October 2023 marked the 20th Cybersecurity Awareness Month. It’s an important time of year to come together as an industry to spread awareness of security best practices. There was naturally lots of good advice on strategy and approach, new shiny pieces of tech launched or, with it being Halloween, a fair few scare stories hitting social media platforms to frighten the c-suite into submission.
Reflecting on all the buzz around Cybersecurity Awareness Month, I realised that I have just one, simple message for everyone and that is: It’s the old Scout’s motto, ‘Be Prepared’.
Having been in the industry for 20 years, I can comfortably say that backups, and more specifically immutable backups, have never been a hotter topic or more in demand as they are today. Why? Well, since the evolution of ransomware, more of our customers have been victims of ransomware attacks. In fact, it seems that ransomware attacks continue unabated, with the greatest number of attacks occurring in 2023. According to Statistica, as of 2023, over 72 percent of businesses worldwide were affected by ransomware attacks.This figure represents an increase from the previous five years and was by far the highest figure reported.
Any data that is needed for a business to function or has relative value and can not be simply recreated needs to be protected. Therefore, preparing and testing your backup and disaster recovery (DR) setup should be right at the top of the to-do list.
How to prepare for your DR plan
A DR plan can consist of many things and recovery of IT systems is only one component. The key parts of any plan should include: contact details for staff and external organisations, what protocols and procedures need to be done in the scenario, expected order of events and expected timeframe of which things should be done, if staff relocation is in order, how will this happen and where do they need to go. A complete DR Plan looks at all aspects of a DR scenario not only within IT but as an organisation as a whole.
IT teams need to work to plan the invocation runbook, defining networks, subnets and connectivity requirements, along with customer AD and DNS controllers, and recording the boot sequence of each server, before bringing everything up and testing the recovery.
Prepare to test or prepare to fail
Test, test and if in doubt do another test. All modern solutions should have built in integrity checks and data continuity checks. However, you only really know if you can recover your data if you do it. All sorts of issues and unforeseen circumstances arise when you try to recover your systems.
We encourage DR testing annually, to guarantee your DR solution continues to function and perform, and that data can be recovered according to company RTO and RPO objectives. A top tip is to distinguish between a DR test, and a DR invocation, as tests should never pose any risk to the production environment and will be conducted in total isolation from all production and cloud connectivity.
Assess what applications you need to have backed up and running to operate as a company. This analysis often helps you to better form RTOs, which in turn helps to form a cost benefit analysis on the different types of backup and recoveries available on the market.
Plan for immutable backups
Immutable backup is the ultimate safeguard against data loss in the event of ransomware attack or other serious data related event. Having immutable backups in place provides the assurance that if the worst does happen, your servers, applications and data can be brought online quickly, allowing your business to continue operating with minimum disruption – addressing one of the major concerns of businesses today.
There are a number of options open to customers when looking for an immutable backup solution but only one that is built from the ground-up, with native immutability can claim to offer the highest standards of protection and reassurance. Rubrik’s platform occupies that space, with unmatched levels of security. For example, even a full administrator of the platform can’t disable immutability. It’s built into the platform and can’t be turned off – even by Rubrik. In this way, it becomes a black box appliance that can’t be compromised by a hacker. On top of that, the platform is constantly being strengthened to limit the potential damage of data compromising events.
Be prepared for a worst case scenario
Seeing that data is the lifeblood of most organisations, and the loss of your data or access to your data would affect the running of your business, we suggest that you beg, borrow and steal from other budgets in order to ensure you have a good backup and DR solution in place. There are cost effective solutions out there that you can employ, but the old adage of you get what you pay for comes into play - especially when it comes to dealing with a data loss scenario that involves a ransomware attack. The key thing is ensure that your backup data is immutable, and whatever DR solution you put in place, you test on a regular basis. If you don’t, we know from experience that a majority of DR plans and solutions fail. Being prepared for a catastrophic data loss event is the best thing you can take away from Cybersecurity Awareness Month.
