Aslam Tajbhai
As cloud computing becomes a focal point in security discussions, on-premises security and backup strategies are often overlooked, exposing businesses to significant risks. This is especially true in South Africa, where data protection is becoming an increasingly important priority.
Many local organisations are in the process of migrating to the cloud, but this transition can take longer than expected. During this time, on-premises infrastructure remains vulnerable without proper maintenance and security.
As such, businesses should implement a hybrid security strategy that safeguards both cloud and on-premises environments without compromising either. As enterprises transition to the cloud, they should follow a structured approach, which includes:
- Data Classification: Identifying and categorising data to determine security needs.
- System Assessment: Reviewing existing infrastructure to understand which systems will migrate to the cloud and which will remain on-premises.
- On-Premises Security Continuity: Ensuring firewalls, antivirus software, and other security tools remain active throughout the migration.
- System Updates: Regularly updating all systems to maintain security integrity.
- Authentication and Access Control: Enforcing strong passwords, multi-factor authentication (MFA), and role-based access control to restrict user permissions.
Factors disrupting cloud access
Additionally, organisations must be aware that, in South Africa, relying solely on cloud backups for on-premises data can pose significant risks, particularly due to load shedding, which can disrupt cloud access and lead to failed backups. If a backup fails, recovery times may be delayed, potentially impacting business continuity.
A more effective approach is a hybrid backup strategy, using both an on-premises copy for fast backups and a cloud-based copy for long-term retention, which enhances data security and compliance. This approach minimises downtime and boosts operational resilience.
Considering that cybercriminals are becoming more sophisticated and systematically targeting disk libraries and backup infrastructures before attacking production environments, immutable storage plays a crucial role in strengthening on-premises backup systems.
Cybercriminals can force businesses to pay ransoms by encrypting or deleting backup data, leaving them without recovery options. To mitigate this risk, companies should implement immutable backups on-premises to protect against data alterations or deletions.
Having a resilient backup infrastructure strengthens a company’s ability to withstand ransomware attacks without being coerced into paying ransom demands. This proactive approach secures business continuity and protects critical data assets.
Essential role of system checks and security audits
Regular system checks and security audits are essential for identifying vulnerabilities, such as outdated software and security gaps. For businesses, these audits help categorise and protect sensitive data effectively.
In South Africa, data exfiltration has become a growing concern, with stolen information being sold on illicit markets. Organisations that proactively map out where their critical data resides significantly reduce the risk of unauthorised access or leaks.
Additionally, security audits ensure that only authorised personnel can access key systems, preventing unnecessary exposure of critical infrastructure. By consistently reviewing access controls and enforcing role-based permissions, businesses strengthen their defences against cyber threats while maintaining operational integrity.
Neglecting backup systems
Businesses often invest in enhancing production infrastructure while neglecting their backup systems, which often rely on outdated servers and storage that is no longer maintained. This creates significant security risks, as cybercriminals increasingly target backup infrastructures, first encrypting or deleting data before attacking production systems.
To counter these risks, companies should modernise their backup strategy, shifting away from traditional, outdated three-tier architectures. A purpose-built, hyper-converged backup infrastructure offers a more secure, scalable and resilient solution.
Businesses must also fully understand their IT environment, whether operating on-premises, in the cloud or in a hybrid setup. Effective data classification is crucial; regardless of where data resides, it should be categorised based on importance to ensure proper security measures are applied.
Ultimately, critical systems, whether on-premises or in the cloud, require consistent, multi-layered security. Investing in a data management platform that supports hybrid workloads from a single pane of glass enables centralised protection, ensuring data security across all environments.
By Aslam Tajbhai, Head of Solutions at Data Management Professionals South Africa