The Enterprise Cyber Recovery Vault
We’re working with clients to define the best cyber resiliency strategies for their shops under ever-changing conditions.
The law of unintended consequences strikes again!
The architectural considerations for enterprise cyber recovery vault implementations are getting more complex due to the good work of technology vendors.
When one-size-fits-all cyber recovery solutions such as Dell PowerProtect Cyber Recovery Solution first became available, I was definitely recommending that clients take a look and evaluate it for their shop. You can protect your critical assets and have a quality vendor providing vault management capability. There was initially not a lot of lower level conflicting guidance about how to best perform cyber vault management.
Now, however, due to the heightened importance of cyber resilience, all manner of enterprise software vendors are spending development and solutions dollars to ensure that they have the best cyber vault protection for their persistent data.
Oracle now has an Oracle Recovery Appliance Cyber Security Architecture – this deploys both a new appliance and runs OEM in the vault. They have very well vetted reasons for doing this that I won’t go into here.
Splunk best practices now recommend special vault data transmission protocols (NiFi or DSP) and running Splunk in the vault.
None of these vaulting best practices line up very well with the one-size-fits-all model. They may each define different ways to manage the air gap, transport protocols, roles and authentication in the vault that are important to their particular product. I’m sure that due to the good work of engineering teams providing enterprise software, we are going to see an increasing number of disparate vaulting best practices.
This is what happens since there are no industry standards yet for vaulting. This space is going to be interesting (euphemism) for a while.
At PTS, we’re working with clients to define the best cyber resiliency strategies for their shops under ever-changing conditions.
Arrange a free workshop with our consultants to discuss your specific Cyber Resiliency Strategy.