By Jason Lohrey, Founder and CEO of data management company Arcitecta
Insider Threats & Multifactor Authentication
Individuals within an organization who exploit their access for malicious purposes or unwittingly cause security breaches due to human error are a significant security challenge. Many organizations use multifactor authentication (MFA) to prevent insider threats, but MFA alone is not sufficient. What’s needed is a second mechanism, or authorization, beyond authentication to provide a stronger line of defense. Multifactor authentication and authorization (MFA&A) confirms individual identity during authentication (when seeking initial access) and grants authorization or approval when attempting to perform sensitive data operations to prevent unauthorized access, modification, and deletion.
In combination, multifactor authentication and authorization create a critical measure that provides much stronger security, increases control over system access, and reduces the risk of data breaches. It also ensures compliance with industry regulations and is a cost-effective solution for data security. By implementing MFA&A, organizations can protect their sensitive data and ensure the integrity of their file systems.
Insider Threats & Zero Trust
The notion of zero trust came about through the critical realization that traditional security models operate on the outdated assumption that everything inside an organization’s network should be implicitly trusted. Recognizing that insider threats can be the most damaging, organizations should adopt a zero-trust approach to protect them from both insider and outsider actors.
Such an approach should include at least three components:
- Provide multifactor authentication and authorization in the data path.
- Perform continuous verification as a core principle that involves constantly evaluating and authorizing every access request based on real-time factors such as user identity, device security posture, and contextual information.
- Provide the ability to create multiple roles, such as implementing least privilege and creating separate admin accounts.
Cybersecurity Threats & a New Focus on Recovery
IT leaders are shifting their focus from backup to recovery as organizations need complete and immediate data recovery with no downtime or, at most, only milliseconds of downtime to prevent criminals from holding a business and its data hostage for days, weeks, or more. New approaches such as continuous data availability represent game-changing levels of protection that actively record every significant change in real-time for every file so a user can go back to any point in time to retrieve data – quickly and without the assistance of IT. Organizations will increasingly leverage continuous data availability technology to protect data from loss and cyber threats.
Cybersecurity Threats & Data Resiliency
As data environments reach hundreds of petabytes and hundreds of billions of files, protecting data will become an increasingly difficult and complex challenge. Organizations need their data to be resilient and continuously available, with the ability to spring back seamlessly to reduce the risk of critical data loss and the impact of downtime, outages, data breaches, and natural disasters. Achieving data resilience at scale requires a radical new model and one that revolutionizes today’s broken backup paradigm. Traditional backup is independent of the file system, but a better approach is to merge the file system and backup as one entity. In this way, every change in the file system can be recorded as it happens, making it seamless to retrieve lost or deleted data, regardless of when it existed and across the entire time continuum.
