When you consider that 93 percent of companies file for bankruptcy within 12 months of a disaster that blocked access to their data for 10 days or more, planning for the worst is just smart business. But keeping systems running without interruption is ongoing and often resource draining. With data everywhere and ever-growing, and IT environments ever-changing and expansive, countless disparate systems still need unique management – and a backup plan.
However, with ransomware adding backups to its list of targets, it’s no longer enough to have a traditional backup solution in place. Managers must employ a new-generation strategy to protect their business’ most valuable asset – or else risk suffering costly downtime.
To ensure you can take a crisis in stride, follow the five tenets of the most secure backup.
Prioritize security
Eric O’Neill, a former FBI counter-terrorism and counter-intelligence operative, explains that “businesses today are up against a rising tide of threats. Cybersecurity threats and data espionage are more prevalent than at any other point in our history – contributing to an anticipated $2 billion loss due to ransomware this year. What is scarier is malicious attacks are no longer limited to hackers; ransomware-as-a-service kits can be purchased for a mere $39 by anyone with low moral standards and a desire to generate a few dollars.”
Unfortunately, this means that the wrong backup solution can provide a false sense of security: legacy backup products don’t approach data protection with modern threats in mind, resting on their laurels to provide backup solutions alone. Businesses need to work with a solution that assumes the worst and integrates security at every opportunity.
Employ a ransomware “bouncer”
As O’Neill describes, damage caused by malware and ransomware isn’t restricted to online systems – bad actors increasingly target and corrupt off-line backups. While legacy solutions don’t address this concern, modern backup solutions can.
For example, differentiating bad system behavior from good behavior can be an exceptionally powerful approach – one that is now possible by leveraging artificial intelligence and machine learning. Anti-ransomware defenses built with these technologies can actively recognize and interrupt malicious activity, like a bouncer who steps in to stop bad behavior before any damage occurs.
While traditional anti-virus software can be effective to detect known threats, this new additional ability to spot and stop troublesome activity makes it possible to identify ransomware strains that have never been seen before. The result is a data shield that keeps everything secure – including backup files.
PRO TIP: When running two or more solutions, just be sure they work well together so neither impacts the other’s performance. Also, cutting-edge solutions should be able to automatically restore any files impacted by an attack. Make sure these key functionalities are on your solution’s checklist
Engage a complete solution
Keeping a business running requires securing the entire IT picture (physical systems, virtual systems, cloud services, and mobile devices). This means engaging a complete backup solution that integrates numerous advanced security-oriented technologies – and works alongside others. With each line of defense working separately but together, managers can combat increasingly sophisticated, invasive and damaging threats to their operations.
Of course, reliable, fast disaster recovery must be integrated into the backup solution in case a disaster does happen. That way backups are not only ready and waiting when needed, but accessible in an instant.
PRO TIP: Look for backup solutions based on a Secure Development Life Cycle (SDLC) approach, so you know the entire development process prioritizes security – that’s what helps secure it, start to finish.
Add value with progressive technologies
There’s a reason blockchain is all over the news – it is a tamperproof technology in a security-compromised world. Specifically, blockchain uses sophisticated cryptographic fingerprinting to make it difficult to break the code of the data it conceals. In the case of backup solutions, blockchain can ensure data is authentic and unchanged – so you know it is safe to use.
Meanwhile, to prevent unauthorized access via brute-force attacks, particularly progressive solutions will integrate industry-grade encryption (e.g. AES-128, AES-192, AES-256 and GOST algorithms) and employ machine-based encryption, so each machine has a different key.
PRO TIP: If your business or industry demands that critical data be verifiable, backup solutions that integrate blockchain technology can help ensure compliance.
Secure off-site cloud storage
While ransomware is a new threat, natural disasters and human error still pose a danger. The reality is, it’s not just about having a secure, complete backup – where it’s stored matters, too. Having a healthy, accessible copy located off-site is essential. By leveraging the cloud, managers can optimize their backup by securing data off-site.
In addition, the new Archive 3 data storage format heightens security of cloud backups. It also makes it possible to replicate data to any additional remote data center, such as the popular Amazon Web Services (AWS) or Microsoft Azure.
PRO TIP: To prevent unnecessary fines, be sure your data center is compliant with standards such as the EU’s General Data Protection Regulation (GDPR), ISO 27-001, and HIPAA.
Final thought
With a single unplanned downtime costing an SMB an average of $256,000, investing in a modern backup solution can save a business’ bottom line and reputation (source: IDC).
When guided by the five tenets of the most secure backup, businesses will find a data protection solution that stays on the offense with cutting-edge security features built-in at every stage. Solutions that work in tandem with other defenses and include off-site storage help enhance data security. Add to that fast, reliable recovery, and you’ve got a modern solution that can tackle today’s data threats.
This post was originally published on the Acronis blog.
