Weekly Tech Tidbit – Remote Risks and Compliance Part I – Cloud Backup

June 8th, 2019
Weekly Tech Tidbit – Remote Risks and Compliance Part I – Cloud Backup

Now that we have shifted to predominantly remote workers and remote teaching and learning, we have a number of new challenges as well as increased threats.

Challenge #1 - Remote File Access.   The solution is moving files from traditional home directories and traditional common drives to cloud-based shared folders and home directories.  This can be done successfully with Google Drive or Microsoft OneDrive apps.

Challenge #2 - Secure and Reliable Communications. With all our users dispersed, communications are even more important.   That means relying even more on email, video invitations, and instant communications. Also, sometimes authorized staff must work with personally identifiable information (PII).  Instead of sitting behind a closed door in an office behind your district's firewall, now that person may be sitting at their kitchen table.

These two issues open district's up to additional potential risks and compliance issues.

In the next few Tech Tidbits, I am going to address some of these issues.

The first thing that comes to mind is backup.   Since the beginning of our physical networks, we have relied upon robust backup strategies that have been, on-site, remote (such as at a BOCES or RIC), or cloud backups.   Some districts have done all of the above for extra protection and one or more air gaps.   This has provided long-term and for the most part stable and granular file and server recovery options.

However, moving into either Microsoft's or Google's Cloud framework backup strategy is a huge step down in terms of a robust backup strategy with a long-term retention and recovery strategy.

Google allows Google Apps GMail and Drive data recovery for 25 days.   The support link describing what is possible can be found here.

Microsoft Office 365 offers data recovery for 30 days.  The support link describing what is possible can be found here.

There are also granular recovery limitations as well.

This is a far cry from the in some cases years of backup data and granular restore functions in your traditional backup environment.

Also, your shared file systems of Microsoft OneDrive or Google Drive may be even more exposed to ransomware and other destructive attacks as they are accessed outside of the district and probably on many personal devices that are outside of the district's management.

You can cut down on some unauthorized access by aggressively requiring multi-factor authentication to get to these cloud resources.   However, that can only help so much.

The solution is to implement a robust cloud backup strategy with granular restore capability - just like you have always had.   That way you continue to be in control of your data.

If you'd like to discuss what either multi-factor authentication or cloud backup looks like for your district, give us a call.

Next time I will continue the discussion shifting to improved email protection.