In 2021, the number of ransomware attacks doubled compared to 2019. Data is the latest industry driver and is becoming a recurring target of ransomware attacks. Protecting mission-critical data is a top priority. But what if the digital firewall fails or you get hit by a worst-case scenario attack? Then only a backup can help.
One year ago, in Strasbourg on the Rhine, a data center was hit by a worst-case attack, and the cloud provider lost the data of thousands of customers. Unlike a ransomware attack, this data can’t be recovered by paying a ransom—it’s gone unless you have a backup.
If you haven’t considered it before, on World Backup Day it’s time to think about how you’re backing up your data and keeping your information safe from digital thieves.
Who Takes Care of the Backup?
Ransomware is a malicious file that infiltrates systems and encrypts files. Access to these files is then denied, and, like a digital hostage situation, the data can be ransomed. An attack like this is less of a problem with a functioning backup as it’s relatively easy to restore the files from the backup and paying a ransom isn’t required.
It doesn’t hurt to create a backup yourself even if your provider offers a backup service. Consider the following points when it comes to protecting your data with a backup:
- Never rely on your chosen cloud provider to automatically back up your data.
- Beware of cheap cloud offers—these usually don’t include a backup.
- When it comes to backups, the cloud provider and customer usually share the responsibility. The provider guarantees the security of the data; however, the backup of the data is up to the customer.
Consider a Multi-Layered Approach
Consider a multi-layered approach when planning your backup strategy. This starts with a file system that uses copy on write—if you change something somewhere, then a copy is automatically made. You can also create snapshots using certain video management systems. These save the status quo of the edit and archive it. If you change something during video editing, or if the changes you made are not what you expected, you can simply fall back on the snapshot—a mini backup designed to simplify your work considerably.
Hot, Cold, Offsite Backup—Better Safe Than Sorry
There are two main differences when dealing with backed-up data: hot backups and cold backups. A hot backup is always actively connected to the system and continuously mirrors data. This makes it easy to roll out the backup in the event of a system failure. However, in the event of a ransomware attack, this hot backup might also be encrypted. This paralyzes the operation because you have no data to fall back on.
This is when you’d consider creating a cold backup. A cold backup isn’t permanently connected to the system. It’s connected once a week, for example, recorded with the backed-up data, and then disconnected after. Where there is no connection, no harmful encryption can take place. If you want to be on the safe side, consider an offsite backup. In this case, the backed-up data is located at a different site, completely separated from all systems.
The High Value of Backup
Backups should be subject to the same security rules as main data. This includes sharing processes, permissions, and physical and digital security measures. Backups aren’t only a simple copy of mission-critical data—they’re a guarantee you’ll be able to resume operations as quickly as possible in the event of a failure. This makes backups equally, if not more, valuable than the actual data. Therefore, you should generally give them a high priority.
Thanks to digitalisation and remote working environments, organizations’ business practices are shifting more to digital environments. But this is where greater and more dangerous activities lurk. It’s become necessary to resolutely counter data theft and digital hostage-taking resulting from ransomware. On World Backup Day, ask yourself: What is the status of my backup?
Discussion about this post