"Regular backups are a great way to combat ransomware attacks." You've heard it said before, at the end of news stories and PSA's about ransomware like WannaCry and Nyetya, and it's true—in theory.
Traditional backups are actually almost as vulnerable to ransomware as your business's primary system, depending on how the two are connected. Thankfully, backup technology has come a long way.
While data protection is certainly one of the three tenants to protect your business (Education, Defense in Depth, and Data Protection), the saying "the two most important things in networks are backups and backups" has never been truer.
"There is now a clear distinction between old and new backup technology."
When considering a backup solution for your company, I recommend taking a harder look at backup technology and methods. Backups have made such strides that there is now a clear distinction between old and new backup technology.
According to Randy Franklin Smith, “old backup technology” is:
- Typically run once, nightly
- Saved to a backup media that is either replicated or manually taken offsite
- Seldom tested (other than the random recovery of a deleted file).
Old backup technology is data-centric, which requires the complete reload, reconfiguration, manual update of a system, after which you hope you can drop the data back in place. In many cases, old backup technology is itself, a target of ransomware because the backup is attached to an infected system.
"In many cases, old backup technology is itself, a target of ransomware."
In my experience, restoring your data from old backup technology is time consuming, stressful (even when it works), and a heart-attack for you and your IT staff when it doesn’t. If you are using old backup technology, or if you aren’t regularly performing backup restoration tests, you're going to get burned. For some of you, it may even be a RPE (Resume Producing Event).
Almost equally ominous is the chance that, after hearing the risks involved in your data recovery process, company stakeholders elect to pay the ransom. RPE, indeed.
How New Backup Technology Acts as Protection from Ransomware
New backup technology, simply put, is capable of putting complex data (entire systems as opposed to just files) on a smaller space, and doing so more frequently than old backup tech.
Not only does a modern backup device run continuously to eliminate data loss, but can test itself, confirm the tests with automatic alerts, and even detect ransomware activity on your network. Because these backup solutions are examining changes to every byte of data, they immediately see when ransomware is encrypting (altering) your data.
"Would you, under the threat of great losses, elect to pay the ransom after considering the risks involved in your data recovery process?"
In the event of a disaster, new backup solutions allow you to recreate your network locally on the backup appliance or in a cloud hosted location so your business doesn’t skip a beat.
Here are a few features I recommend:
- Image-based backups
- Enough storage for appropriate backup frequency
- Local server and cloud systems backups
- Integrates easily with your systems
"Ransomware attackers are learning which businesses are likely to choose old backup technology."
Do not underestimate ransomware attackers motivated by profit.They are learning which businesses are likely to choose old backup technology, due to budget (though many new solutions are affordable, there is a misconception they aren't), bureaucracy, or doing things the way "they've always worked."
Those charged with protecting your data must maintain its Confidentiality, Integrity and Availability. If you are interested in a backup solution that will protect your data from ransomware, only modern backup technology will suffice.
Ask us your questions about backing up your business: email EDTS!
- Backing Up Your Business: Natural Disaster Preparation Checklist
- 15 Examples of Phishing Emails from 2016-2017