Back up words with action on World Backup Day
March 31 is World Backup Day, one of the few international “Days” – like SysAdmin Day – that IT pros can use to highlight the work they do every day to keep users safe and productive. SysAdmins can use the day as a timely opportunity to review the plans and actions needed to protect data from loss, damage and cyberattacks.
- Ransomware attacks affect organizations of all sizes in every industry in the US, the UK and Canada, with about 60% of all companies hit by attacks in 2021.
- Regular backups of all systems, not just servers, can substantially improve recovery speed and costs after an attack.
- Backups must be stored in secure, disaster-proof manner; backup as a cloud-based service is one alternative.
- Practice recovery procedures!
I'd like to start with a justifiably alarming statistic: according to the IT security experts at Sophos, nearly 60% of US, UK and Canadian organizations were hit with ransomware attacks in 2021. But while cybersecurity-related data losses dominate the headlines and the attention of IT admins everywhere, that’s just one way that organizations can be exposed to expensive and time-consuming disruptions due to a loss of data. Sometimes critical data is accidentally deleted or lost in a disaster such as the 2021 fire in France at one of the world's largest cloud providers. No matter the cause, the loss of vital data is a clear and present danger for any organization.
Though they often have fundamentally different levels of understandings of the subject, IT pros and users alike know that data backup is not an elective but rather a compulsory part of everybody’s practical computer education. The annual World Backup Day on March 31 provides an important and always timely reminder of that.
The day also reminds us that IT admins must work hard behind the scenes to ensure that creating backups has no impact on employee productivity. Users just assume that IT has their backs and that everything’s safely secured and ready for another day.
As part of their backup strategy, IT teams need to think about what is being backed up and where it is being backed up to. The first aspect entails a careful consideration of all user devices:
- IoT devices if appropriate
In addition, a decision must be made: Will only application data be backed up or entire systems including user profiles and configurations? The first option may be enough for systems at users’ home. But companies should definitely focus on a holistic approach that backs up data, user profiles and preferences, access rights and account configurations. After all, experience shows that all data for the entire workplace should be backed up securely to enable a rapid and effective restoration and recovery after a ransomware attack or disaster.
It’s also vital to take a close look at how and where the backups are stored. Research from last year shows that 95 percent of all ransomware attacks attempt to infect backups as well. This goal of the criminals is hardly surprising, as companies that have backed up their data and can restore it quickly are unlikely to pay a ransom.
That’s why companies should take great interest in making it impossible for attackers to access backed up data, including keeping backups virtually, physically and geographically isolated from the company's ongoing operations.
There are a large number of cloud providers offering backup-as-a-service (BaaS) solutions. Depending on its sensitivity, local data is moved to a public or private cloud. Backups can be configured to run automatically at regular intervals or in real time. In the event of a data loss or cyberattack, the data can be readily restored from the cloud.
In increasingly complex IT environments with a growing number of mobile devices, BaaS can be part of a resilient backup strategy. At the same time, this approach facilitates enterprise-wide mobile device management. But even with a cloud solution, geographical separation and redundancy must be considered.
One aspect which unfortunately receives far too little attention also needs to be mentioned: recovery. Given the high probability that a company will fall victim to a ransomware attack, it seems almost negligent to limit data security strategies to backup alone. After all, it is not enough to know that backups are available and that hackers can’t access them. Rather, it is a matter of restoring data and operations as quickly as possible in the event of an attack or disaster.
The time to test the practicality, speed and effectiveness of recovery procedures is well before you need to begin a recovery under fire, so to speak. Consider it a stress test of all practices and an opportunity to discover any shortcomings or unexpected gotchas. It takes time and expense to do it but it will prove itself more than worthwhile when (not if) the time comes. And don’t just try it once and declare victory. Like any emergency procedure, periodic drills are the key to making them go smoothly.
Overall, it is imperative that companies are aware of their data protection strategy from the storage of backed-up data to recovery as a whole, integrated process. Only then can it be ensured that backups are not compromised and, that a rapid response can be completed effectively and efficiently during an emergency.
Cyberattacks target other security vulnerabilities besides backups. Read our free whitepaper to learn about the threats posed by vulnerabilities on computers in corporate networks and how you can efficiently protect your IT environment.