One of the ways cyber criminals attack is by implementing ransomware – a type of malware – to encrypt a user or organisation’s critical data so that they cannot access files, databases or applications. A ransom is then demanded to provide access to the data.
Ransomware attacks are now becoming more frequent, widespread and precise. Recent, disturbing trends have seen cyber criminals not only encrypting an organisations data, but also using modified malware in an attempt to target and eliminate backups. And when a backup network is attacked, there is no way to restore data from that backup.
All data connected to your network is at risk in a ransomware attack, whether stored on a local server, computer or the Cloud, meaning it is vital to ensure backups that are not accessible to potential attackers are put in place.
A key issue is that backup was not designed to protect against cybercrime. Backup was created with the purpose of having a copy of data that can be recovered, but backup systems offer no protection for data or computer systems themselves.
One solution to deterring cyber criminals is to use offline backups, isolating the backup network and removing any system-level access to it.
An offline backup is kept behind locked doors, and should be read-only data that can’t be updated, as well as physically separated from your live network.
As such, if cyber criminals succeed in accessing your live network, they will be unable to reach your backup files. So, with at least one backup offline at any given time, an incident cannot affect all of your backups simultaneously.
For this reason, you should only connect the backup to live systems when absolutely necessary, and you should never have all backups connected at the same time.
Virtualisation allows businesses to store data from different computers on one virtual server. Rather than having numerous physical servers all working on separate tasks, virtualisation allows for fewer servers to complete the same tasks. This also means that backups can be more easily restored, avoiding any significant downtime for the business.
Keeping multiple backups is vital, so that if one is compromised, at least one other remains intact. A common method for creating resilient data backups is to separate them logically using the 3-2-1 rule. You should keep 3 copies of a piece of data. 2 of these should be kept on separate devices, and 1 of these should be kept offsite such as on the Cloud. This method spreads risk and can give you confidence that your data is safe from a localised incident.
This rule also works the other way round, where data stored on the Cloud such as Microsoft Office 365 should be protected by a third-party service. Some people argue that as Office 365 offers basic protection there is no need to backup. However, whilst it offers protection against accidental user mistakes such as deleting an email or file for example, it doesn’t protect against malware which could delete or encrypt files. Most importantly, relying on the protection Office 365 offers also goes against the 3-2-1 backup rule.
At Infuse, our disaster recovery solutions mean that you are prepared for every eventuality.
We offer flexible disaster recovery solutions that are tailored to your specific needs, meaning whether you need to recover lost documents, restore failed servers or eliminate IT downtime, we’ve got you protected.
For more information on our data backup and disaster recovery solutions, please get in touch today.
Talk through your IT needs with one of our friendly technicians – no commitment, no cost!
Complete our contact form and one of our experts will be in touch, or call our team on 01332 374444.
Array ( )