With the growing popularity of ransomware cyber attacks, we thought we’d spend the next few weeks covering the topic so you can better understand what ransomware attacks are, who’s behind them, how to protect against them, and what to do if you become a victim of such an attack. This is post 3 of 6.
In every disaster recovery scenario, the future of your enterprise hinges upon the reliability of your data backup infrastructure. How can you be certain that your enterprise can recover from a disaster recovery scenario?
A ransomware infection can potentially lead to a full-fledged disaster recovery operation. In some instances, you could equate a widespread ransomware infection to a complete and total loss of your infrastructure.
Now more than ever, enterprises are challenged with backing up their data rapidly and without interruptions to normal business processes. In addition, it is imperative to have a backup of your data if you wish to mitigate the impact of a ransomware infection.
Without Backups, Your Enterprise is at Risk
If your organization isn’t backing up its data, your entire operation could be in jeopardy. You’d be surprised at how many small to medium sized enterprises aren’t backing up their critical data.
A report on Small Business Computing says that up to 40% of small businesses could go out of business should they encounter permanent data loss. Other factors such as complexity and budget drive small businesses to overlook this important disaster recovery task.
The threat of ransomware makes backup infrastructure that much more important. Without secured backups, enterprises could be forced to pay the ransom in order to regain access to their critical data.
Best Practices for Backing Up Enterprise Data
Many ransomware infections target the shadow copies of your data, making it difficult to retrieve data using conventional means. As a result, your data backup infrastructure needs to able to withstand these attacks.
Your organization should have a backup infrastructure that is designed to rapidly restore data whenever it is needed. If your business uses a hypervisor to host its virtual machines, 3rd party backup suites such as Veeam could help you automate virtual machine backups.
Veeam is great alternative for enterprises who want a simple solution to backing up, replicating, and recovering data from a fleet of virtual machines. Within a simple wizard, your organization can setup how often you’d like the backup to occur, and how many copies you’d like to keep on hand. Your data can then be retrieved with just a couple clicks!
The 3-2-1 Rule for Backups
Enterprises should always entertain the idea of transferring their critical data to an offsite backup provider over an encrypted WAN connection.
You would also want to store this data onsite using a network attached storage device that has specifically configured its firewall to only allow connections between the backup agents and the server.
From there, you may want to elect to put your data on tape for long term storage. Veeam recommends the 3-2-1 policy of backing up your data.
“Organizations should make three copies of their data available on two different media, with one stored offsite,” writes Doug Hazelman of Network Computing.
Ransomware Infections Leave You with Limited Options
Pay up or backup? When dealing with a ransomware infection, your organization’s options are as limited to the amount of backups that you have to choose from.
If the data is that important to your organization, you may actually have to pay to regain access to the data in a timely manner.
If your enterprise has backups, it can be entirely possible to restore access to your critical files within minutes. While in some instances, it may take longer, the fact is, your enterprise is able to recover rapidly from an attack without having to pay the ransom.
More importantly, your backup infrastructure will be available whenever data retrievals need to take place. This puts your enterprise in a win-win situation by being able to perform file level recoveries on-demand.
Document and Test Your Data Recovery Procedures
If you aren’t performing a mock data recovery exercise at least once every quarter, can you be confident that your data recovery procedures will work when you need them most?
You should have extensive documentation that provides instructions on how to recover data in your enterprise. This document will provide the nuts and bolts of the data recovery procedure, as well as any specific nuances related to your backup infrastructure.
You must test your backup infrastructure in order to know if your backup schemes are working properly. As a precaution, you will want to make sure that you have enough space available on your backup devices in order perform the restore.
Growing businesses have the tendency to add on new servers without increasing their backup infrastructure in order to compensate. Businesses must factor in the costs of backing up their newly acquired servers once they have been deployed in the enterprise.
If you have any worries about your network security, please call us at (833) 482-6435, or click the banner below to schedule an IT security audit so we can find the best security solutions for your business. Preparation for threats like this is a small cost compared to repairing the damage of an actual infection.
If you enjoyed this IT Support article, please check out other posts on our blog and join us on Facebook, Twitter, LinkedIn, and Google+ to see how else we can help your Greenville, SC or Atlanta, GA area business succeed!