The fire at Europe’s largest data center OVH in Strasbourg on March 10, 2021 showed us all that the cloud also has its limits in terms of availability.
Natural disasters, fires or human error can never be completely prevented, but it is possible to take appropriate measures in good time to prevent a complete loss of data such as that suffered by some customers of the French cloud provider OVH. First, a brief review due to current events.
Our aim is to inform our customers and suggest solutions on how they can approach the issue of data security in general and in particular when outsourcing to a cloud provider.
We recommend that every company take a close look at this issue, because the consequences can be painful and an investment saved at one end in the area of information security can be expensive at the other. It is therefore worth taking a closer look at a few points in good time.
How can you answer the question of an effectively implemented risk management system for yourself? How can you answer the question of an effectively implemented risk management system for yourself? Do you know which information and IT systems could cause the greatest damage to the company in the event of a loss of confidentiality, integrity or availability? How much damage can the company cope with?
If you do not yet have any or only insufficient answers to these questions, we strongly recommend that you address these issues as part of a Business Impact Analysis (BIA). This creates the basis for a backup and restore strategy that is tailored to your company’s needs and allows you to take care of the design of the technical and organizational measures in the next step.
Regardless of this, it is ALWAYS advisable to have a data backup in a different location than just on a cloud server. A different location also means that the data is not located in the room/house next door, but that there is a geographical separation between the servers used. This should at least apply to the company’s most critical data.
With the CRISAM® risk management software, the relevant questions on risk assessments are already stored in the system. The advantage is that with CRISAM® you have an integrated risk management system that combines various disciplines and methods and allows you to check against the state of the art. This makes it easier for users to control the process and, above all, to evaluate and consolidate risks.
Do you need advice or have questions on this topic? We are here for you!
Sources:
Over the past 15 years, Markus Müller has successfully set up risk and compliance management projects internationally and in practically all industries. Starting out as a consultant and now managing director of one of the leading software manufacturers (CALPANA business consulting GmbH) for integrated risk management solutions (CRISAM®), Markus Müller knows every problem that an organization can face when introducing an ISMS.
