Offline Backup in an Online World
Government Backup Recommendations for Businesses:
As we are working with local businesses to enhance their cyber security, we’re excited to share some insights with you. We conduct between 12 and 24 audits annually, a practice we’ve upheld for over two decades. Both IT System Audits and Cyber Security audits, which include things like penetration testing and simulated phishing attacks.
What this has been great for, other than helping our customers understand their system or support problems and risks they might face, such as Cyber Security or the Backup System not being capable of what they expected, is that we get a very honest and transparent view of how other IT Support companies perform their IT Support or Managed services. Some of these scenarios are complete outsourcing, and some are higher-level support that sits next to the in-house, employed IT manager or team.
Some of the most common issues we see are:
- Many businesses do not know that the latest government recommendations are available to them, and it actually makes sense. The National Cyber Security Centre (Government Security Department) is actually great at giving advice regarding the latest threats.
- Backup and disaster recovery are in place, or so the business owner or manager responsible for IT (often in a finance or Ops role) thinks. However, often, this system doesn’t really cover all the circumstances that the business would expect. It was set up by IT but never reviewed or agreed upon by the management team. It’s actually a wider business decision.
- Structured maintenance is not being performed and reported back to the management team. Every manager responsible for IT should know 100% that critical things are being checked and reported on. Firewalls, Backup, System Patching, User Onboarding/Offboarding, etc.
- There are no regular monthly or quarterly service review meetings to review IT support, cyber security status, and our customer management team objectives and goals (so we understand how to best support you).
- Every business should have a security framework or plan in place. Often, the internal IT team or IT support business doesn’t have experience in cyber security. That is why most security-conscious organisations use a security partner. We’re not saying everyone needs ISO 27001, but there needs to be some kind of structure and best practice. As an example, Breathe uses a Cyber Security Risk Assessment that we compiled with the help of the NCSC and a Security Framework based on SANS Institute best practices.
- Many businesses have never had their IT audited.
DOWNLOAD YOUR FREE COPY of the latest government backup recommendations are in our booklet, “Offline Backup in an Online World,” featuring insights from our MD.
It’s an invaluable resource to ensure your backup system is robust and prepared for potential cyber breaches. It’s free of charge and could be immensely beneficial!
➡️ If you need help, feel free to reach out to us at any time!