World Backup Day – four tips for data backup
Remember when you were a little kid, you’d wish every day was your birthday or some holiday where you had cake, a party, and received many gifts? Why would anyone want something so marvelous to end? Reality set in as we grew up, and the dream of that wish has long worn off.
I wish every day were “World Backup Day.”
It drives me up a wall that we even need a celebration for this. Backup should be celebrated daily: “Today, I ensured my business’s precious data was protected and secured from the inevitable harm that will befall it when ransomware strikes.” Bleak? Well yeah, take a look at the news. Ransomware attacks the backups now. Companies start proving their ability to stand up to attacks when they occur, and suddenly the software gets more innovative, malicious, and far more dangerous.
We celebrate backup because it’s the last bastion of defense against ransomware. Once the firewall fails, then the antivirus software, then the replication, what’s left? Only the backup can save us… if it isn’t corrupted. If the worst comes to pass, it’s time to start looking for bitcoin transfer applications and hoping the decrypter works. But you are reading this blog; it’s freaking World Backup Day, and I won’t leave you high and dry. Just like the Terminator traveled back in time to help John Conner, I’m here to help make your backups ransomware-proof. Come with me if you want to be able to restore your business to a functional state.
With best practices in place, an acceptance that attacks will happen, and daily vigilance, backups are much more than an insurance policy. First things first: Ensure you are running backups. Yeah, it’s an on-the-nose tip, but think about how many times you thought a piece of technology was doing something only to find out…it wasn’t. Just because we have software in place and it looks like it’s working doesn’t mean it is. Verify that your backup strategy is behaving as expected and covers all the data you need to restore in a crisis. This ties right into tip two.
Test your recovery scenarios. Your backups are only as good as knowing what they are and where they belong. Ransomware doesn’t just encrypt your data. It often hoses your hardware too. How would you restore 200 virtual machines if your ESX host is completely locked down? Testing cloud recovery is one way. Having standby hardware is another. Importantly you should assume the worst-case scenario and run tests often to ensure that when the time comes, you are already a pro at getting things back in order.
Tip three, ensure your backups are backed up. We mention the 3-2-1 policy in just about every piece of written material we put out because it’s crucial (When a storage vendor tells you to use more storage that isn’t theirs, you know it’s essential!). Ensure you have copies of your backup data stored in multiple locations, with different types of encryption, and in various media types.
Tip four, ensure your backups are immutable. Encryption is good, but it can be decrypted if the admin accounts that control it are compromised (which they often can be when a complex attack occurs). Immutability is the only way to truly ransomware-proof your backups.
At Object First, we have stepped up the immutability game by creating a primary storage appliance that gives no admin privilege, no root access, and no possible way to disable our immutability. This means that for as long as the user-specified immutability window is in place, the data within our appliance is unchangeable, indelible, and ready to restore at a moment’s notice. We built Object First Ootbi to be that last bastion against ransomware and ensure that all Veeam users never pay the ransom again.
We put holidays together like this to remind us of important events, feelings, and practices that are often celebrated, remembered, then quickly shelved away to focus on the next upcoming thing. How many New Year’s Resolutions have been tossed to the side before Valentine’s Day? How many gifts can we accurately remember who the giver was? Did you thank your parents months after Mother’s/Father’s day? Let’s not let World Backup Day become another generic come-and-go holiday. Let’s put it into practice and make every day World Backup Day.
continue to increase.
Bad actors have changed tactics, and are using techniques that are more sophisticated and targeted. To help protect the organization from ransomware, security and risk management leaders need to look beyond just the endpoints.