Business Continuity for the New Normal in IT Environments

使用远程劳动力,端点将生成大量数据,并且更多的IP将离开您的场所。知识产权(IP),财务数据和人员数据是要保护的重要数据集。你做什么工作?Clearly, it’s an open-ended question, but I want to lean in on this topic in the context of implementing security and protecting your data for continued operations in the midst of a crisis with nearly 100% remote workforce as we adjust to a rapidly evolving new normal for managing IT environments.

也许你的IT组织就像Quantum的那样,你有一个头部开始并准备好天气来天气,因为你以前建立了一个经营战略,使您的员工作为正常业务运营的一部分远程工作。如果你没有头部开始,它可以理解,你现在处于反应模式。尽管如此,没有人为这么危机做好准备,准备是关键。要部署远程劳动力,这是具有成本效益,安全,可靠和有弹性的,需要时间来开发和推出基础架构内的硬件或软件要求。以下是我们自己量子的一些主要见解。

Enterprise Applications in the Cloud

在Quantum,每个员工都发出便携式计算机 - 基于Windows的笔记本电脑或MacBook,具体取决于用户的需求。我们还聘请了Microsoft 365等SaaS解决方案。这为我们提供了像Microsoft团队和在线交换机的合作工具,也可以在线或安装在笔记本电脑上。此外,我们的其他企业应用程序是基于SaaS的,这意味着它们可从互联网上的任何位置访问。Example: CRM (SalesForce.com)。Leveraging the public cloud in this scenario is a good cost-effective solution that enables a remote workforce effective and efficiently.

Protection – Encryption

你肯定听说过说:“安全第一。”在迪gital era the profile of this statement has never been more important than today. It begins with a secured foundation at the server level (normally at the core). If your foundation is weak the rest of your endpoints will probably resemble the same weak structure. Do not take the shortcut, when possible leverage solutions such as:

Data encryption at rest and in transit. In transit, web data should always be sent via https. Also look at the various encryption models: Client-side, Server-side with service-managed keys, Server-side with Customer-managed keys. Also consider using a Key Vault to securely store keys.

客户端加密

客户端加密is performed outside of Azure. It includes:

  • 由在客户数据中心或服务应用程序中运行的应用程序加密的数据。
  • Data that is already encrypted when it is received by Azure.

通过客户端加密,云服务提供商无法访问加密密钥,无法解密此数据。您保持对键的完整控制。

Server-Side Encryption

The three server-side encryption models offer different key management characteristics, which you can choose according to your requirements:

  • 服务管理密钥:提供低开销的控制和方便的组合。
  • 客户管理密钥: Gives you control over the keys, including Bring Your Own Keys (BYOK) support, or allows you to generate new ones.
  • 服务管理密钥in customer-controlled hardware:使您可以在Microsoft控件之外管理专有存储库中的密钥。此特性称为主机您自己的密钥(Hyok)。但是,配置很复杂,大多数Azure服务不支持此模型。

Cybersecurity

IDC research shows that 93% of organizations have been attacked within the past three years(来源:https://dl.acronis.com/u/rc/WP_IDC_Acronis_Cyber_Protection_EN-US_200403.pdf).It is time to tighten up the integration of data protection, disaster recovery, and data security operations within the cybersecurity strategy and think about backups as part of your cybersecurity approach. Threats from ransomware and other malware are prevalent and there are plenty more threats engineered with AI capabilities to infiltrate your datacenter. Whatever cyber-security software or backup method you choose, (Flash, SSDs, HDD, Tape) or environment (physical, virtual, multi-cloud) or, the goal is to integrate what used to be silos and build a resilient IT operation.

Availability & Resiliency

由于企业的全球范围内,系统和应用程序需要准备好并提供24/7。备份应用程序需要在多个平台上进行高效且可预测。任何威胁,如自然,人为或网络是对IT环境的破坏性;弹性系统是快速有效地恢复以承受无法预见的事件,并确保数据在任何时刻可用的数据。beplay苹果怎么下载采用备份方法,通过在备份,云或混合方法备份,使复制到DR站点或云提供商。我们目前的全球局势重置了许多优先事项,所有这些主题现在都是最重要的。

VDI

As the threat to businesses continues, a large majority of organizations have turned to VDI to rapidly deploy virtual desktop infrastructures and release a mobile workforce that can be as productive as if they were in the office. Virtual desktop infrastructure (VDI) is defined as the hosting of desktop environments on a central server. In other words, it’s like having a structured office available on-demand allowing you the ability to access virtual data and applications and you are really just shifting the compute cost from the endpoint to the data center (if on premises) or the cloud. To us, this is a very cost-effective solution that helps keep the data centralized and off endpoints which are more susceptible to data loss. One of the cool things about VDI, is break/fix becomes a lot easier because you can quickly “spin up” a new desktop for a user if their current desktop becomes corrupt. Also makes things like patch management and OS updates easier as it is all centrally managed i.e. lower administrative overhead.

Flexibility

方程的一个重要部分是灵活性。Whatever strategy you chose that meets your organization’s business goals or in this case, an effective and secured remote workforce for business continuity (BC), your solution should be flexible to adjust as needed to meet the demands of current and future national or global events that can affect your datacenter. This current global crisis is a good example of how quickly organization learned if the were ahead of behind the curve. Technology by itself cannot meet the need alone, it needs a strategy built upon it to mitigate risks associated with ‘crisis’ type events and or simple business continuity.

数据保护

在常规上备份数据从未如此重要。和勒索制造器获取更复杂的是,我们需要调整和构建IT环境,以期望(并且耐受)攻击 - 据我们所知,有一些菌株,没有可用的解密工具,因此您必须具有恢复数据的替代方法来恢复替代方法。让我们记得犯罪分子不再使用大规模运动,而是用于远程访问 - 远程桌面协议是最常用的入口向量。

In our new normal, we hope our insight provides some guidance to building, securing and protecting your data, your remote workforce, your network and helps you build solid business continuity plans… no matter what disaster comes your way. Check out our QonQ business continuity webinar这里

发表评论

This site uses Akismet to reduce spam.了解如何处理评论数据