We are now only weeks from NIS2 coming into full effect on the 17th of October. This EU-mandated set of regulations is going to have far reaching consequences for organizations in targeted fields, which now have very little time left to get ready.
What is NIS2?
We’ve written on the subject of NIS2 more exhaustively in this article earlier this year. In short, the NIS2 directive builds on the original NIS directive, which took critical fields -energy (electricity, oil, and gas), transport (air, rail water, and road), drinking water supply and distribution – and mandated recovery and resilience for them. NIS2 expands the covered sectors to a total of fifteen, adding health, finance, digital infrastructure, public administration, digital providers, postal services and more to the covered list.
The stated goals outlined by the EU are to “enhance the security of network and information systems within the EU by requiring operators of critical infrastructure and essential services to implement appropriate security measures and report any incidents to the relevant authorities.” In effect, the expectation is that companies in critical sectors will establish good security measures in the following categories:
Risk management
Organizations must take measures to minimize risks; this may include incident management systems or better access control to their internal data. Steps must be taken to ensure that risks are minimized as much as possible.
Reporting obligations
Entities covered by the directive have to put in place processes to promptly report security incidents – either actual cyberattacks or discovered vulnerabilities – that have an impact on their ability to continue providing services. NIS2 sets specific notification deadlines, the most tight being twenty-four hours as an early warning.
Business continuity
Organizations covered by the directive must demonstrate a disaster recovery plan that would allow them to bounce back in the event of a major incident. This should take into account system recovery and standard emergency procedures, as well as setting up dedicated crisis response teams.
With the increased threats the EU faces in cyberspace – from simple criminal threats to state-backed ones – the expectation is that nations will implement their own legislations in-line with NIS2, and that organizations within those member states will align with this legislation. The deadline for this, as mentioned above, is the 17th of October, in a week and a half. NIS2 coming into effect imminently gives organizations very little time remaining to ensure their affairs are in order.
Archive with contentACCESS
One of the requirements laid out in NIS2 is having disaster recovery processes in place. This normally includes a backup or archive software allowing you to bounce back from any data breach resulting in data loss or corruption. These processes, however, tend to be cumbersome and recovery can paralyze an organization for some time.
TECH-ARROW can simplify the preparation of a quality disaster recovery plan thanks to our unitary contentACCESS Archive and Backup. When archives are properly isolated from live systems, they are resilient and likely to remain unaffected by a wide range of points of failure. Your infrastructure’s robustness also can be boosted to new levels by choosing to archive on the Cloud with our contentACCESS Cloud Archive. That data can then smoothly be retrieved in the case of ransomware, data corruption, or any number of other issues you may potentially experience.
More importantly and unlike the majority of similar systems, contentACCESS allows end-user access to files stored in the archive, through a variety of methods including online web access, Outlook integration, or our Mobile app. Thanks to this, your recovery time is effectively nil; instead of having to slowly restore all your files to the live system, files can be accessed as needed directly in the archive without the need for administrator interference.
Our archive and backup can capture a wide range of data from varied systems, keeping it secure while also maintaining easy access for retrieval. You can operate with peace of mind knowing that your emails, files, SharePoint data, or Microsoft Teams data are all secure and can be instantly accessed when needed.
If you are interested in setting your company up for success and protecting it with contentACCESS archiving solution, contact us for a free consultation or demonstration of our products and services. Archive smarter – with contentACCESS.
Your Data In Your Hands – With TECH-ARROW