Let’s be honest: more than 50 percent of businesses are not prepared to withstand a ransomware attack. Obviously, having a backup gives you major leverage, and it is, in most cases, an efficient way to protect data from loss. But here is the catch: backups are not ransomware-proof by default. So if your company doesn’t follow proper backup strategies, it may end up with encrypted backup data.
The problem is, many companies treat backups as the ultimate solution to all potential data threats. Some companies don’t bother to implement a proper backup solution at all. There are many professional backup options for small business, but owners still prone to rely on luck.
So when they eventually implement the professional backup solution, they feel like it is more than enough.
In reality, of course, for a backup to be entirely safe from ransomware, you need either to find a backup provider that can guarantee the ransomware protection coming with it or to implement an approach that includes a series of steps.
But that it is not easy to find a provider that has a professional ransomware protection system (Spin Technology is one of them.) And yet, most backups claim to have it when they actually don’t.
That’s why if you want to prepare your organization for the ransomware attack, you must implement the 5-step plan from their article. It will require some time and effort, but make no mistake: this price much lower than the one you’ll pay in case you won’t do that and get attacked.
Implement 3-2-1 backup method
When a hacker develops ransomware, they design it being able to look for the “loopholes” – the paths in your network that can lead ransomware to your storage. Obviously, most organizations have their backup storage attached to their network, which puts the backup in danger.
When it comes to the best practices and methodologies, all cybersecurity experts agree that in order to deal with this problem, every organization should follow the “3-2-1” backup rule. What is this rule, and how can you use it in your organization?
Basically, it boils down to the following:
1. Have at least three backup copies
2. Keep them on at least two mediums/locations
3. Keep at least one copy off-site/ on the cloud.
Implementing this rule on practice will help you create extra copies and diversify these copies’ locations. 3-2-1 rule is a crucial part of a disaster recovery plan because otherwise, ransomware (or any other disaster) can easily take down the whole system with data on it. But if you follow the rule and don’t keep all your eggs in one basket, you can recover from another copy that was located somewhere else and, therefore, wasn’t affected.
Backup your files regularly
When it comes to recovering your data after an attack, the frequency of your backups is one of the most important things. If the data in your organization changes every day and this data is vital for the functioning of your business, then your backups should reflect that. If your database is updating every few hours, then losing the hour of this dataset can have a hugely damaging impact on your business.
Usually, organizations update their information in one or another form from tens to thousands of times a day, depending on the size of an organization. The bigger the company, the more often its data sets get modified every hour.
But many companies do not take this into consideration. In many examples, companies may have the last copies made a week or even a month ago. Even being better than nothing, the outdated backups still will lead your company to downtime, because, in order to continue working, your employees need the most recent and relevant information.
So be sure to take care of a regular backup, whatever that means for your particular case, It may be daily backups, three times a day backup, or even the hourly backup.
Test and verify your recovery systems
Verification is, perhaps, one of the most important words in cybersecurity. Verification is key that applies to every data and system protection activity because it can show you the real picture, not the imaginary one. When you assume the outcome of your backup strategy in case of ransomware, you don’t see all the weak spots you could’ve missed and which can potentially be a problem.
It is not about thinking that you did a good job implementing all the necessary rules, but always about testing it. You may never know beforehand at which point something will go wrong, whether your backups are usable and restorable, what time does it take (at least approximately).
Take our word: if (or even when) you will be experiencing a ransomware attack that will lock down the data of your whole organization, you are going to need to act quickly. If your network is down, you have very little time before your company starts losing money due to downtime. So your data loss protection plan should better work quickly.
Take care of offsite backups
In case of an attack, ransomware will encrypt all data and storages that have any connection to your network. If some employee who clicked on the wrong link has access to your backup storage, then ransomware will find its way to this storage.
This is why your (or, more specifically, your IT administrator/security professional) task is to make at least one copy of your backup offline and fully disconnected from your network.