FBI Issues Warning for a Trojan Virus Targeting Healthcare Suppliers
Niall McGauranThe FBI released a Private Industry Notification warning that Kwampirs malware is being used in supply chain cyberattacks on the healthcare industry.
To protect from data loss, most administrators and business owners are aware of the importance of backups, but an often-forgotten step in data security is archiving files, especially emails. Email communication contains information that could be used in future litigation, compliance audits, and investigations into a data breach. Archiving this email data is a critical part in cybersecurity, data privacy, and compliance.
An archive of email is similar to a backup. It’s a copy of files stored on a separate server (usually a cloud storage device). There are some distinct differences, however, between an email archive and backups. Backups are necessary for disaster recovery, and these files are usually stored as images that can be restored as quickly as possible should an email server fail.
Backups are necessary for disaster recovery, but archives are necessary for audits, legal purposes such as litigation, and investigations after a data breach. The way archives are stored is also different from backups. Archives include metadata that tags files with specific information used to index and organize them. By indexing and organization archives, an auditor, security analyst, or investigative officer can perform searches on archived data to find email communication related to the review.
The metadata includes dates and times, department, sender and recipient, and any other tags defined during the archive process. The organization administrators are responsible for archiving data define tags, but usually, there is a specific process so that tags and metadata are consistent across every archive.
Archives are distinct from backups because they do not leave a copy on the original storage location within the email system. The email data is moved rather than simply copied to another location in a backup. This process adds the benefit of freeing up storage space on the email system so that administrators can streamline the email server and keep only recent messages stored in user inboxes. Usually, the archives are moved to a cloud storage location since it’s more affordable and cost efficient than creating infrastructure to support large backups and archives.
Administrators often skip archive solutions because they are unaware of the importance these files play in cybersecurity. Even if backups are a priority, administrators are unaware that archives are also necessary for disaster recovery, incident response, audits, and investigations into a data breach. Backup software is specifically for creating a backup plan and ensuring that the backup files are secure from a compromise.
Archives are also created using software. It’s not uncommon for organizations to receive thousands of email messages a day. For large enterprise organizations, it’s not uncommon to send and receive millions of messages. Some messages have attachments, and these attachments must also be archived. The right archiving solution will create the archives, give administrators the tools to tag files and set up metadata and move the data to a secure location.
Watch Webinar: How to Ensure Business Continuity with Email Archiving for your Remote Workforce
Just like backups, archives must also be secure from unauthorized access. The solution used to create archives must offer security, including the ability to encrypt data files. Archiving solutions should also have the capabilities to protect files from malware and other malicious applications. The storage location should be monitored for any suspicious traffic and access requests from both external unauthenticated users and internal users. Internal threats from unauthorized users are also a concern and should be detected using cybersecurity tools.
Because administrators are not normally cybersecurity experts, they are unaware of the importance of archives and the solutions to create and secure them. They are also unaware of the compliance issues surrounding archives and security. For some compliance regulations, archives are mandatory, mainly to have a searchable audit trail for investigations after a data breach and discovery during litigations.
To ensure that the organization complies with regulations, an expert third party can help review infrastructure and backup solutions to identify any compliance issues. Since archives are regulated, the organization must create and store archive files in the right way to avoid penalties. Even if archives are created frequently, if the files aren’t stored using secure methods, a data breach exploiting a non-compliance vulnerability could lead to hefty fines, litigation, and future audits.
Bringing awareness to administrators is the first step in moving toward compliant security solutions that create email archives. These solutions must offer secure storage, a way to tag files with indexable metadata, and the ability to search files based on specific query keywords and phrases.
ArcTitan Email archiving solution is Office 365 integrated and automated with lightning-fast email search speeds, easy to set-up and cost friendly deployments.
The FBI released a Private Industry Notification warning that Kwampirs malware is being used in supply chain cyberattacks on the healthcare industry.
Email services such as Office 365 are vulnerable to large volumes of credential stuffing attacks. These are highly scaled attacks designed to find the weakest link quickly and easily.
PST files cause problems and unnecessary overheads for administrators. Discover why administrators should archive data.
Sign-up for email updates...