5 Steps to Manage Backups and Recovery
One of the most important security hygiene practices that all individuals and businesses should maintain is backing up their data and systems. Without backups and recovery in place, a small problem can quickly turn into a very big one.
Having a strong backup and recovery system means that, if you get hit by malware, a natural disaster occurs, or user error causes data loss, you can often restore it quickly and affordably.
There are dozens—if not hundreds—of backup and recovery services out there today. Yet there are still organizations who don’t have a backups and recovery strategy in place. It’s time for that to change.
One Good Reason to Back Up: Ransomware
Ransomware is a very prevalent form of cyberattack, and it affects businesses and organizations of all shapes and sizes. Every 40 seconds, a new victim is hit. Six out of 10 malware payloads included ransomware in the first quarter of this year. Ransomware has struck hospitals, schools, and even government municipalities. Recent outbreaks like Petya and Wannacry have led to splashy headlines and major consequences for those targeted.
Many organizations see these stats and headlines, and are scared and unsure of what to do. We’re here to tell you that the simplest way to protect yourself against ransomware is to implement a strong backups and recovery system. If your company has a viable backups and recovery plan, ransomware won’t be able to do much damage to you. (Our post on the ransomware lifecycle explains why.)
Moreover, in the age of ransomware, it’s become increasingly important to ensure that your backups are functional and recoverable. The worst position to be in is one where your company is attacked by ransomware, and you aren’t able to recover the data that has been encrypted and held ransom.
5 Tips for Backups and Recovery
If you don’t have a good backup system, or haven’t reviewed your procedures recently, check out our tips below to get your organization prepared.
- Keep it Simple
For many small businesses, the simplest solution may be the best when it comes to backups. Both Apple and Microsoft have backup software that comes with their operating systems. Configuring these built-in solutions to save backups to a network drive is a good, affordable option that’s worth considering.
That said, as businesses grow, the need for a more complex backup system may arise. You may need more options in terms of how data is stored, how often snapshots are taken, and how much visibility you have into each computer’s backup status. However, simplicity is still key even at this stage. It’s better to have a backup system that is easy to understand and allows for easy data recovery when needed than to have something with a long list of settings and a complex recovery process.
- Don’t Rely On Your Users
I’ve often seen companies that give external hard drives to their employees and kindly ask them to perform regular backups. Ha…
I’ve been one of those employees, and I’ve definitely been guilty of neglecting this. It’s too easy to forget to plug the drive in and go for a month without backups. Most backup software can work with a network drive. Configure this for your users so that they don’t even have to think about it. Disasters always seem to strike when people are least prepared, so take the active requirement out of the equation and make backing up an automatic background process.
- Understand the Value of Your Data
When configuring the snapshot intervals of a backup system, it’s important to consider the value of your data. The more valuable your data is, and the harder it would be to replace, the more frequent your snapshots should be.
Ask yourself: If a system goes down and the data has to be recovered, how hard will it be to restore the data back to the state it was in? For less important data, maybe a daily or hourly snapshot will be sufficient. If documents can be recreated with an hour of effort, then filling up a hard drive with snapshots each minute may not be necessary.
On the other hand, minute-by-minute snapshots are likely necessary for servers that process business-critical information. Evaluating the value of data on each system type will help determine not only how to configure your backup system, but also what type of systems to invest in when looking to upgrade.
- Choose Backup Locations Wisely
When it comes to storing your backups, you need to decide not just what type of device to save the data on, but where that device should live in the real world. Backing up all of your computers to a network storage device that is located in the same building is the logical first choice until a fire or some other disaster strikes. Backups are no good if they can suffer from the same demise as the systems that they are backing up.
It’s good practice to have some kind of off-site backup location. Generally, the rule of thumb is 3-2-1: three copies, stored in at least two places, one of them offsite. Cloud-based backups are a good way to satisfy the off site requirement. The method and location of the storage will be determined by how much data there is and how sensitive it is, but the end result should be regular, redundant backups that keep your business protected.
- Test Your Recovery Systems
This is definitely the most important step in any backup and recovery strategy. In the case of an actual incident, when data is compromised and the CEO is yelling at you to restore it quickly, you want to be absolutely clear about the process. You may think that you will easily remember how to do it, but in these situations it’s easy to make a mistake. Plus, what if you know how to restore the data but it’s your vacation day and the other IT admins don’t know how?
The backup and recovery process should be written down, reviewed with the team, and regularly tested to ensure both that it works and that the process is documented clearly. It’s always better to prepare ahead of time than to be scrambling to figure out how to restore data in the moment because you only skimmed the manual once and never actually tried it yourself. The best way to test this is to run through a fire drill: Imagine that one of your users gets ransomware. How much data was lost and how long does it take you to recover? If you can’t answer those questions, or don’t know the steps to recover, then it’s time to revisit your strategy, retrain your people, and get better prepared for a real-life event.
Final Words of Wisdom
Of course, beyond backups and recovery, you want to make sure that your systems are well-protected from a wide variety of potential security incidents. Using a DNS-based protection solution like Strongarm means that, whether you get hit with a phishing email, ransomware, or a malvertising attack, your systems will be kept safe.
Want to learn more best practices for keeping your organization protected? Take our Security Grader quiz and check out the recommended next steps based on your posture.