On World Backup Day, experts share advice on why your company needs a comprehensive data backup strategy to mitigate the impact of worsening ransomware attacks.
Data is now the digital world’s running currency- powering Internet usage, social media networking, advancements in healthcare, manufacturing, e-commerce services, and scientific research, and driving innumerable AI implementations in every field. Data helps businesses track consumer behavior, analyze past performance, measure employee productivity, and monitor the effectiveness of processes.
But like real money, data can quickly dissipate into thin air unless you plan to store it for analysis and future use. Businesses worldwide store and process data belonging to real people, making the protection and ethical use of data a legal responsibility. However, a rise in ransomware attacks in recent years has also made the security of backups themselves a challenge for today’s businesses.Â
On the 10th anniversary of World Backup Day, let’s look at why backing up data is always a wise call, the best backup approach organizations can adopt, and best practices for organizations that rely on data to run everyday operations. To answer these questions, Toolbox spoke to Ryan WeeksOpens a new window , CISO at Datto, Inc., who also shed light on the importance of having a DRaaS system in place, and why existing approaches to backing up data are not succeeding in the face of escalating ransomware attacks.
Watch our face-to-face interview with Ryan Weeks:
Here are some of the highlights from this interview:
Factors an Organization Should Consider When Adopting a Backup Solution
According to Weeks, the best approach to maintain backups is the 3-2-1 rule: You should always have three copies of whatever you are backing up. While two copies should be stored in two separate physical locations, and at least one of those should be stored on the cloud. When choosing a backup solution, organizations should check if the solution enables them to maintain three copies. This will prevent the malicious destruction of data and make organizations immune to ransomware attacks.
Running Backups Under the Shadow of Ransomware Attacks
Modern ransomware attacks, as we have witnessed in the past year, are potent enough to not only encrypt live production systems but hijack backup systems as well, leaving organizations with no choice but to fork out a ransom to recover access to critical data.Â
According to Weeks, attackers target backup systems in different ways. One of these involves them using modified malware to stop backup agents or services, thereby leaving organizations with no backups at all. They also delete shadow copies that are live copies of systems that machines use to recover from events like outages or cyberattacks. The deletion of shadow copies renders systems unable to restore operations. If organizations use appliance-based backups, attackers try to hack into the appliances themselves to delete backups.
That’s why, Weeks says, having a copy of your data in the cloud is an absolutely critical part of the backup process. This is also because it is easy for hackers to enumerate NAS devices and gain access to backups. Another way organizations can prevent hackers from targeting backups is by implementing strong network separation and access controls.
Protecting backups from hijacking attempts is also possible if organizations treat backup systems as critical to their survival as live production systems and protect backup systems using MFA at all times.
On-Prem Backup Solutions vs. Backup as a Service (BaaS)
While most BaaS solutions come with on-prem and cloud-native backup options, on-prem backup gives organizations the ability to restore data much faster, say within an hour, especially if their on-prem solutions allow instant virtualization of the backup image.Â Â
Should Organizations Build Up Disaster Recovery as a Service (DRaaS) Capabilities?
DRaaS programs allow organizations to plan and prepare for multiple failure situations, but most plans will fail if organizations don’t have proper backups of their data, to begin with. According to Weeks, organizations, especially smaller ones, should not have the mindset that their data is of no use to hackers. On the other hand, hackers will care more if the data is crucial to organizations, as this will enable them to arm-twist the latter to score a big ransom payment.
The Key Elements of a Resilient Data Backup Process
Data backups not only give CXOs the confidence that they have recoverable copies of business-critical data but they also serve as a response mechanism to disastrous events like systems outages or encryption of data by hackers. If your organization hasn’t given much thought to having a resilient backup policy in place, World Backup Day is an excellent opportunity to get started. Here are some simple tips, as laid out by Weeks, for putting in place such a mechanism:
- Adopt a 3-2-1 backup approach to negate the impact of ransomware attacks
- Use on-prem backup solutions to restore lost data faster
- Implement Multi-Factor Authentication for all backup systems
- Enable strong network separation and access controls for backup data
- Regularly test your backup solutions to measure their effectiveness
â€œAll companies, big and small, need to be on their guard and put defenses in place to reduce the chances of becoming the next victim. When combined with the cloud, an immutable file system is an incredibly powerful way of overcoming ransomware attacks,â€saysÂ Matt Waxman, vice president for Product Management at Cohesity.
â€œFor too long backup has been a chore, or worse, an afterthought. However, in 2021, it is clear that sticking with your existing backup vendor’s protection without thoroughly assessing its immutability credentials is akin to doing nothing, which can no longer be an option.â€
Do you think organizations can mitigate the impact of ransomware attacks with strong backup policies?Â Let us know on LinkedInOpens a new window , TwitterOpens a new window , or FacebookOpens a new window . We would love to hear from you!