Backups are the go-to to keep you safe in the event of ransomware or data threats. But the bad guys expect your business to do backups. The question is, are you keeping your backups safe?
Ransomware attacks remain prevalent. Having a backup strategy can help you avoid paying the ransom to retrieve access to your data. But that only works if the attackers can’t discover, disable, or delete your backup data.
Attackers will look to find and exploit any backup strategy gaps. Know the risks.
Backup strategy risks
Bad guys can leverage their access to your network to attack other connected devices, which can include network-connected backups. Most ransomware will attempt to encrypt any backups on the network, attackers may also turn the backups off or wipe them out.
Connecting to backup systems via remote access is also risky. Stolen credentials or an easily guessed password could give access to protected systems.
Giving many people the right to access your backup files is also dangerous. Each person represents a potential entry point for the bad actors. All they need to do is steal that individual’s credentials to gain privileged access rights.
Infrequent or untested backups are a problem too. When you don’t back up often enough, you could lose days’ or weeks’ worth of critical data when you need the files. Plus, you may think you have an effective backup, but you can’t be sure if you don’t test it.
Improve your backup safety
Unsurprisingly, we’ll start by suggesting you regularly test your backup to ensure it works. Also, determine the optimal backup timing for your business. Typically, a company should backup at least once a week, but you may be in an industry where a lot of data is created in just a few hours. Then, you’d want to backup more frequently. You can do this automatically or manually.
Follow the 3-2-1 backup rule. This means you want three copies of data (the live data and two backups). Keep backups on different media. Keep one off-site, isolated from your network and unable to establish external connections. Also, consider encrypting your backups for extra protection from the physical theft of the backup device.
Another good strategy? Backup everything. A complete system backup can help you recover faster after an incident.
Run anti-malware software on your backup systems and servers, and protect them with multi-factor authentication. Then, give as few people as necessary access to the backup. Also, limit the responsibilities so that few people can purge backup data.
Ransomware isn’t the only reason you need backups. Hardware or software failure or human error can also cause data loss. Ensure the reliability of your data backup strategy. We can help you secure backups to simplify file retrieval and operations resumption. Contact us today at 407-318-2671 or schedule a meeting at https://schedule.forgeitconsulting.com.