Whether accidentally deleted or stolen, it is never pleasant when important files or data are lost. But how would one avoid it?
One of the best ways to prevent data loss is to use a backup service. You can either choose from local or online backup software. Each method has its merits, and it might be hard to pick one over the other. Luckily, more and more companies are offering both options.
But who else than the experts themselves can enlighten us more about how to guarantee your cybersecurity and ensure recovery in case of a disaster? To find out more, we reached out to Thomas Johnson, CISO of Deft – managed cloud & data center services provider.
You recently rebranded to become Deft. Tell me a bit about how you landed on the name.
When we combined the teams at ServerCentral and Turning Group, we weren’t totally sure how to bring it together without giving up the name recognition and reputation both brands had established. The interim answer was a year when we went by ServerCentral Turing Group. While representing who we were, this also confused people! Combined, we were a very different company and we realized a different brand was necessary to reflect who we are, where we are and where we’re going!
That’s how we arrived at Deft. Deft is how we want people to describe working with us, from the solutions we build to the ways we engage our clients, partners, and fellow team members. We focus on removing the friction and anxiety technology can bring organizations. When we take this cryptic, complex thing and make it do what our clients and partners need, quickly and deftly, there’s a real joy in that.
What are the main challenges you help navigate?
In addition to legal and insurance matters, I lead Deft’s Information Security Program. It’s a fantastic group of individuals tackling a truly diverse set of customer requirements. We work with highly regulated companies in health care, finance, and insurance, internet powerhouses that consume tons of data, and media companies that host user-generated content.
Staying on top of all their compliance and security initiatives – and all the threats that might apply – keeps the job interesting and challenging.
What does the disaster recovery process usually look like? Is there “back to normal?”
Disaster recovery should follow a cyclical process: design → implementation → testing → training → review.
Often, the implementation gets the most focus, followed by design. Unfortunately, it’s common for testing, training, and review to not get much attention. Spending time in that design phase, however, then testing and communicating your plan, that’s how you identify the business requirements and learn if everything can be restored back to normal in case of a disaster event.
How did the recent global events affect your field of work?
The pandemic has been a scramble for everyone. Let’s not sugarcoat this. Everyone learned on the fly, and we’re all still learning, what it means when your entire workforce – and that of your clients and partners – is no longer centrally located. Many organizations spent a lot of time implementing DR, being ready for the inevitable issues that come with widely distributed work environments.
However, very few engaged in a full DR failover test to see whether the strategies and technology could actually support business requirements. These tabletop and fractional tests simply don’t uncover the same issues a full functional test does. Let’s look at a simple example, the lack of concurrent licensing for VPNs. Unfortunately, many businesses addressed the immediate problem by opening up access to applications without planning a long-term solution. Consequently, vulnerabilities increased.
Why do you think certain companies are reluctant to update their cybersecurity?
Time. Most cybersecurity leaders love what they do and want to try creative solutions. The reality is they are spending their days on staffing challenges and supply chain issues. There’s not enough time to digest some of this new technology.
As more companies move their workloads to the cloud, what are they missing?
- Historical data backup
- Diverse cloud connectivity
The cloud offers amazing resiliency, but going back to a point in time can be difficult, if not impossible, without the appropriate recovery planning, systems, and tools. As I mentioned before, the planning required to be fully effective in your resilience operations is critical.
Having diverse paths into the cloud is also vital — especially from your main office. As we start to see some business units migrate back to the office, this is an important aspect of creating resilient connectivity to your cloud assets.
What IT and cybersecurity solutions should new business owners focus on?
It continues to be the end-user – the human – that is the weakest link when it comes to protecting corporate assets. Training is the No. 1 concern. After that, it’s anything that enables a business to bounce back as quickly as possible from a cyber event – or a disaster event.
People, processes, technologies, and anything that can help you recover data that’s been deleted, modified, held hostage, or knocked offline deserves serious attention.
How is the cloud landscape going to evolve?
Workloads will continue to shift to the cloud. What will change is that we’ll stop leaving the endpoint and many elements of computing outside of the cloud. In the coming years, more and more companies will work to secure the endpoint and adopt VDI and cloud-based workspaces.
This will ultimately be present in the cloud and at the edge, increasing the number of pieces of the puzzle that must be architected, deployed, managed, scaled, and most important, secured.
Tell us, what’s next for Deft?
There are compelling reasons to shift to the cloud, but there will always be companies that require on-prem, data center storage, computing, and infrastructure. Hybrid and multi-cloud environments are already prevalent. This isn’t going to change anytime soon. And, for some workflows, on-prem just makes more sense. Hybrid cloud will increasingly become the right choice for many businesses, and we’ll be there to help our partners develop secure solutions, deftly.