One of themes of the forthcoming ‘Cybersecurity Awareness Month’, which is marked in the U.S. each October, is the importance of ensuring data is secure and backed-up (and also that data is archived and retrievable).
The purpose of the backup is to create a copy of data that can be recovered in the event of a primary data failure. If this is performed badly, it can provide a back door for criminals to exploit.
Under the worse scenario, ransomware (and other malware) can often move to attached storage automatically, which means any such backup could also be infected, leaving you with no backup to recover from.
To gain an insight into the importance of regular and reliable data back-ups, Digital Journal asked the opinion ofJG Heithcock, General Manager of Retrospect, which is a StorCentric company.
Heithcock explains tat a weak and poorly protected back-up represents an easy route in for rogue actors. He says: ““Today’s cyber criminals are attacking backups first, and then once under their control, coming after production data. This means that many enterprises are feeling a false sense of security, until it is already too late.”
Heithcock’s advice to businesses is to invest in a reliable data capture tool. He explains: “I like to say, ‘backup is one thing, but recovery is everything.” In other words, choose a backup solution that ensures the recovery piece (which surprisingly, not all of them do).”
In terms of key advice to businesses, Heithcock recommends: “Look for a provider with vast experience, as well as a track record for continuous innovation that ensures its offerings are prepared to meet prevailing conditions.”
He adds that to be effective, then: “The solution(s) should provide broad platform and application support and ensure protection of every part of your IT environment, on-site, remote, in the cloud and at the edge.”
Following this, Heithcock puts forward: “Next, the backup solution should auto-verify the entire backup process, checking each file in its entirety to ensure the files match across all environments, and you are able to recover in the event of an outage, disaster or cyber-attack. And, as a last but highly critical step — at least one backup should be immutable — unable to be altered or changed in any way, at any time.”
The expert concludes his advice to readers, saying: “Even if the ransomware took a ride along with your data to your backup site, during the last backup.”