The modern business is completely reliant upon computers and the data that they contain. Loss of this data can cripple a business, which is what makes ransomware attacks possible and profitable. Securing an organization’s data requires knowledge of the possible threats and what to look for in a data backup solution.
Organizations need data backups for a variety of different reasons, including disaster recovery, ransomware, and wiper malware. Understanding the threat is essential to choosing the right data backup solution.
-
Natural Disasters
For many organizations, the threat of natural disasters is a major driver for deploying a backup solution. If an organization keeps all of its records and data on-site, a natural disaster could destroy all copies of the information or make them inaccessible for an extended period of time.
-
Ransomware
Ransomware is a relatively recent cyber threat to organizations. In a ransomware attack, malware running on an organization’s computer encrypts valuable files with an encryption key known only to the ransomware’s owner and operator. In order to regain access to these files, the victim must pay a ransom to receive the decryption key that they need.
If an organization has data backups, they may be able to avoid the need to pay a ransom. While restoring systems from backups may be more time consuming and expensive than paying the ransom, it also ensures that the cybercriminal operating the ransomware does not profit from the attack. In the long run, choosing not to pay the ransom may make an organization less of a target since they are not seen as an “easy mark” by cybercriminals.
-
Wiper Malware
While ransomware is a better-known threat, due to attacks like WannaCry and high-profile incidents with cities and hospitals, wiper malware is even more damaging. Wiper malware, like NotPetya, may masquerade as ransomware, encrypting files and demanding a ransom. However, as in the case of NotPetya, the cybercriminals have no intention of providing a decryption key upon payment since they don’t have a copy themselves. Once a computer is attacked by wiper malware, then the data that it contained is gone forever.
In these cases, a robust backup solution is even more important than with ransomware. If an organization can’t even pay a ransom to recover their data, then restoring from a backup is the only potential option.
Important Features of a Backup Solution
Organizations require backup solutions for a number of different reasons, including protection against natural disasters, ransomware, and wiper malware. Based upon the threat that the organization may need to defend against, different features may be required of the backup solution.
-
Offline/Read Only
When dealing with the threats of ransomware and wiper malware, it is essential that backups are kept offline or are read-only. The reason for this is that many ransomware and wiper variants will attempt to spread themselves beyond the initially infected machine by searching for removable media, file servers, shared drives, etc. If any of these are found, the malware will copy itself over and begin encryption at the new location.
If an organization’s backup solution is writeable, this means that the malware may be able to encrypt the backup copies of the files. At this point, the backup solution provides no benefit since the backups can only be restored by paying the ransom if they can be restored at all. For this reason, all backups should be read-only to prevent modification after being copied over.
-
Offsite
For protection against natural disasters, it is important that an organization keeps its data backups at an offsite location. If the same natural disaster that destroyed or removed access to the original copies of the data also impacts the backups, then the backup provides little or no benefit to the organization. The use of cloud-based backups is a good solution for this since cloud storage is geographically distributed and often has built-in backups, ensuring the retention and availability of an organization’s data.
-
Automated
A solution that automatically performs backups is essential for both safety and productivity reasons. If an individual needs to manually trigger the backup operation, the organization will be lucky if data is backed up monthly, which means that the backups cannot be used for a full recovery after an incident.
Achieving the level of protection required by many organizations requires much more frequent backups, possibly even hourly or constant incremental ones. If the backup solution cannot perform these operations silently in the background, an organization will be forced to weigh the costs and risks of not having backups when needed against the impact on employee productivity caused by disruptive backup processes.
-
Secure
Most organizations have strong cybersecurity defenses around their crown jewel database. However, the same cannot always be said about the organization’s backups. Since these backups contain all the same data but are more lightly defended, they are a prime target for an attacker. A breach of a backup database can have severe consequences, so it is essential to ensure that a backup solution is capable of securing the data in line with the organization’s cybersecurity policies.
Securing Backup Data
A robust data backup solution is essential to protecting an organization against a number of different threats. However, a poorly-secured data backup can be a huge security liability for an organization. When choosing a backup solution, it is important to integrate it into the organization’s data security plan and deploy defenses to help detect and prevent potential breaches.
More Stuff For Your Inspiration:
