As we celebrate World Backup Day, we at Assured Data Protection thought we would provide some of our insights on the backup industry and what has changed in the world of backup. Just until a few years ago backup was just an item on IT departments checklist. It was done on a regular schedule, and if their data backed-up then most were good to go. With the proliferation of Ransomware, attackers are now directly targeting organizations' data, not only in the production environment, but also compromising their backups. This has led to backups and the subsequent data recovery process to be one of the most important security issues today. Let’s face it, if a company cannot access their data, they are dead in the water.
With large criminal enterprises, state sponsored attacks, to the person in their basement downloading Ransomware-as-service software from the dark web, no company or organization is immune to an attack. It is no, longer a question of “if” it is a question of “when”. The speed and frequency at which attacks are happening is increasing, but many companies do not have a solid recovery plan, or if they do, they have not tested it. Also, since backup was usually just regulated to someone as a task, many organizations do not have the staff or resources to handle their recovery.
Here are some key items companies should review to mitigate the harm from a Ransomware attack:
- Ensure that your backup is immutable, so hackers cannot get to and/or encrypt your backup data.
- Figure out your tolerance for potential data loss, and time you can be without your data, and create appropriate RPO (Recovery point objective) and RTO (Recovery Time Objective).
- Ensure you have an updated Disaster Recovery (DR) plan in place.
- Test your Disaster Recovery plan on a regular basis.
For tips on how to select a backup vendor, download our Top 10 Tips.
If you want to hear more of Assured Data Protection’s thoughts on Backup and DR, watch our Fireside chat videos.