Secure your data with bulletproof backups
Armour Cybersecurity Small & Medium Cybersecurity Enterprises Series
Ransomware attacks have been on the rise for a while now, but there's been a surge since the COVID-19 pandemic started. The reality today is that no one is safe. Companies from all sectors of all sizes have been targeted and ransomed around the globe. The ransomware attacks in the first half of 2021 grew by 93%; however, the amount of money attackers demand (ransom demands) grew by a whopping 518%.
In most cases, ransomware encrypts your data/systems to the level your business cannot operate without restoring the information. Typically companies are left with two options:
1) Pay the ransom - Get the decryption key from cyber criminals to the locked files and hope it will work; typically, the success rate is less than 50%.
2) Don't pay the ransom - Restore the data and systems from backups.
Now imagine it happened to your organization, all systems are down, and any business process relying on Information Technology cannot operate. You come to your office or manufacturing floor, and nothing works. All you can hear is an eerie silence. This is when you have to choose from one of the options above.
Experiencing a ransomware situation in the organization is stressful and even painful. It introduces extreme pressure on the management and staff handling cyber incidents. It is your business livelihood on the line here, as well as your employees and their families.
Our simple recommendation is Never Pay; to be able to take this bold stance, you need to invest in preparations, and this is where we would like to
shed some light and focus specifically on protecting your data and system with bulletproof backups that you can always restore.
Of course, at the base, you need to invest in modern multilayer protection for your organization that will include many aspects; for that, please refer to our other articles. The focus of this article is on how to build a bulletproof backup.
What do we mean by a bulletproof backup? If you built a backup that you can access and use to restore your critical data and system, regardless of how bad cyber attacks hit your organization.
Now you might ask, is it achievable? The simple answer is: ABSOLUTELY YES.
It requires doing some work, is often uncomfortable, and costs a little more upfront; however, the outcome is that it is significantly cheaper 100% of the time than paying a ransom.
Here is an example of a good strategy that, if implemented properly, can allow executives and business owners to sleep better at night.
It starts from governance, where you need to ensure the completeness of your backup. You need to map all your data and critical systems to be included in the backed up according to the business risk assigned to each item. This should be well documented and communicated to all stakeholders in your organization.
Once you understand what you need to backup, you need to choose the technology that will provide you with a solution for all data and systems. Too often, critical business assets are not included in the backup due to technology the internal IT team uses or external IT MSP offering. Nowadays, backup technologies are robust and affordable; no business-critical system should be left out of backup.
Now that you know what you need to backup and have chosen the right technology, here comes the hard part: How do you use these building blocks to build a bulletproof backup?
The secret sauce here combines the approach and operational rigour that must be applied going forward.
As the approach, we recommend using a battle-tested strategy called 3-2-1, or in more detail, it refers to:
· 3 Copies of your data
· 2 Different types of media
· 1 offline copy
Let's elaborate a bit more here: Your organization should have 3 different copies of Data; those copies should be stored on 2 different types of media; you should also have 1 disconnected (offline) copy. The logic behind it means you need to replicate data to 3 copies at any time; in case one of the data copies gets corrupted or ransomed, you can go to the other 2 copies. The two different types of media reduce the chances of losing data if one media gets corrupted or compromised. And lastly, the offline copy makes it even harder to compromise your backup as it requires cyber criminals to get to the physical realm; assuming you store the offline copy correctly, it lowers the probability that this copy will be accessed by cybercriminals.