Why businesses need the Big Red Button
Everybody hopes to never need to press the Big Red Button.
But….
If a Hack has been detected or is in progress – Take the action.
The one day your Cyber team is on training / on holiday / off sick – Hackers seem to find that one weak time. It just needs to done; Quickly; Press to start that complete shutdown.
Of course, the best Cyber tools will help stop it happening.
If it does happen. There will be no time to think about it and plan who does what when.
Everything needs to be stopped at speed.
Yes, it will cause business disruption but a hack left executing will be worse.
Why Automation for Shutdown
Automation is great for performing manual work on applications.
Automation can also be used with System Admin tools and Cyber Defence tools.
Starting an automation does not require technical skill. So when the situation arises, any authorised user could trigger the “Big Red Button” automation.
Like any other automation, a shutdown process can be developed and tested.
The software robots used in an automation can be defined as users that can use “Administrator” privileged accounts and they can use long complex passwords or draw a password manager application.
The complete shutdown of an environment takes a lot of planning with careful consideration of the sequences. The knowledge can be defined in the automation process.
Will hackers have automated the attack?
Always better to assume the worst, therefore the defence has to operate at a similar speed using automation.
Technical Requirements
When automation is initially used in a business, consideration will have been given to the requirement for technical skills to be available in-house.
Many businesses will have a mixture of SaaS usage, private cloud usage on AWS or Azure or Google, on premises servers plus all of the desktops / devices.
Leading automation products such as UiPath have established interfaces to all of these products. This allows a unified automation to be built that can interface with all the necessary parts of the environment.
Business Benefit of Testing
Regular testing of automations is essential to ensure that “Changes” have not occurred which will leave gaps in the process.
Contingency plans without practical tests are theoretical and may not deliver when used.
Testing the use of a “Big Red Button” automation will be disruptive but it could be so valuable to a business.
Going for Re-start
It could be tempting to create an automation to “Re-Start” an environment following a shutdown but that would really only be effective if there was a false alarm.
If any form of hack has occurred, a great deal of care is required to contain the damage, preserve evidence and plan the recovery to normal operations through the use of isolation techniques, the deployment of backups, etc.
IT Operations
The IT Operations team will have been involved in the deployment of software robot automations for general business processing, that knowledge and experience can be leveraged to build the “Big Red Button” automation.
IT Operations staff might suggest the use of bespoke scripts to remove the dependency on automation software but the complexity of most environments means that the integration capabilities of automation scripts is usually a better solution.
It Will Never Happen
Hopefully that is true.
Like paying an insurance premium. Nobody plans to make a claim.
There are specialist consultancies who will perform “Penetration Tests” and “Simulate a Hack”. It depends on how much confidence the business needs of the defence measures that are in place.
Would your business really want to rely on manual processing by a few key individuals when a “Crisis” hits?
Article Author
David Martin
Managing Director, Ether Solutions
https://www.ether-solutions.co.uk/