• Security
  • Cloud & Data Platform
  • Commvault
  • Article

Working with IT security is a bit like climbing a mountain with an ever-moving peak. Then, when an attack occurs, you feel like Sisyphus working to push the stone up the mountain while being knocked back to square one, or even further back than that, time and time again. Luckily, we have become wiser and better even though the development is racing along and taking on new forms from where we were at just a few years ago.

One interesting paradox is that some of the classic and most basic disciplines remain the key to a powerful position, yet they are often overlooked. We met with Commvault for a conversation about security as it stands today. We get into the boring, yet critical elements of your security and a good culture. Here is what we have in store for you:

  • Check to see if you are stuck in a rut which is no longer serving your needs
  • Get to know the methods and tools of the criminals
  • Get insight into consequences of the fact that even the low-level criminals are using AI now
  • Get inspiration for the division of responsibility between business, top management, the IT department, and the CISO
  • Solutions delivered as a service; who is responsible?
  • What to do when an admin is compromised

CONTACT US

Watching Paint Dry

Per Larsen, Senior Sales Engineer at Commvault, has a healthy dose of insight and enthusiasm when he speaks on IT security. “There are those who would say that backup is as intriguing as watching paint dry. But that is what we do! Backup and restore. These areas have been on quite the journey through IT development.

 

A few years ago, the primary reason to create a backup was the fear that an employee would delete the files, intentionally or accidentally. Those days are done. Now, it is all about cyber security and in this, backup and restore remains relevant, now more than ever,” he confirms.

The Backbone

Jesper A. Frederiksen, Head of Security at Danoffice IT, agrees with Per that fundamental security measures it not the hottest topic. “Backup and restore are fighting a cultural prejudice. They are just not sexy. However, the challenge is that the technological component of backup and restore form the backbone of your entire preparedness. Your restore is your last emergency break available to recover and get back to where you were before the attack.”

 

With that, Jesper goes back to the old adage of never settling. “If our technical components are not of proper quality, we are very poorly positioned. If your restore is not operating at 100%, your backup is not worth much.”

Mærsk Opened Our Eyes

Companies should be operating with the mindset that an attack is inevitable. “This was truly solidified when the Danish shipping corporation Mærsk was attacked in 2017. After this, the trend continued to rise, especially after Demant was attacked in 2019. Since then, nobody has looked back,” Per explains. ”The notion was along the lines of: We knew about the concept of ransomware, but we just make hearing aids. Most everyone has this approach. Today, we know that no industry, sector, or trade is spared. It is clear that the cyber criminals do not care because to them, data is money.”

Through the years, we, at Danoffice IT, have witnessed extensive and brutal attacks and now, we are extremely aware of what it looks like when an intruder gets behind the walls and gives himself rights to our systems. One well-known scenario is that they steal an IT employee’s rights and thus get access to production and the business.

According to Per, this requires a change in several plans: “Even though an awareness of potential dangers is solidifying, we are often stuck in outdated approaches. However, we must approach data from a cyber-crime perspective. This results in the need for a dialogue about whether the systems are good. Are they good enough for performance? Are they good enough when it comes to security?”

 

Data is Money

"Today, we know that no industry, sector, or trade is spared. It is clear that the cyber criminals do not care because to them; data is money.”

The Era of the CISO

”The business has taken the lead in managing security and we are seeing that top-level management is taking responsibility,” Per confirms. “Today, there is an expectation of everything being accessible, always, and those expectations are always put on the IT department to accomplish, even if the business itself has set that course. We are still seeing many examples of IT and business not being aligned.”

According to Per, a missing link in this equation is perhaps the CISO. “The fact that ransomware is dangerous is common knowledge at this point, however, the CISO brings awareness all the way to the board of directors’ level. The CISO is continuously assessing the threat level and based on that, the business along with the IT department will determine what is needed to withstand the threat. Cyber-crime has now moved into the halls of the board of directors 100%.”

This is an observation Jesper agrees with as he points out that balance is the key to success. “Security setups consist of three mutually dependent parameters: culture, administration/process and technology. The pendulum constantly swings in the security arena. These days, the pendulum has taken a big swing towards management and administration. Because we often times lack simultaneous capacity, we all tend to allow NIS2, management, and governance to steal the focus. Therefore, the most basic of things are often the ones in need of attention when we come in to review things. There must be a balance in that focus. It is also the foundation of our security efforts in Danoffice IT. We must have a healthy security culture.”

You Are Responsible – Even in the Cloud

”A few years ago, everyone would say: calm down, we are not the Danish National Bank thus making a reference to the attack on the bank. However, today, we are all the Danish National Bank and the awareness has shifted. The requirements we used to see from the large corporations, we now also see from the small corporations. The discipline is at the same level, but the investment level is different.”

So, when is good enough actually good enough when it comes to security? “We used to be met with the standard response of what will it cost us? Today, we still view the SLA requirement from a best-efforts approach, however, that is rarely good enough. Because of that, we are now seeing the businesses spearheading the race in securing their applications the best way possible because if they do not, they are not able to make any money,” Per says.  

“These days, you need to verify on a regular basis whether your backup is meeting all requirements,” Per says and continues: “In the past, we knew where the data was located. When we use an aaS solution, we do not know exactly where our data is located and many mistakenly believe that the aaS provider is responsible for your data. However, that is incorrect in that the data remains your responsibility.

This is why Commvault’s platform is the way it is: We manage security regardless of where your data is located, whether on premises, in the cloud, or a hybrid thereof. Regardless of which new application a company is imposing on your corporation, you do not need to switch systems. We can manage all applications on our platform,” Per explains.

A Copy of Everything

”If your admin is compromised by stolen credentials, you are positioned very poorly if you do not have a system to detect just that.
Your backup affects ALL of your data and therefore, we always have a copy of it in the Commvault platform and we can constantly see if anything out of the ordinary is occurring.”
- Per Larsen, Senior Sales Engineer, Commvault

The Evil Admin Remains Evil

According to Per Larsen, the nature of the hackers’ attacks continues to change over time from being primarily destructive to more sophisticated. These days, the target is the backup. ”Over the course of the years, Commvault has therefore moved from being pure data protection to also having a keen focus on backup. However, things are also connected: Protection is also about paying attention to anybody sneaking their way in behind the wall in order to damage your backup later on. This is what we refer to as the evil admin,” Per explains.

“If your admin is compromised by stolen credentials, you are positioned very poorly if you do not have a system to detect just that.” Therefore, the evil admin is a trend you should be mindful of more than ever before. “There is a particular risk perspective to this trend. Your backup affects ALL of your data and therefore, we always have a copy of everything in our system and we can constantly see if anything out of the ordinary is happening. We can see even the smallest movement behind the walls.”

”The preparedness plan has been given a comeback and this is where Danoffice IT can serve as a key source of advice. This is because we can draw from our experience rather than creating the same mold over and over again. Clearly, there is no time for that when an attack is occurring. Proactiveness is the key because you cannot upgrade your homeowner’s insurance policy once your house has already caught fire,” - Per Larsen, Commvault.

AI Creates a Brand-New Perspective

Security is an ever-changing area, Jesper A. Frederiksen confirms. “Remember, the work on security is cyclical. Every time we think we have perfected a process; we need to start preparations for the next one coming down the line. We may see a super AI attack in a brand-new way,” we are told.   

”Many security firms have been working with AI for years and have spent a substantial amount of development power on creating AIs for defense purposes. However, that technology is now also available to the attackers. The power that used to be reserved for the large corporations is now being used by even the small criminal players. That creates a brand-new perspective for us all. Our ”time” as protectors, the goalies for the customer’s security, has been shortened significantly. This is all the more reason to have everything in order, even the basic technology,” Jesper A. Frederiksen, Head of Security at Danoffice IT concludes.

 

CONTACT Us

Commvault & Danoffice IT

In 2023, Danoffice IT became the first and only Commvault Elite Partner in Denmark. That gives us access to the advantages reserved for Elite Partners which we will of course be sharing with our customers. Commvault and their backup and recovery solutions have been recognized and recommended by significant players such as Gartner, Microsoft, and HPE.

Visit Commvault.com
Stories

Related Topics

How can we help you?