If your backup regime fails to tick even just one of the following best practices, then it is not rigorous enough …
Data theft continues to be a major issue across South-east Asia and the wider Asia-Pacific region. Some studies show that in 2022, only 52% of ransomware victims managed to restore encrypted data through well-managed backups!
The truth is, even with a backup strategy in place, if it does not tick all the boxes necessary to guard against today’s increasingly sophisticated array of attacks, IT teams could be making their organization an easy target for cybercrime.
This World Back-up Day, here is a checklist of seven best practices to ensure that firms are not unwittingly giving hackers the upper hand when it comes data protection, backup and disaster recovery.
- Backup everything, everywhere all at once! When it comes to backing up your data, do not just think about business data. To recover faster in a worst-case-scenario, ensure the full system has been backed up religiously and correctly.
- Limit access to your backup software Giving too many people access to your backup software can increase the likelihood of hackers finding a way in using stolen credentials. Minimizing access means minimizing risk. Use multi-factor authentication and Role Based Access Control to do this: ensure that only a very small number of users have the ability to purge backup files.
- Your operating system makes a difference Hackers know their way around Windows operating systems, so consider using a Linux or other non-Windows operating system for running backups.
- Avoid network-connected backup systems Imagine giving hackers the opportunity to move from an infected endpoint in your corporate system into your backup system to turn-off or delete your backup files. To prevent this, make sure the two systems are always separate. We recommend replicating your backups off-site to a remote site or cloud provider — providing an air gapped layer of security around the backups. Also, if you are backing up data in the cloud, make it more secure by keeping it in the cloud — what happens in the cloud stays in the cloud!
- Encryption and anti-malware software are a ‘must’ Encrypting all your backup data and running anti malware software on your backup server should be a no-brainer, giving you a couple of additional layers of security to safeguard your data.
- Backup regularly and do not be afraid to test the waters It is surprising just how many businesses fail to back up regularly or even test their backup systems. At the end of the day, even with an effective backup solution, if it is not set up properly, or if the data is backed up too infrequently, crucial data will still be missing when recovering from a crisis. Implement an automated backup service to minimize data loss when restoring, and always test out your backup system to ensure it will not fall short if the worst happens.
- The 3:2:1 Gold Standard To ensure that you have a watertight backup strategy that can foil even the most astute hacker, follow the 3:2:1 gold standard: three backup copies, using two different media, one of which is kept offline.
When it comes to data backup the key thing to remember is that poor implementation can undo even the best-laid plans.