The issue of hosting and securing data requires the full attention of the organization’s management. We support managers and executives in understanding the risks, defining the strategy best suited to their context, and securing their activities.
This involves assessing critical resources and activities, drafting dedicated documentation, and implementing regular tests to iteratively evolve the organization’s management.
WEB and cloud hosting
Choosing your web hosting involves defining where and how all the data relating to your website will be stored. This is associated with a domain name, which represents the address to which your users will be able to connect to consult the contents of your site.
If you choose not to host your data on site, you’ll need to turn to an online hosting service (accessible via the Internet) to ensure the permanent availability of your resources.
You can opt for shared hosting (where resources and space are shared between several services, often with the risk of performance loss), dedicated hosting (where you alone control and manage your server space) or VPS hosting (where space is shared between several services, often with the risk of performance loss), VPS hosting (your own space is allocated to you, with a guaranteed level of performance, but without the need for a dedicated server – a sort of hybrid solution), and cloud hosting (so-called “virtual” in the sense that it links several servers together to adapt to your changing needs, combining flexibility and performance).
Your choice of hosting provider should be guided by a number of criteria.
First of all, the type of resources you need (available space, power of allocated servers, amount of memory, bandwidth, technology, number of associated emails, integrated software solutions, etc.). Geographical location is also important, as it will also have a direct impact on data security and the notion of a sovereign cloud; as a reminder, data hosted on American servers, or from American SaaS solutions even when hosted in Europe, are subject to the Cloud Act, which allows American authorities to access this data under judicial grounds. Security and the scalability offered by the hosting provider are therefore crucial, as are the availability and efficiency of customer service. The question of environmental and social impact must now become a discriminating criterion in your choice (energy, type of cooling, water consumption, commitments to biodiversity, offers based on reconditioned equipment, etc.).
BCP/BRP
Behind these acronyms lie 2 important subjects: business continuity planning and disaster recovery planning. The former refers to the measures taken to maintain business activity during a disaster, while the latter is concerned with restoring the IT infrastructure after a disaster. The latter is not exempt from incidents, whether malicious or not, but as soon as the availability, confidentiality or integrity of data is compromised, it is necessary to have backups and a set of measures to adapt to the problem, so as not to jeopardize the organization’s activity.
External backup
Several philosophies co-exist as to the best way to back up data reliably. A complete copy is not always the best solution, especially as not all data is sensitive for the company. Outsourced backup in the cloud is an undeniable asset in protecting against computer attacks, and provides a particularly flexible storage medium for all your company’s important data, but it is no substitute for a genuine backup strategy. Whenever possible, after identifying critical resources, we strive to apply the 3-2-1 method: 3 copies of data, 2 different types of storage, 1 off-site copy.
Immutable backup
Immutable data backup, also known as immutable backup or tamper-proof backup, is a form of backup that ensures that the backed-up data cannot be altered, deleted, or removed by unauthorized users or malicious software. Data immutability is crucial for ensuring the security and integrity of critical information, especially in environments where regulatory compliance is a major concern, such as healthcare, finance, and compliance sectors.
Here are some key characteristics of an immutable backup:
- Protection Against Accidental or Malicious Deletion: Immutable backups cannot be deleted by unauthorized users or processes. This ensures that critical information remains intact in case of incidents.
- Long-Term Retention: Immutable backup data is typically retained for an extended period, which is essential to meet long-term data retention requirements.
- Inability to Modify: Once a copy of data is saved in an immutable backup, it cannot be altered. This ensures the integrity of the backed-up data.
- Traceability: Immutable backup systems often come with traceability features, meaning you can track who accessed the backed-up data and when.
- Ransomware Protection: Immutable backups can help protect data against ransomware attacks because these malicious programs cannot alter or encrypt immutable backup data.
To implement an immutable backup, organizations often use technologies such as Write Once, Read Many (WORM) archiving and specific data management solutions that ensure the immutability of backup copies. This helps strengthen the resilience of critical data and ensures its availability when needed.