Ensuring Sensitive Data Availability in The Event Of A Breach
The concept of Business Continuity & Disaster Recovery (BCDR) is nothing new to IT teams and technology professionals. It is a strategy that enables businesses to continue working in the event of a technology disaster.
A technology disaster can mean a hardware failure, internet outage, or a Cyber Breach. In this blog we will give you our top tips to ensuring your day hospital’s sensitive data is available after a breach.
Tip 1: Ensure you have cloud backups that are detached from your IT network
We recommend Cloud Backups or Offsite Backups to be exact. Those are backups that occur automatically and are stored outside your organization. The benefit of external cloud backups are huge.
Firstly, your data is stored outside your hospital which means that in the event your IT systems fail, then you still have a copy of your data. Secondly, and more importantly, in the event of a cyber breach which most likely will encrypt your backups, you will still have a copy of your data.
Our recommended cloud backup solutions are the Datto suite of products and for a more complicated environment, we design bespoke offsite DR solutions.
Those solutions will mirror your entire IT setup to a data centre where you can restore all of your data without hours not days.
Tip 2: Ensure Your Backups Actually Work
It sounds simple however, a lot of data backups do not work and the business usually only finds this out when they need it the most.
We recommend to our clients that they test their backups at least once every 6 months and furthermore, we monitor the backups and randomly restore them for our clients.
Please speak to your IT provider and request that they restore your data for you to confirm that your backups work (even if it’s billable).
Tip 3: Ensure You Can Restore Your Backup On The Cloud
By this stage, you would have a cloud backup that has been tested by your IT team, and furthermore, you have confirmation that the backups work. The next step is for your IT team and your operational team to mimic a disaster and, restore your entire IT environment on the cloud (not just the clinical data).
This step is almost like a fire drill in a corporate office. Step 2 was ensuring the alarm works and this step is where we all line up and exit the office safely and in a timely manner.
Step 3 can take time, it requires planning and may cost some money, however, this is the difference between having your systems up in an hour Vs weeks. This is when your business can go back on it’s feet post a breach and not be closed for weeks to restore your hardware, reconfigure the networks , training your staff on the new setup etc..
Our recommendation for Australian day hospitals is to focus on implementing successful Cyber Security & Disaster Recovery strategies. Both must be implemented correctly and reviewed at least annually.
Feel free to reach out to by Clicking Here if you would like a review of your Cyber Security & Disaster Recovery solution. We look forward to speaking to you.