Top Five Backup Tips to Secure Your Data

Written By Ruth Romano

Data breaches have surged in the last few years because cyber criminals know how valuable data is to organisations and will do whatever they can to find and exploit profitable vulnerabilities.

Ransomware attacks have now evolved to incorporate the threat of releasing compromised data whereas traditional attacks involved locking down systems until a ransom was paid. According to various industry sources such as The Gartner Report, 2021 was the worst year on record for ransomware attacks which reached 470 million, an increase of 148% on the previous year.  

Given the current cyber threat landscape, it is crucial that organisations have plans in place to prevent the loss of critical data in the event of a cyber-attack, in particular ransomware attack. Backups of data are essential for incident response and disaster recovery. In the age of multi-region cloud resilience backups may be seen as old school but their role in an organisation’s incident management and business continuity strategy and planning is probably more important than ever before.

Many information security standards and frameworks such as ISO 27001 and SOC 2 specify a requirement for organisations to be carrying out and testing backups.

So how can backups help your organisation resume normal operations in the event of a cyber-attack? 

1.     Identify Your Critical Data and Where it is Stored

Do you know what critical data you have and where your critical data is stored? Organisations often get caught out by having rogue data in copied spreadsheets or in historic hosted databases. It’s a great idea to create a data flow chart and document what data you have and where all of your data is stored for each department within the organisation. It goes without saying that you cannot backup all the information that you hold and in doing so you may be in breach of some regulations. You need to make informed decisions about what essential data should be backed up to minimise disruption to your organisation or your clients’ operations in the event of a cyber-attack. Think about the data that your organisation will need to get back up and running and store essential data for the appropriate amount of time.

2.    Schedule Regular Backups

How your organisation uses data will inform how often it needs to be backed up. Backups that can be backed up incrementally are much quicker to restore. Think about how often data in your system changes and then schedule backups accordingly. Think about your recovery point objectives (RPO), what point you need to go back to when restoring the data and recovery time objectives (RTO), how long it will take to restore the backup. Think about internal requirements to determine your backup schedule e.g. how often does the data you store actually change and external requirements e.g. what SLA’s or contractual requirements do you have to meet with your customers. Ultimately, it’s horses or courses – for example if you only make changes to your website once a month you don’t need to back it up every day.   

Backup tips

3.       Store Backups Offsite

Ideally you should have one back-up stored securely off-site or in an alternative location because if you have a problem accessing your infrastructure because of a ransomware attack you don’t want to be locked out of your backups, do you? If possible, ensure alternative location backups are synchronised and segregated, but worst case scenario even if the off-site backups are a month old, it’s better than having no backups at all. External backup devices shouldn’t be stored next to laptops, should be encrypted, and should ideally be kept in a secure storage box or safe that is fireproof and waterproof.  

And as more employees shift to remote working this should also be taken into consideration and each employees device should be synchronised and backed up to the cloud.

4.       Secure Backups

Don’t automatically think that backups are safe as backups themselves have become targets for cyber criminals too. Think about access management strategies – who has access to backups and who actually needs access to these backups? And use encryption to protect backups in transit and at rest, so that sensitive data is not compromised.  

5.       Test Backups

You may have backups in place, but this doesn’t mean that you can rest on your laurels. Regularly review and test disaster recovery plans to confirm that ransomware attacks won’t impact the integrity of any backups. You should test your ability to restore data backups as part of your organisation’s incident response strategy. This should be practiced regularly to ensure that backups work effectively in the event of a successful attack and you won’t find out that you’ve been backing up the wrong data or can’t recover the data you or your client actually needs within the time frame you have agreed to. It’s a great idea to document the backup recovery process to help speed up the backup recovery process and make a note of any lessons learned when you do test, as this will help to improve the process.

So to wrap up, identify what and where the data is that you’re going to backup, schedule regular backups, keep a backup offsite, keep backups secure and carry out tests of the backups.

 

Contact Romano Security Consulting today and let us help to put you on the right track to secure your organisation.

T: 01625 315 021

E: enquiries@romanosecurityconsulting.com

Ruth Romano
Previous

What’s New in ISO 27001 2022?
Next

ISO 27001 2022 Update