Data Loss Tolerance

Penny Garbus, President of Soaring Eagle Consulting

Author of:  Mining New Gold

May 2021 will probably be known for a couple of news stories but one that affected our daily lives was the shut down of the Colonial Pipeline and how it frightened people so badly that they felt they needed to collect gas in plastic bags, plastic tubs, and milk jugs.  How strange that we are still conditioned to panic. Hopefully, we will be able to calm our minds. This a prime example of how all companies need to worry about their data and their IT environment infrastructure and to prepare for an attack. The battlefields are now in our business environments. Attacking our infrastructure frightening our people which affects our economy and social well-being. Companies have a moral obligation to protect their data and environments. I never would have thought the loss of one gas pipeline would affect us so much.

I do not pretend to know all the IT requirements for a gas company let alone one that runs, manages, and maintains runs a pipeline. I do know is that if there is an IT system, data that needs to be protected, access to assets limited. YOU NEED TO LOOK AT THE DATA LAYER!  An inward to outward look is what you need to do. Start with your physical asset access and mine through the IT department. Who can get in, what type of access, then look at the data, what can be encrypted, at rest and in transit? Look at limiting access and limiting the end points. While you are doing this have another team review your maintenance plan, DR plans, and ask all your managers; HOW MUCH DATA CAN YOU AFFORD TO LOSE? WHAT HAPPENS IF YOU CAN’T REACH SPECIFIC SYSTEMS AND APPLICATIONS? Then from there build a DR plan. Please keep in mind High Availability is a part of your DR plan but not the complete answer. As best as you can, create an air gapped, ready to roll up secondary system for your most essential IT systems. This means that the backups need to be air gapped as well and you need to run DBCC checks on them prior to rolling them up to the secondary system. If you do not want to pay for all the extra hardware considering storing the application code, database schemas, IT protocols in files etc, in Azure or AWS or GOOGLE Cloud. Please do not forget to store all your HOW TO and WHO IS responsible documentation as well.

Do not give the hackers the opportunity to crush your business by destroying your IT infrastructure. According to the news the Colonial Pipeline paid 5 million dollars to the hackers. How much would having a standby IT infrastructure cost in comparison, to the data that will forever be lost (you usually don’t get all of your data back), the lost revenue and reputation hit?