Page 50 - Cyber Defense eMagazine December 2023
P. 50

How Should Firms Protect Backups?

            We recommend organizations of all types, including law firms, employ the following approach:

               •  Always have five copies of its data:
                       o  One: The production data.
                       o  Two: All data backed up to physically redundant, immutable backup storage.
                       o  Three: All backups replicated to physically redundant, immutable offsite backup storage.
                       o  Four: All backups copied to digitally air-gapped, immutable storage.
                       o  Five: All volumes on all storage platforms (NAS, SAN, etc.) immutably snapped.



            Through this method, firms can ensure redundancy, immutability, and recoverability—should a threat
            actor attack one data repository, other immutable copies exist on different technologies.



            Putting Backups in the Forefront to Secure Business Operations

            In the end, when your data is gone, so, too, is your business. Backups MUST be considered a first line
            of defense, and with this, law firms need to prioritize learning how to defend not only their front-line
            defenses, but also their resiliency in the event an attack occurs.





            About the Author

            John Anthony Smith is CSO of Conversant Group and its family of IT infrastructure
            and  cybersecurity  services  businesses.  He  is  the  founder  of  three  technology
            companies  and,  over  a  30-year  career,  has  overseen  the  secure  infrastructure
            design,  build,  and/or  management  for  over  400  organizations.  He  is  currently
            serving as vCIO and trusted advisor to multiple firms.

            A passionate expert and advocate for cybersecurity nationally and globally who
            began his IT career at age 14, John Anthony is a sought-after thought leader, with
            dozens of publications and speaking engagements. In 2022, he led the design and
            implementation of the International Legal Technology Association’s (ILTA’s) first annual cybersecurity
            benchmarking survey.

            John Anthony studied Computer Science at the University of Tennessee at Chattanooga and holds a
            degree in Organizational Management from Covenant College, Lookout Mountain, Georgia.










            Cyber Defense eMagazine – December 2023 Edition                                                                                                                                                                                                          50
            Copyright © 2023, Cyber Defense Magazine. All rights reserved worldwide.
   45   46   47   48   49   50   51   52   53   54   55