Share this
World Backup Day: Mitigate Human Error
by Sean Curiel on Mar 31, 2023 6:04:14 AM
On any day of the week we can open the news and see a headline about the latest hack, ransomware attack or data breach. This fuels the perception that threats to your data are primarily external. The truth, while less headline-worthy, is actually that human error is the overwhelming cause of data loss. Scenarios might include anything from an accidental file deletion or drive format, overwriting files, bad backups, or negligence such as failure to install the latest security patches.
82% of data breaches involved a human element (human error, misuse, phishing, stolen credentials, etc) according to Verizon’s 2022 Data Breach Incident Report.
The major part that human error plays in data loss makes proactive measures for prevention and mitigation absolutely crucial to avoiding downtime. On this World Backup Day, we look at some of the most common ways that human-error cause data loss, and a few measures you can take today.
Accidental Deletion
Nobody is perfect, and mistakes happen. However damage can be reduced by putting access control policies in place. First it must be determined which users or groups require access to which data in order to complete their daily tasks. Next, specific permissions can be assigned for each user to these data sets.
Misconfiguration
Another vulnerability created by human hands is the misconfiguration of systems and software which created an opening for unauthorized access. System Administrators can do a lot to standardize software configurations, such as developing a set of standard operating procedures (SOPs) that all organizational members must follow. All changed to configurations must be approved by the System Administrator in advance. There’s also a wide range of configuration management tools which automate routine configuration tasks..
Password Management
Strong, complex passwords as a habit can help, but multi-factor authentication (MFA) offers additional security to prevent access – even if a password is leaked to an outside threat. Tools such as password managers can help admins to monitor password usage and enforce a policy of regular password updates for all devices..
Phishing
Modern phishing techniques are growing in success largely due to social engineering tactics that take advantage of human error. Attacks are often focused and target specific individuals. They may trick employees into thinking it’s the boss asking them for information, or otherwise play on emotions and fears. Employee education and training may have the most direct impact on the success of phishing, as team members are better able to recognize threats and respond accordingly - in a way that notifies others of the danger.
(Microsoft Article - How to protect against phishing attacks)
Failed Backup
Networks are often in a state of perpetual change, with new applications, data, and devices being added regularly. If backup policies and scheduled are not regularly updated to account for changes, a failed backup resulting from lack of storage space or other configuration problems becomes more likely. Lack of regular backup-restore testing can also raise the risk that critical data is not readily accessible following a downtime event. Utilizing solutions, such as NovaBACKUP, with a comprehensive central management console, that also generates reports and alerts to keep sysadmins in-the-know, can be invaluable for a quick response to potential vulnerabilities.
Outside security threats are a real and growing problem in our current business landscape, whether you are an individual or a large organization. But they are often enabled or made worse by human error. We cannot completely eliminate human error, but clear communication about policies and procedures can minimize it and encourage the right kind of security-focused culture. We’re also lucky to have so many excellent technologies and tools at our disposal that can pinpoint vulnerabilities and offer us an early warning to quickly resolve such mistakes. The data-protection experts here at NovaBACKUP are available to offer suggestions on the best way to implement secure backups, restorable when the seconds count.
We encourage you to download our complimentary 10-point proactive security checklist to make sure can prevent cyber security threats from accessing data.
Security Checklist:
CyberSecurity Threat Prevention (.PDF)
Share this
- Pre-Sales Questions (112)
- Tips and Tricks (95)
- Industry News (59)
- Reseller / MSP (37)
- Best Practices (30)
- Security Threats / Ransomware (30)
- Applications (26)
- Cloud Backup (25)
- Disaster Recovery (25)
- Compliance / HIPAA (24)
- Backup Videos (23)
- Storage Technology (23)
- Virtual Environments (17)
- Technology Updates / Releases (9)
- Infographics (8)
- Backup preparation (4)
- Products (US) (2)
- Company (US) (1)
- Events (1)
- Events (US) (1)
- September 2024 (2)
- August 2024 (1)
- July 2024 (2)
- June 2024 (2)
- May 2024 (1)
- April 2024 (1)
- March 2024 (2)
- February 2024 (2)
- January 2024 (1)
- December 2023 (1)
- November 2023 (1)
- October 2023 (1)
- September 2023 (1)
- August 2023 (1)
- July 2023 (1)
- May 2023 (1)
- March 2023 (3)
- February 2023 (2)
- January 2023 (3)
- December 2022 (1)
- November 2022 (2)
- October 2022 (2)
- September 2022 (2)
- August 2022 (2)
- July 2022 (1)
- June 2022 (1)
- April 2022 (1)
- March 2022 (2)
- February 2022 (1)
- January 2022 (1)
- December 2021 (1)
- November 2021 (1)
- September 2021 (1)
- August 2021 (1)
- July 2021 (1)
- June 2021 (1)
- May 2021 (2)
- April 2021 (1)
- March 2021 (2)
- February 2021 (1)
- January 2021 (1)
- December 2020 (1)
- November 2020 (1)
- October 2020 (2)
- September 2020 (4)
- August 2020 (2)
- July 2020 (1)
- June 2020 (1)
- May 2020 (1)
- April 2020 (1)
- March 2020 (3)
- February 2020 (2)
- January 2020 (2)
- December 2019 (1)
- November 2019 (1)
- October 2019 (1)
- August 2019 (1)
- July 2019 (1)
- June 2019 (1)
- April 2019 (1)
- February 2019 (1)
- January 2019 (1)
- December 2018 (1)
- November 2018 (2)
- August 2018 (3)
- July 2018 (4)
- June 2018 (2)
- April 2018 (2)
- March 2018 (2)
- February 2018 (2)
- January 2018 (3)
- December 2017 (1)
- September 2017 (1)
- May 2017 (2)
- April 2017 (5)
- March 2017 (4)
- February 2017 (1)
- January 2017 (1)
- December 2016 (1)
- November 2016 (1)
- October 2016 (2)
- September 2016 (1)
- August 2016 (3)
- July 2016 (2)
- June 2016 (3)
- May 2016 (7)
- April 2016 (8)
- March 2016 (1)
- February 2016 (3)
- January 2016 (12)
- December 2015 (7)
- November 2015 (5)
- October 2015 (6)
- September 2015 (2)
- August 2015 (4)
- July 2015 (2)
- June 2015 (2)
- May 2015 (1)
- April 2015 (5)
- March 2015 (3)
- February 2015 (4)
- January 2015 (2)
- October 2014 (5)
- September 2014 (8)
- August 2014 (5)
- July 2014 (8)
- June 2014 (4)
- May 2014 (3)
- April 2014 (9)
- March 2014 (7)
- February 2014 (7)
- January 2014 (5)
- December 2013 (4)
- October 2013 (7)
- September 2013 (2)