We recommend that every company take a close look at this issue, because the consequences can be painful and an investment in information security saved at one end can be expensive at the other. It is therefore worth taking a closer look at some points in good time.
How can you answer the question of an effectively implemented risk management system for yourself? Do you have one established in the company? Is it known which information and IT systems could cause the greatest damage to the company in the event of a loss of confidentiality, integrity or availability? How much damage can the company take?
If you do not yet have any or only insufficient answers to these questions, we strongly recommend that you work on these issues as part of a Business Impact Analysis (BIA). This creates the basis for a backup and restore strategy tailored to your company’s needs and allows you to take care of the design of the technical and organizational measures in the next step.
Regardless, it is recommended to ALWAYS have a data backup in a different location than just on a cloud server. A different location also means that the data is not located in the room/house next door, but there is a geographical separation between the servers used. This should apply at least to the company’s most critical data.
With the CRISAM® risk management software, the relevant risk assessment questions are already stored in the system. The advantage is that with CRISAM® you have an integrated risk management system that combines different disciplines and methods and you can check against the state of the art. This makes it easier for users to control the process and, above all, to evaluate and aggregate risks.
Do you need advice or have questions about this topic? We are here for you with pleasure!