Business Security
How robust backup practices can help increase resilience and improve cyber hygiene in your business
October 18, 2023
•
,
5 minutes. read
Could your business survive if its most critical data stores were suddenly encrypted or erased by cybercriminals? This is the worst-case scenario that many organizations have found themselves in because of ransomware. But there are also many other scenarios that could create serious commercial risk for companies.
To mark Cybersecurity Awareness Month (CSAM), we looked at how individuals and businesses who not preparing prepare to fail. Today we’re going to dig a little deeper into one particular aspect of how businesses can help build resilience and improve cyber hygiene.
Have a saved copy of this data ready to restore is a safety net that many don’t consider until it’s too late. And even those with backups may be managing them in ways that continue to expose the organization to risk. Indeed, backups can also be a target.
Why do you need backups?
Ransomware may have done more to raise awareness about data backups than any other cyber threat. The prospect of malware designed to encrypt all company data, including connected backups, has caused companies to invest in mitigation measures. in mass. And it seems to work. According to a estimatethe share of victims who pay their extortionists fell from 85% in Q1 2019 to just 35% in Q4 2022. As ransomware remains a disproportionate problem for SMEsthe threat of external hackers remains a major driver for backups.
However, it is not the only one. Consider the following risks, which backups can help mitigate:
- Destructive data extortion attacks, driven in part by the cybercrime-as-a-service ecosystem, in which data is exfiltrated and drives encrypted before a ransom is demanded. ESET Threat Report for September – December 2022 have discovered the use of increasingly destructive tactics, such as deploying wipers that mimic ransomware and encrypt the victim’s data without the intention of providing the decryption key.
- Accidental deletion of data by employees remains a challenge, especially when sensitive data is saved on personal devices that do not back it up. These devices could also be lost or stolen.
- Physical threats: Floods, fires and other natural disasters can destroy offices and data centersmaking it doubly important to store a separate copy of sensitive data in another geographic location.
- Compliance and audit requirements are becoming increasingly onerous. Failure to produce the information your business requires could result in fines and other punitive measures.
Pricing is difficult, but failing to back up according to best practices could be a costly mistake. The average ransomware payout in Q4 2022 exceeded $400,000. But there are many other direct and indirect costs to consider, both financial and reputational.
How can I achieve this?
Best practice backup strategy doesn’t have to be a black box. Consider the following 10 ways to succeed:
This seems obvious, but it pays to plan carefully to ensure any backup strategy meets the organization’s requirements. Consider this as part of your disaster recovery/business continuity planning. You’ll need to consider things like the risk and impact of data loss events, as well as data recovery goals.
- Identify the data you need to back up
Data discovery and classification is an essential first step in the process. You can’t save what you can’t see. Not all data is necessarily considered critical enough to warrant backup. It should be ranked based on the potential impact on the business if it is not available, which in turn will be informed by your business risk appetite.
This assumes you make three copies of the data, on two different media, with one copy stored offsite and offline. This last item is especially important because ransomware often searches for backed-up data and encrypts it as well, if it’s on the same network.
- Encrypt and protect your backups
Since bad actors also seek backup copies of data for extortion purposes, it pays to keep them encrypted, so that they cannot monetize the data stored there. This will add an extra layer of defense beyond the 3-2-1 mechanism (at least 3 copies, 2 different storage types, 1 offsite copy) if you use it.
- Don’t forget cloud data (SaaS)
Much of enterprise data now resides in Software-as-a-Service (SaaS) applications. This can give a false sense of security that he is safe and sound. In reality, it pays to add an extra layer of protection by backing it up too.
- Test your backups regularly
There’s no point having a backup copy of your business data if it’s not restored properly when prompted. This is why you should test them regularly to ensure that the data is properly backed up and can be recovered as intended.
- Run backups at regular intervals
Likewise, a backup is of limited use if it is restored to too long ago. Exactly how often you should perform backups will depend on how much time you have. A busy online store will require almost continuous backup, but a small law firm can get away with something less frequent. Either way, consistency is key.
- Choose your technology partner carefully
No two businesses are the same. But there are some features that are worth keeping an eye on. Compatibility with existing systems, ease of use, flexible scheduling and predictable costs are all important criteria. Depending on the size and growth trajectory of your business, scalability may also be important.
- Don’t forget the end point
Backing up network drives and cloud stores is one thing. But don’t forget the wealth of data that can reside on user devices like laptops and smartphones. All should be included in a business safeguarding policy/strategy.
Remember, backups are only one piece of the puzzle. You need to complement them with endpoint, network and server/cloud level security tools, detection and response tools, and more. Also follow other cyber hygiene best practices, such as continuous patching, password management, and incident response.
Data is your most important asset. Don’t wait until it’s too late to formulate a business backup strategy.