Cybersecurity Breaches: A driver of data loss and subsequently a refined approach to data recovery
As cyber data breaches made headlines throughout the year, Kroll Ontrack performed several large data recovery projects that were the result of hackers. With a heightened focus on data security practices, the number of corporations requiring on premise support to ensure data didn’t leave their organisation’s doubled from 2013 to 2014. Conversely, 2014 also saw hundreds of highly regulated healthcare, government and educational institutions needing Ontrack® Remote Data Recovery™ (RDR®) software, a proprietary service that maximises data security because the data recovery can also be performed without a hard disk or other storage device leaving an enterprise’s data centre for high-end server or cloud recoveries.
“From viruses such as CryptoLocker to mass cybersecurity attacks, security protocols were a high-profile concern for corporations in 2014,” said Paul Le Messurier, programme and operations manager at Kroll Ontrack. “When malicious intent ensues, it is critical to get an expert involved that understands the complexity and urgency of rapidly responding to the incident, while giving you a deep understanding of where your data is and where it’s going.”
Encryption and Erasure: Validating the effectiveness of corporate practices
Since security was such a hot topic in 2014, storage and software companies as well as VARs and OEMs turned to Kroll Ontrack for its expertise in recovering data to ensure no one can get unauthorised access to data on their storage media. Specifically, organisations took the initiative to affirm their encryption and/or data erasure protocols to meet stringent regulations and provide peace of mind to their customers. For both encryption and end-of-life drives, this process entailed analysing the media and performing a series of tests to certify that data cannot be recovered if a storage device was to be retired, repurposed or if it fell into an adversary’s hand.
“In today’s security conscious and highly regulated world, it is more important than ever for entities to ensure data security methods and protocols put in place are functioning as designed and are verified that they work properly to protect information,” said Robin England, senior research and development engineer, Kroll Ontrack.
OEM Partnerships: Collaboration with data recovery providers for business continuity
Data storage device manufacturers made business continuity a high priority in 2014. Kroll Ontrack joined forces with several major hardware and software OEMs to collaborate to better ensure faster recovery times and greater recovery rates from drives if and when they become corrupt or fail. For example, Kroll Ontrack teamed up with an SSD market leader SanDisk to create a 75 per cent reduction in the amount of time needed to pinpoint the most common drive failures, speeding data recovery.
“New drives and innovative data storage technologies are being developed all the time,” added Le Messurier. “These new technologies mean new proprietary data recovery tools and processes need to be developed to address the latest drive architectures. By collaborating with OEMs, we can more easily determine how to perform successful data recoveries, which improves results when the customer is in need of immediate assistance.”
Software Defined Storage: Discovering data recovery is possible
Kroll Ontrack saw an increase in software defined storage failures in 2014. Implemented for their “fail-proof” qualities, Kroll Ontrack was often contacted after the storage manufacturers told the corporations in trouble that recovery wasn’t possible if a current backup did not exist. To the contrary, Kroll Ontrack addressed these recovery scenarios by researching and re-building the software defined storage maps and therefore restoring data to the point in time when the failure occurred.
“The takeaway here is to always maintain current backups and/or snapshots and test them,” said Le Messurier. “Further, corporations should consider partnering with a reputable data recovery company before a critical data loss event occurs. Doing so will dramatically speed ramp-up time and thus recovery turnaround.”
Phone, Tablet, Flash and SSD: Recovery requests dramatically increasing
From 2013 to 2014, Kroll Ontrack saw marked increases in recovery requests for mobile phones, tablets, flash and SSD devices. Specifically, recovery requests rose by 42 per cent for phones, 69 per cent for tablets, 13 per cent for flash and 48 per cent for SSDs.
“While small, newer mobile storage devices are more powerful and contain data of great importance to both consumers and corporations,” added England. “It is therefore incredibly important that data recovery companies like Kroll Ontrack invest in research and development to keep up with the latest technology to be able to address recoveries from these devices. In 2014, Ontrack Data Recovery engineers developed the unique ability to repair the operating system and then access the data for all Apple mobile devices, including the iPhone 5S and iPad Air, which are hardware encrypted. This newly developed method changed the mobile recovery game, making recovery far more successful for Apple customers.”