Data backups are the foundation of business continuity. Elaborate backup and disaster recovery plans are pivotal when managing your client’s most important data however ensuring your data is backed up is only half the battle.
Backups are rarely thought of as being at risk and security is often overlooked, but the fact of the matter is that backups are now prime targets of malware attacks and a new favorite for ransomware attackers. Ransomware is one of the fastest growing cyber threats today and must be taken seriously.
Ransomware can compromise an entire system and encrypt all data immediately. Once your backup server is infected, backups will also be compromised which is why it is essential to include secure data backup guidelines in your daily operations. Organizations can and should follow recommended and best-practices to ensure the security and integrity of their backups:
- Isolate your Backups: Keep your Backup server and the backup storage devices separate from the production Domain. This will limit access to the backup servers adding security.
- Follow the 3-2-1 Backup rule:
- Create 3 copies of your data (1 primary copy and 2 backups)
- Store your copies in at least 2 types of storage media (local drive, network share/NAS, tape drive, etc.)
- Store one of these copies offsite (in the Cloud)
- Encryption: Keep your backups encrypted for an additional layer of security.
- Access Control: Know who should have access to your backup data. Implement access controls for backup servers as well as the backup storage.
- Monitor: Implement logging and alert monitoring to track logins and data manipulation on the backup infrastructure. Also, stay updated with the backup status of your infrastructure. Implement a monitoring and alerting solution to stay updated with backup failures and other related issues.
- Immutable Storage: Use immutable storage wherever possible. Most cloud storage providers offer immutable storage options which can be utilized for backup storage.
Looking to learn more? If you are a Managed Service Provider (MSP), ProVal Tech’s offerings can help you come up with an effective Backup and DR strategy for your clients, as well as manage it on your behalf. Contact us today to schedule a free consultation.