution is to implement continuous replication of all persisted data.
HANA certified tools are not only expensive and require trained operators to use effectively and if further protected with the use of encryption, having confidence of database integrity must be assured.?Protecting these large, fast changing backups is something that a DR Service provider will manage and testing regularly for their customers.?It is this Assurance that is perhaps the biggest value of a DR service to know that there is an experience and a trusted pair of hands that can be relied on in an emergency.
Other Episodes in this series:
References
Microsoft Ignite conference https://www.dhirubhai.net/posts/david-penny-opalwave_opalwave-sap-microsoftignite-activity-6861962359661977600-nkg7
Reckitt Benckiser: British pharmaceutical ransomware cost £107M
British and Foreign Bible Society: Swindon-based The British and Foreign Bible Society, fined £100,000 by Information Commissioner’s Office
SAP Programme Director & Trouble shooter | Future SAP & AI Advisory | Separation M&A TOM Architect | Finance Domain Business Transformation Expert | Data Alchemist | TOGAF Ent Arch - CTO | SAP Investor Analyst | XTed
2 年Tech resiliance cant be the last line of defence, a proper BC plan is very soviet, Pen Paper and battery lights