Data Backup vs Data Archiving: 5 Major Differences To Know

Data backup vs data archiving; two terms that are often used interchangeably but have very different purposes.

Data is a business’s most valuable asset. Hence, it’s vital that data protection practices are in place to protect it.

However, many IT professionals wrongly assume that data backup and data archiving are the same since they both make and store a copy of production data.

But that is the only thing they have in common.

In this article, we highlight the differences between data backup and data archiving to understand their distinct functions better.

Data Backup vs Data Archiving: 5 Key Differences

1. Data Backup vs Data Archiving Definitions

A data backup is when a business copies its data from a primary location (for example, the office) to a secondary, remote location. This protects the data in case of an unforeseeable disaster, accident or malicious action.

On the other hand, businesses use data archiving to store data that is not changed frequently or required regularly but still needs to be kept for future reference.

A business’s operations will not be affected if these files are removed from its servers. However, if employees need the data, they can always retrieve them with file stubbing.

2. Data Retention

The duration a file is stored in a data backup is much shorter compared to one stored in an archive.

Depending on how important the data is, it may be updated daily or even multiple times a day. Therefore, the data is only stored for a short period of time.

On the other hand, businesses use data archiving to store large amounts of data for many years. For this reason, the ability to store data over longer periods is very important.

Read More: Cybercrime — The Effects of Cybercrime & How to Protect Yourself Against It

3. Disaster Recovery

Data backup and disaster recovery are closely related to one another. IT professionals generally carry out data backups to protect the business’s information.

They will then conduct a separate process to transfer the data to an offsite location as part of their disaster recovery solution.

However, it can be difficult and costly for a business to implement a disaster recovery solution to its data archiving system.

This is because businesses will have to buy expensive archive systems for both the disaster recovery site and the production environment.

4. Accessing Data

Data backups are suitable for fast, large-scale recoveries. The data is written to deduplication appliances or tape libraries for quicker access to large volumes of information

Companies may use backup applications to protect their application softwares, OS files and individual data objects—though it’s suitable for larger-scale recoveries.

Data archiving, however, stores a business’s individual data objects, including email messages, files, databases and more. It provides fast access to stored data, so it’s easy to find, for example, an email from five years ago.

Unlike backup systems, data archives do not provide volume level or full server recoveries. They contain only a subset of a business’s data.

5. Financial Value

A common factor most IT departments in businesses are worried about is their budget.

Tiering and storing files in a data archiving system is more cost effective than using a data backup system. That is why most companies prefer to use a data archive as their primary method of storing data.

While a data backup system is costlier, it helps businesses recover quickly if their corrupted, stolen or lost data.

That is why it’s worth choosing a cloud data backup service. However, it is important you do your research, and don’t just choose the first service you come across.

Read More: The Importance of Endpoint Backup

Build a Reliable Backup and Recovery Strategy with Aegis

While data backup and data archiving have completely different purposes, they are vital for a business to operate efficiently.

Business owners must protect their confidential data from accidental loss or malicious attacks and are available and retrievable when needed.

Aegis is a prominent cloud service provider in Malaysia. With over a decade of backup and disaster recovery experience, we offer businesses data backup and restoration solutions at an affordable price.

Our cost-effective managed cloud disaster recovery solution, Disaster Recovery-As-A-Service (DRaaS), provides complimentary unlimited disaster recovery resources.

To ease the burden on IT backup administrators, we have the expertise to plan and execute complimentary unlimited disaster recovery drills to lower the business’s risk of being unable to recover from a disaster.


Phishing Attack Malaysia: Why Are They Still Successful?

A phishing attack is a serious threat to all organisations around the world. When effective cybersecurity practices and solutions are not enforced, organisations run the risk of becoming another cybercrime victim.

Therefore, businesses must take a proactive approach to cybersecurity. IT security leaders need to know how to identify and solve abnormalities in the business’s systems to prevent any damage.

In this article, we look at why organisations still fall victim to phishing attacks and the steps to fight them.

But First, What Is Phishing?

Phishing is a type of cyberattack that everyone should learn about in order to protect themselves and ensure email security.

A type of social engineering attack, cybercriminals use phishing to steal confidential information such as credit card details, bank information and passwords.

Hackers generally pretend to be reputable companies, friends, or acquaintances in a fake message or email. They trick a user into opening a malicious link, which then instals malware into their system.

Moreover, once a hacker enters a business’s system, they can access their online accounts and personal data, compromising connected systems, such as point-of-sale terminals.

Sometimes, they also hijack entire computer networks until a ransom fee is delivered.

Read More: Human Error: The biggest threat to your business

5 Reasons Why Phishing Attacks are So Successful

5 Reasons Why Phishing Attacks are So Successful

1. Lack of Awareness

The main reason why phishing attacks are so successful is the lack of employee training on cybersecurity issues such as phishing and malware.

Businesses should train their employees to be cautious of any suspicious emails and messages they receive and know the steps to take if they accidentally open a malicious link.

2. Cybercriminals Are Well-Funded

The massive success that cybercriminals have had in recent years means they have an abundance of funds to invest in scams.

Therefore, they can invest in technical resources to make their scams run more efficiently. For example, they can increase the number of scams they send and enhance the authenticity of their fake messages or the complexity of their campaigns.

It also enables cybercriminals to branch out into new sectors, such as the healthcare industry.

3. Malware Is Becoming More Sophisticated

The old (but effective) technique of luring users into clicking malicious links will soon be overshadowed by much more cunning and hard-to-avoid tactics.

Phishing attacks, CEO fraud, ransomware and more are simply going to get worse without appropriate solutions and processes to defend against them.

4. Low-Cost Phishing Tools Are Easily Available

The availability of phishing tools and the rise of ransomware-as-a-service (RaaS) has allowed amateurs with little IT knowledge to enter the market and compete with sophisticated criminal organisations.

5. Businesses Are Not Doing Their Due Diligence

Staff awareness training isn’t the only step organisations can take to protect themselves from phishing scams.

Most companies are not doing enough to reduce the risks associated with phishing and ransomware. Here are two examples:

  • Insufficient Backup Processes
    • In the event of a phishing attack, many organisations do not have a proper backup process. This prevents them from quickly restoring their data on their servers, user workstations and other endpoint devices.
  • Lack Of User Testing
    • Many businesses do not have proper procedures in place to test their users, leaving them unable to specify which employees are the most susceptible to a phishing attack.

However, by conducting a simulated phishing attack, businesses can determine whether their employees are vulnerable to phishing emails. This enables them to take immediate action to improve their cybersecurity strategy.

Read More: What’s Your Contingency Plan when Endpoint Devices are lost?

7 Tips To Help Prevent A Phishing Attack

  • Monitor your online accounts regularly
  • Keep your browser updated
  • Do not open email links from unknown sources
  • Be wary of pop-up windows
  • Never give out personal information over email
  • Be mindful of social and emotional lures
  • Stay updated on the latest phishing attacks

Protect Your Data Against Phishing

While phishing attacks are difficult to tackle, you can minimise your risk of falling victim to scammers by consulting a cybersecurity expert.

Aegis is a trusted cloud service provider in Malaysia with comprehensive data backup solutions. Our 1Price-Any-Technologies (1PAT) service empowers businesses to own a robust cloud backup and disaster recovery solution at an affordable price.

We also provide a Security Operations Centre (SOC) as part of our disaster recovery solutions.

Be it data disaster recovery or SOC, Aegis provides fully managed data protection services to our customers. Our goal is to help enterprises determine their areas of weakness and reduce data breach risks with our industry-standard services.


Cloudjacking in Malaysia: Another Reason to Back Up Your Data

Unless you’re constantly keeping up with the latest cybersecurity news, cloudjacking may not be a term you are familiar with. A new entry point for ransomware attacks, they make data backup an even more critical component of any cybersecurity plan.

Cloud computing has been transforming businesses in the modern world, with more and more companies relying on this technology. Many elements have led to the rise of cloud solutions, such as:

  • The need to access data from anywhere
  • Improvement of business continuity
  • The rapid adoption of mobile devices for work
  • The switch to a hybrid or remote workforce

And although cloud computing is beneficial for businesses, it also faces a unique set of dangers, such as cloudjacking. Discover what cloudjacking is and why you should be worried about it.

What is Cloudjacking?

Transferring your data to the cloud can streamline business operations and make them more agile. However, it has also opened up new opportunities for cybercriminals to access your confidential data.

Cloudjacking (or cloud account hijacking) is when a cybercriminal takes over a business’s cloud account, typically by some form of social engineering.

Businesses are an attractive target to hackers due to their extensive resources. Moreover, with the frenzy of cloud adoption in recent years, companies now have more cloud accounts than they may realise.

As a result, cloudjacking may become a big problem. This is because, as companies do not always keep track of all their accounts, cloudjacking attacks can often go undetected, allowing criminals to access your sensitive data.

Read More: Stop Using Old Data Backup Systems: Protect Your Data

What Can Hackers Do When They Breach a Cloud Account?

There are several things a cybercriminal can do once they log into a business’s cloud account. Some of the dangers associated with cloudjacking include:

  • Adding new users or locking your own users out of the system
  • Infecting your cloud storage and computers with ransomware and malware
  • Changing your business’s cloud security settings
  • Stealing or deleting cloud-stored files
  • Accessing any stored credit card details
  • Sending phishing or spam emails from your email accounts

5 Ways You Can Protect Your Business Against Cloudjacking

5 Ways You Can Protect Your Business Against Cloudjacking

As more data and sensitive information are being transferred to the cloud, the security risk of cloudjacking is something many businesses need to be aware of and protect against.

If you want to safeguard your business against cloudjacking, here are five tips to keep in mind:

1. Limit Employee Access to Sensitive Information

If you want to improve your protection against cyberattacks, limiting access to sensitive information to only a handful of people is best.

By only allowing trusted employees to access your business’s critical data, you’re decreasing the number of high-value targets and providing more security to your storage platform.

This way, if hackers get ahold of non-admin cloud accounts, they won’t be able to steal critical data.

2. Encourage the Use of VPNs

Some of your employees will likely work on the go, connecting to unsecured networks such as public Wi-Fi. However, doing so leaves them open to cyberattacks from cybercriminals with access to the same connection.

They may pose as legitimate websites to inject malware into your employee’s device or obtain critical data, such as passwords or your customers’ personal information.

Therefore, to increase your data security, you must encourage your workers to use a business virtual private network (VPN).

This encrypts their connection, allowing them to protect their information from hackers.

3. Enable Multi-Factor Authentication

One of the essential ways to enhance your cybersecurity is to create strong passwords. However, this does not mean you are completely immune to cyberattacks.

We recommend enabling multi-factor authentication across your business’s cloud accounts. It will help prevent cybercriminals from accessing your information even if they get ahold of your passwords and login details.

4. Contact A Cybersecurity Expert

Employing the help of a cybersecurity expert is one of the best ways to enhance your protection against cybercriminals. They will reconfigure your settings and install other protective software to protect your business’s IT network and infrastructure.

Moreover, these IT security professionals will also help review any possible vulnerabilities and threats in your system and can fix them immediately.

5. Use a Cloud Security Software

Businesses are increasingly using mobile devices as part of their operations. However, they often aren’t monitored and, as a result, can also be taken over by mobile malware.

It’s important to install cloud security software on your mobile devices. This type of software allows you to:

  • Remotely update a device
  • Remotely lock or wipe a device
  • Keep out unauthorised devices
  • Review cloud applications for potential security risks.

Read More: Top 3 Major Causes of Endpoint Data Loss

Maximise Your Cybersecurity

Cloudjacking has become a major problem that companies must address in their cybersecurity strategy.

As a leading cloud disaster recovery service provider in Malaysia, Aegis can help your business in ensuring you have a secure and productive cloud environment.

Aegis Cloud Production Environment (CPE) is a hosting service with complimentary disaster recovery services and daily backup with retention to a secondary location.

Moreover, we can carry out our robust enterprise data recovery services on-site or off-site, depending on your needs and budget.


Cybersecurity in the Healthcare Industry: Is It Important?

The need for cybersecurity in the healthcare industry is higher than ever before. This is because, over the past decade, cyberattacks on healthcare organisations have increased dramatically.

Like many industries, healthcare has seen a rise in digitalisation due to the COVID-19 pandemic. Many medical organisations have switched to digital health monitoring systems to improve workflow efficiency and patient care.

However, as healthcare organisations benefit from adopting cloud and database systems, the increased connectivity and ease of data sharing are also what make the industry vulnerable.

Therefore, in this article, we will discuss why hackers often target medical institutions and how healthcare leaders can enhance cybersecurity in the healthcare industry.

Why Are Healthcare Organisations A Prime Target For Cybercriminals?

1. Valuable Information

Cybercriminals often target healthcare institutions because they possess a large amount of data that is of high monetary and intelligence value to attackers.

Examples of critical and confidential data include:

  • A patient’s financial information (e.g., credit cards, bank account details, etc.)
  • A patient’s health history and information
  • Confidential medical research data

2. Non-Secure Medical Devices

Hospitals have an extensive network of devices connected to servers that store valuable information.

For example, MRI machines are connected to numerous workstations that allow operators to work with MRI pictures. However, these devices can become potential entry points for cybercriminals to enter a hospital’s servers.

3. Healthcare Workers Are Not Familiar With Online Risks

Medical professionals do not have the knowledge to recognise and mitigate online threats. They also work long hours and have tight deadlines – which means they do not have the time to stay up to date with the latest data protection practices.

Read More: The need for endpoint security isn’t going away

4 Ways to Enhance Cybersecurity In The Healthcare Industry

4 Ways to Enhance Cybersecurity In The Healthcare Industry

Cybersecurity issues in the healthcare industry can pose a serious threat to our data and privacy. Below are four effective cybersecurity measures that offer protection against the cyber threats plaguing the healthcare industry.

1. Generate Awareness

Firstly, educating medical staff about cyber risks and how to mitigate them is one of the most effective ways to improve cybersecurity in the healthcare industry.

Some areas of training that can help medical professionals better anticipate and prepare for cybersecurity threats include:

Spotting Phishing Scams
  • Knowing the signs of a phishing attempt, such as typos in email addresses and improper grammar, can help employees better identify and avoid them.
Being Aware Of Suspicious Employee Activity
  • Another effective way to prevent internal threats is to encourage employees to keep an eye out for other workers. If every staff member is vigilant enough, it will be difficult for the threat actors to find an opening for an attack.

2. Ensure All Software Are Up To Date

Moreover, many healthcare companies are unaware of the significance of software updates and how outdated software makes their servers vulnerable to security breaches.

Software updates usually incorporate necessary upgrades that protect a system from security attacks and threats. They include critical patches to security holes, which makes them extremely important for digital safety and cybersecurity.

3. Develop a Backup Storage and Restoration Plan

The best way to minimise the damage caused by a cyberattack is to have a data backup storage and restoration plan in place.

Not only does it help protect a medical institution’s data, but it also helps them restore their lost data and resume their operations as quickly as possible.

4. Adhere to the Health Insurance Portability and Accountability Act (HIPAA)

While not mandatory in Malaysia, the HIPAA can serve as a benchmark for sensitive patient data protection.

It limits what information can be disclosed, how it can be used, and outlines the standards and guidelines that dictate how personal health information is handled.

Read More: Understanding RPO and RTO to Better Strategise Disaster Recovery

Protect Your Data with Aegis

In healthcare, the patient’s health is a top priority. However, cyberattacks pose a huge risk to patient safety and privacy.

Hackers can access, steal or alter a patient’s private data, endangering a patient’s health or life.

Therefore, medical facilities must step up and protect their data from malware, ransomware, human errors and more.

Aegis is a cybersecurity expert that can protect medical institutions from falling victim to cyberattacks. With over a decade of cloud disaster recovery experience, we offer data backup, restoration and replication services at affordable prices.

Aegis Cloud Disaster Recovery (CDR) is an efficient enterprise-grade disaster recovery solution that ensures rapid IT infrastructure and data recovery. We provide proactive monitoring of your systems and are available round the clock if you seek technical assistance.


Managed Hosting: The Best Option For Legacy Applications

Managed hosting providers have grown over the past years as public cloud services have become the default for new businesses and startups.

However, it is not just for new businesses, it can be used for companies with legacy applications as well.

Most times, organisations with old applications that would not work in a cloud environment would:

  • Continue running in-house applications
  • Migrate them to a managed hosting service
  • Redesign the application to operate in the cloud environment

Which option a company chooses depends on its budget and its needs. However, a managed hosting service is a much easier solution compared to the other two options.

It is a flexible option for business owners due to its customisable solutions. These solutions are also adjustable as your volume grows and changes.

Read on to learn more about managed hosting and why it is ideal to migrate your legacy applications to the cloud environment.

What is Managed Hosting?

Managed hosting is a model where a third-party service provider manages their customers’ hardware and application management responsibilities.

The provider will support your business server’s setup, administration, and overall support.

They can also build the server to meet your needs and choose an operating system suitable for your legacy application.

Some of the areas commonly covered include:

  • Operating System (OS) deployment and management
  • Application deployment and management
  • Security monitoring
  • Network infrastructure monitoring
  • Support

Read More: Why Outsourcing Backup Improves Business Success?

The Benefits of Managed Hosting

1. Save Costs And Time

Small businesses often do not have the time or talent to manage their cloud services. Besides that, hiring someone to work on cloud services can be costly.

However, businesses and developers can save both time and money by offloading their cloud administration, management and maintenance to third-party providers.

2. Improve Performance And Reliability

Managed hosting services specialise in understanding the optimal configuration of cloud services, thus enhancing speed and reliability.

This includes assessing which servers, networks, and caching solutions will best serve your application.

3. Enhanced Security And Data Backup

Another important benefit of managed hosting is that you will never have to worry about losing your data. Its services come with enhanced security measures, including firewalls, managing your SSL certificates, and conducting security patching.

Furthermore, managed hosting providers can also perform regular backups for you, so your data is never lost.

4. Multiple Uses

Managed hosting has other uses as well. Examples include hosting web apps, analytics, big data processing, data storage and backups, disaster recovery and development ops.

5. Dedicated IT Support

Lastly, managed hosting providers offer businesses dedicated, 24/7 support. Therefore, if your business experiences downtime, you can relax knowing you have a full-service support team who can solve your issues.

As a result, for companies who want to benefit from the cloud whilst continuing to use legacy applications, managed hosting is the best solution to take.

They can benefit from cloud connectivity, thus allowing them to connect their managed servers to the public cloud or other data centre locations.

Read More: Bullet-Proof Your Disaster Recovery Plan

How to Choose the Right Provider

There are many advantages to hiring a managed hosting provider. However, choosing the right provider can be overwhelming.

Here are five essential factors you should consider:

  • The cost of their services
  • The type of website or application you are building
  • The public clouds that the hosting provider utilises
  • Data sovereignty concerns
  • Support availability

Aegis Cloud Production Environment (CPE)

Dealing with old applications that do not operate in a cloud environment is a common challenge many businesses face today.

If you want to migrate your legacy application to the cloud, you can redesign your app, but it will be expensive and risky.

You can also continue running your app yourself, but you will need to bear the additional costs. Examples include purchasing costly hardware and paying for IT staff and training.

Additionally, managed hosting offers a better alternative for businesses. It is less expensive, highly secure and your IT staff can concentrate on other important matters.

Aegis CPE is a hosting service with hourly virtual machine (VM) replication and daily data backup with retention to a secondary location. Aegis CPE also comes bundled with complimentary backup and disaster recovery service to customers.

At Aegis, our effective and proven solutions protect your critical business data and software. Moreover, with daily backup, we ensure data resiliency and uninterrupted hosting services.


Why File Sharing Tools Are Not A Proper Data Backup Solution

A data backup solution is crucial to protect and maintain a business’s operations. As more companies move their data to the cloud, staying current with rapidly changing technology is more critical than ever.

As more companies move their data to the cloud, staying current with rapidly changing technology is more critical than ever.

However, one of the big mistakes many businesses make is thinking that cloud storage (or file sharing tools) is the same as a cloud backup.

In this article, we will discuss the differences between cloud storage and backup and why file sharing tools are inadequate as a business’s data backup solution.

What is the Difference Between Cloud Storage & Sharing and Data Backup?

1. Cloud Storage & Sharing

File sharing services are a network of connected data servers you can use to share and access your files across multiple devices.

Moreover, as files are updated, so is the version in the cloud. Examples of file sharing services include Dropbox and Google Drive.

2. Cloud Data Backup

A cloud data backup will copy and archive your files onto a remote server. This makes recovering your files and data easier in case of a system failure, cyberattack or natural disaster.

While both terms may seem similar at first glance, they are not. Moreover, businesses should not use file sharing tools as part of their data backup solution.

Read More: Are You Exposed to Workplace Security Risk?

Why Businesses Should Not Use File Sharing Tools As Their Backup Solution

Why Businesses Should Not Use File Sharing Tools As Their Backup Solution

Data protection has always been an important issue for businesses. Many business owners understand that they should move their data to the cloud for safekeeping.

However, far too many think that file sharing tools are enough. Yes, businesses are backing up their data, but they’re actually just storing a copy in a live cloud-sharing service.

A proper data backup means storing your data in an off-site location. It is also much better than simply creating or storing your data on a cloud storage server.

Here are several other reasons why file sharing tools are not a replacement for a proper data backup and recovery solution.

1. Cloud Storage have Retention Policies

Cloud storage services have file retention policies for deleted items. This means you could lose files that you thought would be saved in the ‘trash’ until you physically removed them.

For example, Google Workspace automatically deletes your data once the default retention period expires (30-55 days).

2. Cloud Storage Can Fall Victim to Ransomware & Malware Attacks

Cyberattacks can occur in various ways, such as through insecure and fraudulent websites, software downloads and spam mail.

And while cloud storage services offer protection against ransomware, they are not entirely immune to it.

Moreover, you will be left at a complete loss if your device is infected with ransomware that then spreads to your other cloud storage accounts.

3. Data Can Be Deleted

With cloud backup, you can grant different levels of access to your employees. Therefore, you will reduce the risk of unauthorised persons deleting your business’s data.

However, it’s not the same for file sharing tools. All your employees will have access to the business’s data and can accidentally (or maliciously) delete them, leaving your business at risk.

4. Data Loss Due to Syncing Errors

Another way that you can lose data from a cloud storage account is through syncing errors.

If something goes wrong with your device while syncing your data, your files can potentially be deleted or corrupted.

5. Files Can Be Overwritten

A cloud storage service will keep the latest version of a file available. Any changes made to a file are automatically reflected on a synced device or directly in the cloud programme.

However, this means that you will be unable to obtain the initial copy of your file.

Read More: Understanding RPO and RTO to Better Strategise Disaster Recovery

Stay Protected With Aegis

Businesses need to adopt backup and recovery solutions that keep their files secure. This is because downtime and loss of access to critical data can negatively impact any organisation’s revenue, productivity, and reputation.

At Aegis, our services are designed to help our clients build and maintain business resiliency. Aegis Cloud Endpoint Backup automatically backs up data in all their endpoint devices and protects their business’s operations from downtime and data loss.

With our hassle-free maintenance and management cloud backup and disaster recovery solutions, our clients can rest easy knowing their data is safe.


Ransomware in Malaysia: Looking From A Legal Perspective

The COVID-19 pandemic, lockdowns and the shift to remote working have contributed to a rapid rise in ransomware in Malaysia. Targets range from small unlisted companies to large organisations and government agencies, often with sophisticated cyber defences and policies.

However, with more organisations embracing remote working, they must protect themselves and their people from ransomware attacks — but how?

In this article, we explore the government bodies that supervise cyber security and legislation that deters ransomware in Malaysia.

Government Bodies that Manage Cyber Security in Malaysia

Government Bodies that Manage Cyber Security in Malaysia

There are many government agencies and units that handle matters relating to cyber security and ransomware in Malaysia. Among them are:

1. National Cyber Security Agency (NACSA)

NACSA is the national lead agency for cyber security matters in Malaysia. It secures and strengthens the country’s resilience against cyber-attacks and ransomware.

It also coordinates and consolidates the nation’s cyber security experts and resources. By doing so, they help develop and implement national-level cyber security policies and strategies.

2. Malaysian Common Criteria Evaluation and Certification (MyCC) Scheme

The MyCC Scheme evaluates and certifies the security functionality of ICT products against strict criteria or standards.

It also consists of an Evaluation Facility that carries out security evaluations against agreed standards in an independently accredited environment.

3. Cyber999 Help Centre

MyCERT (Malaysia Computer Emergency Response Team) operates Cyber999, a cyber security incident response centre in Malaysia.

A trained incident handler will work with CyberSecurity Malaysia, law enforcement agencies, and internet service providers to resolve security complaints.

4. CyberSAFE Malaysia

Awareness also plays a crucial role in protecting ourselves from ransomware attacks. CyberSAFE Malaysia is an initiative to increase public awareness and knowledge of cyber safety and ransomware attacks in Malaysia.

It also provides guidelines and resources for Malaysians to ensure their online experience is positive and secure.

Read More: Why is disaster recovery moving to the cloud?

Legislations Relating to Ransomware

The following legislations are in place to prevent cybercrime and ransomware attacks in Malaysia:

1. Computer Crimes Act 1997 (CCA 1997)

As one of the earliest legislations enacted to battle cybercrime in Malaysia, CCA 1997 is a statutory legislation governing offences relating to computer misuse.

Section 5 of CCA 1997 makes infection of IT systems with malware (ransomware, spyware, worms, trojans and viruses) an offence when the act is made knowing that it will cause unauthorised modification to contents in any computer.

2. Communications and Multimedia Act 1998 (CMA 1998)

CMA 1998 regulates the administration and licensing requirements of multimedia operations as well as the utilisation of network services.

Its objectives include:

  • Promoting national policy goals for the communications and multimedia industry
  • Developing a licensing and regulatory framework that supports the national policy objectives for the communications and multimedia industry
  • Establishing the powers and functions of the Malaysian Communications and Multimedia Commission (MCMC)
  • Establishing the procedures for the administration of the CMA 1998
3. Penal Code (PC)

Besides that, the offence of extortion under Section 383 of PC is also a measure to deter cybercrime related to a ransomware attack.

This provision states that when one intentionally puts the victim in fear of any injury to themself or any other and thereby dishonestly induces the victim to deliver any property or valuable security, it amounts to extortion.

Therefore, if anyone is found guilty of extorting money from a victim through a cybercrime, the person may be found guilty under PC.

Read More: Endpoint Backup Saves Businesses

Once a company falls victim to a successful ransomware attack, the technical and legal considerations are significant. However, they can be prevented by following guidelines provided under the various cybersecurity legislations enacted in Malaysia.

Therefore, we recommend that all organisations keep a close eye on legal developments and seek advice from IT security professionals in Malaysia. They have the expertise to evaluate whether your security controls will safeguard your data from ransomware.

Aegis Cloud Endpoint Backup (CEB)

Aegis offers comprehensive cloud endpoint backup services designed around our customers and delivered on the platform that best meets their needs.

Whether you are looking to solve IT issues, develop a strategy, utilise managed services, or secure your IT infrastructure, we are the end-to-end services provider that can help.

Moreover, Aegis CEB is the ideal automatic backup service for your business. It is an automatic backup solution for your endpoint devices, with pro-active monitoring and maintenance to protect your data from human error, malware and theft.


Physical Security: Protecting Your Facilities from Onsite Attacks

Physical security is crucial to any business, no matter how big or small. However, most companies focus their prevention efforts on cybersecurity and hacking, leaving physical threats often forgotten.

In a technologically advanced era with digital technologies, such as cloud service providers, physical security is just as important as online security. For their businesses to be truly secure, business owners must implement the necessary safeguards to protect their physical infrastructure.

Deciding how to protect your business and its assets can be challenging. However, with the right knowledge, business owners can implement effective physical security measures to protect their assets and data better.

What is Physical Security?

Physical security measures help protect a business’s staff, equipment, and data from physical damage. They keep unwanted guests out and restrict access to certain areas within their premises, to prevent serious loss to a business.

Without physical security measures in place, your office or building is left open to physical security threats such as intruders, internal threats, cyberattacks, accidents and natural disasters.

Because of this, you must develop a physical security strategy to protect your equipment, resources, and other assets within a building or office space.

Read More: Backup and Disaster Recovery, how they work hand-in-hand

6 Physical Security Measures All Organisations Should Take

6 Physical Security Measures All Organisations Should Take
1. Secure The Server Room

The server room is the core of your physical network. When someone with ill intentions has physical access to your servers, they can do significant damage to your business.

Ensure your server room has good locks in place and establish rules and procedures for access to the server room. These physical security measures will help keep your data safe.

2. Set Up Surveillance

Video surveillance is an effective method of establishing a more secure perimeter. They give your guards visibility into the areas you need to protect and mitigate criminal activity onsite.

Surveillance cameras can also monitor continuously or use motion detection technology to start recording when they detect movement. They can even send out an e-mail or cell phone notification if they detect motion after hours.

Read More: Endpoint Backup Saves Businesses

3. Protect Portable Devices

Laptops and handheld computers are physical security risks as well. A thief can easily steal an entire computer, including the data stored on it, including network passwords.

Your physical security strategy should include rules for device management. For example, employees should take their laptops when they leave their desks or secure them with a cable lock.

4.   Store Backup Data Offsite

Backing up data is essential for disaster recovery, but outsiders can steal the information stored on backup tapes or discs. Ideally, backups should be kept in a secured, off-site location with end-to-end encryption and ISO-certified data centres.

This is because local backups are vulnerable to online and physical threats. With an off-site backup solution, businesses can quickly restore data from the backup, thus minimising the impact on business productivity.

Moreover, some employees may back up their work on USB keys or external hard disks. If this practice is allowed in your business, enforce policies requiring that the backups be locked up at all times.

5.   Protect Wi-Fi Networks

Public Wi-Fi networks can put your data at risk. They become entry points for cybercriminals to enter business networks to steal private information and sabotage critical files.

That is why it is essential for business owners to establish a password-protected, encrypted guest Wi-Fi network completely isolated from your business’s Wi-Fi network.

Ensure that you also change the default credentials for connected appliances like coffee machines and refrigerators.

6.   Keep An Eye On Employee Workstations

Hackers with access to an unsecured computer connected to your network can delete information important to your business.

Unoccupied desks, empty offices, and devices in locations accessible to outsiders, such as the front receptionist’s desk, are particularly vulnerable.

Disconnect and remove computers that are not being used or lock the doors of empty offices.

Additionally, you should also, equip computers that must remain in open areas with biometric readers. This physical security measure makes it more difficult for unauthorised persons to log on to your business’s computers.

Read More: Are You Exposed to Workplace Security Risk?

How Can Aegis Help?

Physical security is a critical business practice to prevent unauthorised individuals from tampering with your business and causing harm to your intellectual property and staff members.

Business owners today must consider physical security as a primary pillar of cybersecurity. If you do not take measures to protect your physical infrastructures – or work with an IT professional that can do so for you – then your business is not secure.

Aegis is a leading cloud service provider in Malaysia, dedicated to providing our clients with affordable data backup, and disaster recovery services.

Businesses can drive efficiency and manageability, with our Cloud Endpoint Backup (CEB) service. It automatically backups endpoint devices such as desktops and laptops and the data that resides in them.

With more businesses practising remote working, protecting your data from human error, malware and theft are especially crucial. However, with our services, we can make your business safer, more efficient, and secure.


Stop Using Old Data Backup Systems: Protect Your Data

In today’s business world, having an efficient data backup system is more critical than ever before. Companies rely on data to manage customer information and inventory and drive strategic decision-making.

However, many older backup systems are not reliable enough to guarantee the continuity levels that today’s businesses require.

For example, older systems can lose or corrupt data during the backup process, making it difficult or impossible to restore data if needed.

Additionally, traditional data backup systems can be slow and cumbersome, disrupting business operations as it is hard for companies to keep up with data growth.   

Therefore, the need for reliable backup systems has never been greater. Discover what happens to your data when you do not switch to a newer, more efficient data backup system.

7 Issues with Older Corporate Data Backup Systems

9 Issues with Older Corporate Data Backup Systems

1. Data Corruption

Data corruption is extremely common in older data backup systems. In best-case scenarios, you can still recover your data, although you would probably lose the corrupted parts.

However, in worst-case scenarios, the entire backup will be lost, rendering it useless. Data corruption leads to failure during the restoration process, making data recovery much more challenging and time-consuming.

2. Broken Backup Chains

Problems occurring in a backup chain often result in data corruption and recovery failure.

A backup chain is a formatted sequence of a data backup strategy, and if broken, it is impossible to carry out the restoration process.

For example, the first backup is a full backup that captures all data on the protected machine. After that, each new backup adds only new or modified data.

As these backup files increase, they form the backup chain. In traditional backup chains, the data are dependent on each other, and corrupted data can prevent the backup from being restored.

3. Data Loss

Many businesses believe that overnight and weekend backups are enough to safeguard their data. However, companies should be backing up their data much more frequently, ideally several times throughout the day.

By implementing frequent and regular backups, businesses can avoid losing huge amounts of data in the event of a disaster. To ensure you don’t miss backing up your data, consider automating the backups process, especially if you use a cloud service.

Read More: How Aegis Cloud Disaster Recovery’s 4-3-2 Backup Rule Helps You Fight Ransomware

4. Slow Data Recovery Process

The purpose of backing up a business’s data is to achieve fast backups and accurately restore data. If your system transfers data faster or slower than your backup system can handle, your backup performance will suffer.

With old data backup systems, full backups are the only way to ensure accurate restores. However, full backups are time-consuming because large amounts of information are transferred.

5.   Limited Data Recovery Options

One common reason for a slow restoration is the limited data recovery methods in old data backup system. Each data loss event is unique and requires its own specific protocol for retrieval and restoration.

Your business would be severely impacted if your backup system did not offer a variety of data recovery options to accommodate every possible scenario.

6.   Susceptibility to Ransomware

Ransomware is a nightmare for businesses in all industries. Cybercriminals launch a ransomware attack to infiltrate a business’s network system, stealing any confidential data they can find.

That is a big problem for businesses relying on outdated data backup systems. For example, a backup system not properly separated from the network, would leave your business with nothing to restore

7.   Exposure To On-Site Disasters

Various businesses still store their backups in their server rooms or other on-site infrastructure. This is especially common in smaller companies as they do not have the resources to rely on data centres.

However, should the data on a business’ on-site infrastructure be deleted, the backups are gone too. Fire, natural disasters and flooding are all real threats that could destroy everything.

Businesses today need their backups stored in an off-site location, in addition to on-premise devices. Cloud service providers, for example, offer businesses a simple and effective way to store and recover their data, even if the on-site infrastructure cannot.

Read More: Don’t let security concerns hinder your business

Aegis Cloud Production Environment (CPE)

Many old data backup systems do not offer the same level of data protection as newer ones, leaving businesses vulnerable to data loss in a disaster.

While there are many potential issues that can arise with an older data backup system, working with a reputable data backup provider can mitigate these problems.

Aegis offers data protection services with hassle-free maintenance, cloud backup management and disaster recovery solutions. Aegis CPE is an efficient hosting service with hourly virtual machine (VM) replication and daily backup with retention to an off-site location.

Our experienced team ensures data resiliency and uninterrupted hosting services. We offer complete corporate on-site or off-site data recovery services that cater to your business needs and budget.


5 Tried & Tested Data Protection Practices You Should Follow

With businesses switching to cloud technology and employees preferring to work from home, data protection practices and protocols are essential. This is due to the rise in cyberattacks on personal and corporate data.

Keeping passwords and other information safe and protected from cybercriminals has long been a priority of businesses. However, growing concerns over consumer privacy have changed how organisations manage and share the data they collect.

Nevertheless, even companies with a good data protection system can find it difficult to keep up with new privacy regulations and practices. Here are five data protection practices businesses should adopt.

Critical Practices for Ensuring Data Protection

Critical Practices for Ensuring Data Protection
1. Collect Minimal Client Data

Firstly, ensure that your business’s policies indicate the necessary data to collect.

If you collect more data than needed, you increase your liability and burden your IT security teams. Moreover, minimising your data collection can also help you save on bandwidth and storage.

2. Create A Data Protection Policy

A data protection policy is necessary for businesses to standardise data use, monitoring, and management.

An effective data protection policy should include:

  • Data protection techniques applied by the different departments and devices within the organisation
  • Legal or compliance requirements for data protection
  • How staff members will be trained and supervised in handling personal data

Read More: Cloud Server: What’s the Best Way to Keep Your Data Safe?

3. Control Access To Sensitive Data

Sensitive data is strictly confidential information that must be protected, such as personal health information, education records and cardholder data.

As a result, access to sensitive data should be managed through security practices designed to prevent data leaks and breaches.

4.   Back Up Your Data

The purpose of a data backup is to store a copy of the business’s data on a separate medium that can be recovered during an unexpected data failure.

Examples of data failures include:

Additionally, businesses should carry out a data backup regularly to minimise the data lost between backups.

5.   Protect Against Insider Threats

Most organisations spend an exceptional amount of time and resources on securing their data from external attacks; however, insider threats are equally as important.

Insider threats are security risks that originate within the organisation and come in two forms: authorised and unauthorised.

An authorised insider threat involves a current or former employee with access to sensitive information. It occurs when authorised employees misuse their access either on purpose or accidentally or when their credentials are stolen.

On the other hand, unauthorised insider threats are caused by employees who do not adhere to corporate security policies or carelessly use company systems or data.

Furthermore, insider threats can lead to data loss or downtime. Therefore, it is essential to diversify your data protection strategy to include external attacks and internal threats as well.

Read More: Protecting Remote Office 365 User Data is Critical

How Can Aegis Help?

It is critical for businesses to adopt data protection practices to keep their sensitive information safe. However, with so many policies to enforce, this can seem like a daunting challenge for any IT security team.

Aegis can help businesses simplify data protection. Aegis Disaster Recovery As-A-Service (DRaaS) is a cloud computing and backup service model that utilises cloud resources to minimise downtime and disruption to business operations.

It has a range of managed cloud disaster recovery services to protect a business’s critical data and systems. Examples include free unlimited cloud DR resources and a dedicated DR drill team to ease the burden on IT security teams in Malaysia.

Need help?