How MSSPs Use Disaster Recovery to Help Endpoint Security

MSSPs need disaster recovery and data backup in case endpoint security fails.

May 6, 2019

7 Min Read
Endpoint Security
Shutterstock

By Derek Handova

With today’s complex cyberthreats consistently landing on every organization endpoint, it’s important to have a secure disaster recovery and data backup plan, which brings together fast, flexible backup and disaster recovery of not only endpoints but also applications, databases, files, and mobile devices. The key to MSSPs successfully executing endpoint disaster recovery and data backup for their customers relies their on ability to reproduce data in two or more sites.

Michener-John_Casaba-Security.jpg

Casaba Security’s John Michener

“For disaster resilience, an organization needs data and processing capability in two or more locations, so data needs to be replicated across two or more sites,” said John Michener, chief scientist of Casaba Security, a cybersecurity firm. “To keep data secure, encrypt it so unauthorized users cannot access it. This can be done at several logical levels, as the communications channel may be hardware encrypted with endpoint encryptors. More often, we establish a software encrypted connection such as a TLS 1.2 link, or FTPS/SFTP file transfers and just transfer the data over the internet.”

Encrypt Internet Connections to Endpoints

When planning for disasters, MSSPs and their customers must consider their endpoint infrastructure will become compromised eventually and enter a nonoperational or untrusted state, security experts say. And while they should troubleshoot network issues to return to a ready state, contingency planning must be done that involves having offsite backups not directly tied to existing IT infrastructure to aid in faster, more confident recovery. But how MSSPs use disaster recovery to help endpoint security over encrypted internet connections like SD-WANs remains a gray area. But some security experts have an idea.

Ryan-Weeks-Datto-2018.jpg

Datto’s Ryan Weeks

“To do this, you need to send data to a secondary location or to a backup service provider, often with cloud infrastructure,” said Ryan Weeks, chief information security officer at Datto, the provider of security and backup services. “When transferring data, ensure the backup is encrypted and the transfer mechanism leverages a trusted path. By taking these precautions, [you] ensure the data gets to where it needs to be to aid recovery and that it has not been tampered with.”

The most popular backup rule, 3-2-1 strategy, states that there should be three copies of data on two different data mediums, and one should be offsite.

“Sending data offsite via an encrypted connection to the cloud makes backup procedures compliant to that 3-2-1 strategy,” said Doug Hazelman, VP of technical marketing for CloudBerry Lab, a cross-platform cloud backup solution. “Why does it matter? If a local disaster – a flood or a fire occurs – there are chances that only offsite cloud backup will survive.”

And an encrypted internet connection should be required for any offsite transmission that carries company information, in the opinion of some MSSPs. Because there’s no situation where company data should ever be put at risk.

“This scenario is especially important when talking about disaster recovery and backup of endpoints to prevent the data from landing in the wrong hands,” said Mike Baker, founder and managing partner at Mosaic451, a managed cybersecurity service provider. “The expectation of recovered data being true to what was backed up cannot be guaranteed when transmissions go over an unencrypted connection.”

Back Up Endpoints Onsite?

In the old days of endpoint backup before cloud infrastructure from AWS, Azure, Google or Oracle-protected software, IT departments were already aware of …

… how business-impacting it could be when endpoints crash and concomitant data loss. But even today too many IT departments rely on USBs and laptops for how MSSPs can use disaster recovery to help endpoint security. Something has to change.

“You need to have local endpoint backups make data available at the time of disaster recovery, when it is needed the most,” said Tom Thomas, professor, School of Professional Advancement, Tulane University. “Recovery and getting the employee and executive system up and functional again is huge. The local endpoint restoration process makes the time this takes much faster than if you have to restore from the cloud.”

So creating a system that allows for accessible onsite data backup of endpoints is key. This approach allows for rapid recovery of backup data and is most applicable for large corporate sites with many users.

Halford-David_Fusion-Risk-Management.jpg

Fusion Risk Management’s David Halford

“Large organizations should apply the same security rules they would to any data backups,” said David Halford, vice president of business continuity and disaster recovery solutions at Fusion Risk Management. “Taking this step alone plays an important part in the success of having a disaster recovery and data backup plan for the organization’s endpoints in case of cyberattack.”

Back Up Endpoints Online?

Disaster recovery of corporate data is among the most critical tasks for IT. And one of the biggest challenges to recovering endpoint data is the speed at which recovery can take place whether the data is on a laptop, tablet, or desktop endpoint.

“Compounding the endpoint backup challenge is the fact that much of the data resides in multiple locations due to heavy use of cloud services and SaaS applications such as Office 365,” said Scott Walker, CMO, Unitas Global, a managed cloud services provider. “Leveraging a cloud storage solution along with software that orchestrates regular backups and speedy recovery is a best practice for many IT departments.”

Above all, this whole process needs to be automated, according to online backup experts, because if you are counting on end users to back up data, it’s almost guaranteed not to happen.

“By making the encryption secure over the internet, you’re enabling the backup of all your data,” said Todd Matters, chief architect and cofounder of RackWare, an automated hybrid cloud management platform. “Proactive measures like this, paired with a secure cloud data center, will ensure that your endpoints have the best chance of withstanding malicious activity.”

Pros, Cons of Cloud Disaster Recovery and Endpoint Backup

Perhaps the preference for onsite backup by some endpoint experts for how MSSPs can use disaster recovery to help endpoint security could be that the “true” cloud hasn’t arrived yet; for example, data is still stored somewhere in a physical location, in a data center.

“Data centers allow consolidated security measures to protect the physical location to the maximum,” said Sebastian Straub, senior AWS solutions architect, N2WS, a cloud-native backup and disaster recovery provider for AWS. “However, data is only as safe as the storage facility is redundant. Storing your valuable data in a multitude of cloud providers is smart but adds complexity. To stay competitive, cloud storage providers …

… do not provide an easy-to-use bridge between different clouds.”

In truth, the availability of different cloud models – public, private, hybrid – makes deployment and design of recovery plans flexible; for example, having recovery infrastructure in a secure cloud data center – preferably the same data center where the backup data is stored – ensures that recovery infrastructure is positioned for secure faster time to recover, according to backup experts.

“When you’re performing recovery, you are vulnerable, at risk of a second data loss event or attack that may shut down your business — speed and security are your allies,” said Alex Quilter, senior director, product management, backup, SolarWinds, provider of IT services software. “Moving large amounts of data to the cloud, whether public or private, is expensive in terms of time and cost. The tradeoff of availability and flexibility is around the transport of the data. These tradeoffs impact time to recover.”

The same goes for your disaster recovery deployment model.

“While we see the popularity of disaster recovery in the cloud increasing over time, it is not for everyone,” said Teodora Siman, research analyst, Info-Tech Research Group. The value proposition of this solution is realized when you can take advantage of the on-demand nature of cloud computing.”

But in the end, endpoints are vital to any disaster recovery and data backup plan.

“Endpoints should be a part of any disaster recovery strategy,” said Matt Tyrer, technology evangelist at Commvault, the data backup and recovery provider. “Often, they are overlooked when looking at plans from a corporate level, but are increasingly becoming the location where critical data is not only accessed but also created and stored.”

Read more about:

MSPs
Free Newsletters for the Channel
Register for Your Free Newsletter Now

You May Also Like