Backing up your business is about more than preventing data loss | #itsecurity | #infosec


Article by Aura Information Security, principal advisory consultant, Alastair Miller.

It’s hardly news that backups are a crucial part of doing business. The trouble is that they tend to become most crucial directly after the realisation that one wasn’t done properly. 

What is less appreciated is that backups today are about a lot more than data protection and must also extend to protecting against cyberattacks.

Properly deployed, your backup and restore regime will absolutely protect your data from destruction or accidental deletion. On top of that, it’ll give you resilience against cyberattacks of all kinds.

Cyberthreats are part and parcel of doing business today. If you use the internet or a computer and any one of a multitude of devices and services, you’re just as at risk as anyone else of becoming the target of malicious activity.

Unfortunately, there’s a thriving industry of ‘bad actors’ seeking to get in and wreak havoc. Some might do so because they want to watch the world burn, but most are simply after money.

Whatever the motivation, cyberattacks can be devastating, halting your operations and causing loss of income and brand reputation. For some organisations losing all their data can put them out of business.

The typical protection against these threats includes cybersecurity measures like antivirus, intrusion detection and protection, firewalls, network security controls, etc. We call these layers ‘Defence in Depth’.

This is also where backups come into play.

Should all these other measures fail – because they can and do – you can roll back your compromised data to a point before the malware ingress. The simplest way to appreciate the value of a rigorous backup and restore regime is that it saves you a huge amount of hassle when things go wrong.

That’s all easily understood on a conceptual level, and most good backup services will provide this kind of protection. A full backup is usually performed initially and establishes a full copy of your data. Then, differential backup kicks in when data is changed or created, protecting the new data. Finally, incremental backups protect data that has changed since the last backup. 

Generally, your business will use some combination of these three to balance cost, time, and data protection requirements. Your backup frequency is also determined by several factors, including business type, budget, compliance requirements, etc.

But, problems remain. Even in the small businesses, which define much of the New Zealand commercial landscape, there is a high degree of complexity in the systems used to get work done.

There’ll be some Xero, perhaps Microsoft 365, and some AWS or Azure services. This is then joined by dozens of other popular cloud services and a smattering of on-premises devices, data and services. The complexity only intensifies for medium and larger enterprises.

However, many backup regimes only account for some of the infrastructural spaghetti-bowl. The same could probably be said on the lower end for the protections in place. You need a holistic approach to backups, casting the net wide and taking in data on all devices and services.

It isn’t enough to rely on cloud services like Microsoft 365 or Xero to provide complete protection for your data. A common misconception is that if it’s in OneDrive or SharePoint, it’s safe. The truth is, these are applications and were designed primarily for purposes other than backup and restore.

The best option for almost every business is a purpose-designed cloud backup solution, preferably administered by a Managed Services Provider (MSP).

Such a solution should include encryption, along with the combination of full, incremental and differential backups. This will ensure that even if your data is breached, it is completely worthless to anyone wishing to exploit it.

At a surface level, backups protect against data loss. Looking deeper, however, a sound backup strategy lets your organisation minimise the impact of a hack, malware injection or any other compromise by rapidly restoring data to a point before the compromise. 

Let’s say ransomware gets into your network, your company’s systems are locked, and your data is encrypted. You could pay the Bitcoin ransom and hope the decryption tool is supplied and works – but there are no guarantee cybercriminals will honour this, and this goes against advice from CERT and other government cyber agencies.

Alternatively, you could restore last week’s data and carry on as before. While the backup may not reverse the damage caused by the breach or attack, it will enable your business to continue to operate, reducing your system downtime and minimising financial and reputational damage. 

An MSP is a good option because while a backup is easy, good backup and restore isn’t. 

A good backup and restore process establishes a suitable frequency for backups of various types, regularly tests the backups and your overall response plan, and covers all data.

An MSP makes sure your data is appropriately protected and sets things up so you can easily achieve point in time data restoration. And that means not only is your data protected, but in a broader sense – your business is too.

With cyber-attacks growing in number and complexity, there’s never been a better time to set a cadence of regular reviews of your backups as part of your overall incident response plan.

It’s imperative to make sure your backup strategy meets the needs and complexities of your systems and data now – rather than finding out after a breach that it’s not up to standard. 



Original Source link

Leave a Reply

Your email address will not be published.

nine + one =