In today’s digital landscape, cybersecurity threats loom large, with Malaysia ranking as the eighth most breached country in Q3 2023, underscoring the urgent need for strong data protection measures.
Given the current circumstances, businesses, especially those in sectors such as finance and healthcare, are experiencing increased scrutiny and regulatory requirements aimed at safeguarding the integrity and security of their data.
In a recent interview, a Network Attached Storage (NAS) appliance company, Synology, Sales Account Manager, Jason Sin (pic), shared insights into addressing these pressing challenges and opportunities in managing and safeguarding data.
Synology’s assessment of current ransomware threats revolves around its core values of security, simplicity, and scalability. Recognising the evolving landscape of cybersecurity challenges, particularly concerning ransomware, the company’s places paramount importance on ensuring its products adhere to the highest standards of data protection.
This involves integrating robust security features and regularly updating systems to counter emerging threats, thereby providing users with a secure environment for their data.
Moreover, the company prioritises simplicity in its approach, understanding that user-friendly interfaces and straightforward configurations are crucial for businesses and individuals alike.
By simplifying the complexities of cybersecurity, the company aims to make it accessible to a broader audience without compromising on advanced functionality.
Additionally, scalability is inherent in the company’s solutions, enabling users to adapt and grow with evolving needs. Whether for small businesses or large enterprises, Synology’s NAS solutions offer a scalable architecture that accommodates expanding data requirements while maintaining a seamless and user-friendly experience.
Cybersecurity Threats in Malaysia and Solutions
The company recognises Malaysia’s high risk level for cybersecurity threats, with the government sector witnessing the highest number of data breaches. “Government and public sectors often use public cloud services along with traditional file servers for data management. However, scattered data and a lack of backup methods can heighten security risks.” Jason said.
To counter these threats, businesses can adopt proactive measures such as private or hybrid cloud data solutions, ensuring data privacy, control, and backup methods.
“This involves implementing measures such as on-premise private cloud storage solutions, providing privacy and control, and incorporating value-added applications like security methods into their current cloud services.
This includes SaaS backups and second-layer storage backups like snapshots and file encryption, which are imperative. These proactive steps are vital for upholding the security and trust of the public in an era where safeguarding sensitive information is paramount.” he added.
Empowering Businesses with Innovative Solutions
Jason said that the company envisions addressing evolving data management challenges by providing user-friendly and innovative solutions.
“Synology is committed to addressing these challenges and capitalising on these opportunities by providing innovative solutions that prioritize data scalability, security, privacy, and compliance.
Through our comprehensive approach, we aim to empower businesses to safeguard their data effectively while harnessing its full potential for growth and innovation.” he added.
Protecting Data Integrity and Compliance with Immutable Snapshot and WORM
As the company prioritise compliance across all mainstream industries, they firmly believe that every business deserves robust data security and privacy measures. “Synology’s Immutable Snapshot and WORM (Write-Once-Read-Many) Storage technology are instrumental in ensuring data integrity and compliance, particularly in highly regulated industries.” Jason said.
“Immutable data storage serves as a cornerstone of our compliance strategy, particularly in sectors where data sensitivity is paramount.
This includes finance and healthcare, where regulatory mandates demand heightened security and privacy standards. By ensuring that data remains unalterable, we provide an added layer of protection that aligns seamlessly with regulatory requirements.” he added.
The Immutable Snapshot technology offered by the company allows users to capture snapshots of their data at designated time intervals. These snapshots are rendered immutable, preventing any modifications or deletions once generated.
In case of data tampering or corruption, users have the capability to revert to a prior immutable snapshot, thereby restoring their data to a verified and trusted state. This feature ensures data integrity by furnishing a secure, unchangeable copy of vital information, crucial for meeting regulatory compliance standards.
Meanwhile the WORM is used to ensure data immutability, meeting regulatory mandates effectively while enhancing security and privacy measures. “As for our WORM (Write-Once-Read-Many) technology, we prevents data from being altered or deleted once it has been written to storage.” Jason said.
Initially, a WORM protected folder is established, where all data written to this folder becomes immutable. This immutability ensures that the stored data cannot be modified, overwritten, or deleted.
Such a feature guarantees the integrity and authenticity of the stored data, making it well-suited for compliance with regulatory standards that require data preservation in its original state.
“…our commitment extends beyond mere technological solutions.” he added, as he emphasised that the company offers comprehensive training and education initiatives to empower their users and partners with the necessary knowledge and skills to navigate regulatory landscapes effectively.
Through these efforts, the company strives to ensure that businesses in all sectors can achieve and maintain compliance with industry regulations, safeguarding their data with confidence.
Supporting Financial Institutions with Cryptographic Controls
Financial institutions, in particular, require strong cryptographic controls to protect sensitive data and information.
“While cryptographic controls are not within our primary expertise, Synology has a proven track record of supporting financial institutions globally through our comprehensive data protection solutions.
In various countries worldwide, including notable banks, Synology has demonstrated its ability to support financial institutions.” Jason said.
In several countries globally, including renowned banks, Synology has showcased its capability to support financial institutions. One notable example is IdeaBank, which relied on the company’s Active Backup Suite to protect the data of more than 2500 users.
This encompassed various Microsoft M365 accounts, including Drive, Mail, SharePoint Sites, Contracts, and Calendar. Such instances demonstrate the versatility and efficacy of the company’s solutions in addressing the intricate data protection requirements of financial institutions worldwide.
Synology’s Data Protection Best Practices
The company recommends several best practices for protecting one’s data, including principles like the “principle of least privilege” and the 3-2-1 backup strategy.
Firstly, the company emphasises the importance of secure access authentication and adhering to the Principle of Least Privilege (PoLP) for managing system permissions.
By limiting access rights for users to only what’s necessary for their roles, the potential impact of a breach can be significantly reduced. The company provides tools such as two-factor authentication (2FA) and security guidelines to facilitate the implementation of PoLP, ensuring secure and efficient access management.
Secondly, the company advocates for the adoption of a comprehensive 3-2-1 backup strategy, which involves having three copies of data, stored on two different types of media, with one copy stored offsite.
This strategy can be achieved using just one Synology NAS. For instance, a company can back up its server and endpoint devices to the company NAS using Synology Active Backup, then utilise Hyper Backup to back up the files inside the company NAS to the cloud and another physical drive.
This approach ensures multiple copies of important data stored in different locations, providing protection against a wide range of threats and enabling straightforward and reliable data restoration.
Furthermore, the company emphasised the importance of confident and seamless data restoration. In the event of data loss or a cyberattack, having secure backups that can be effortlessly restored minimises downtime and potential operational impacts.
Synology’s Vision for Malaysia
The company is committed to evolving and expanding its offerings in Malaysia to meet the ever-changing needs of businesses in the region.
While maintaining a strong focus on data protection, the company aims to enhance productivity and video surveillance capabilities, creating a comprehensive data management ecosystem that serves as a one-stop solution for businesses.
Looking ahead, the company plans to further expand its solutions in the Malaysian market by actively researching and introducing cutting-edge data management technologies.
These initiatives include the development of features such as scale-out capabilities, dedicated data protection mechanisms, and high-performance products, all set to be rolled out in the coming year.
By remaining at the forefront of innovation and addressing the evolving demands of businesses, the company is dedicated to providing tailored solutions that empower Malaysian businesses to thrive in the dynamic digital landscape.
