These days, organizations are forced to navigate uncertain waters, resources are stretched as thin as ever, and workers are adapting to new workstyles. Through it all, Peters & Associates wants you to know that we have your back. As part of our 6-part webinar series, every two weeks we’ll be sharing solutions for supporting, managing, and securing your IT environment – whether workers are back in the office or working from home. Check out the schedule below to catch up on webinars that you’ve missed or register for our remaining webinars.
- July 8th, 2020, 11:00 AM Patch Management – Check out the recap blog here!
- July 22nd, 2020, 11:00 AM Endpoint Protection – Check out the recap blog here!
- August 5th, 2020, 11:00 AM Backup & Recovery – Check out the recap video below!
- August 19th, 2020, 11:00 AM Securing Office 365 – Register here!
- September 2nd, 2020, 11:00 AM Security Awareness Training – Register here!
- September 9th, 2020, 11:00 AM Managed SIEM – Register here!
On August 5th, we held our third webinar in our series, Backup & Recovery. During that presentation we discussed the role that backups play in your security strategy, configuring reliable backups, and how Peters & Associates helps our clients to develop and manage a reliable backup solution. Read on to get caught up or check out the full recording below.
Backup Data: Your Last Line of Defense
In the past, you may have primarily thought of data backup as protection against accidental deletion, hardware failure, or application corruption; today its most critical function is security. In 2017 business continuity provider Datto, released a report that found that 96% of small businesses that were struck by a ransomware attack and had a reliable backup and recovery solution, were able to fully recover. In that same report, they found that 40% of small businesses that were victimized by a ransomware attack and did not have a strong
As we’ve discussed and written about before, a good cyber security strategy contains multiple layers. The National Institute of Standards and Technology (NIST) divides security into 5 stages: Identify, Protect, Detect, Respond, and Recover. As you might expect, data backup & recovery fits under the “Recover” stage of the NIST Cyber Security Framework.
The different layers of your security framework work together to help protect your organization. The philosophy of a layered security model is that some methods could fail – a user trained in cyber security might still click a link that they shouldn’t or a piece of malware may evade your traditional anti-virus solution – but you have other layers to secure your business. When other layers fail the most efficient way to recover is to reload data from backups.
Of course, cyber criminals are always evolving. More recent attacks have exploited unsecured or mismanaged backups. As ransomware attacks have become increasingly common, the importance of well-maintained backups has also increased. What defines a well-maintained backup?
Developing a Secure Backup Strategy
All backup strategies are not created equal. As cyber criminals have gotten more sophisticated, they’ve learned to target backups to force the victim to pay. What does this look like? There are few different ways that this has played out in “the wild.” Some strains of ransomware have been developed specifically to target and encrypt backup data first. In other attacks, ransomware is designed to identify and delete backup files before an attack. One such example of the former was revealed in the indictment of two Iranian men for deploying ransomware to several hospitals.
…the defendants maximized the damage caused to victims by launching attacks outside regular business hours, when a victim would find it more difficult to mitigate the attack, and by encrypting backups of the victims’ computers.
So, how do you design a backup strategy that provides protection for evolving threats? Backup software vendor, Veeam, coined the “3-2-1” strategy for backups. That strategy dictated that you should maintain 3 copies of your data, on 2 different storage mediums, with at least one of those copies stored offsite. Considering recent examples of criminals targeting backups, we’ve amended this strategy to “3-2-1-1.” The final “1” refers to storing at least one copy of your data offline.
Having a copy of your data backed up and stored offline, or “air gapped,” provides organizations with a last resort in the event that they become victims of a ransomware attack.
Essential Managed Services: Backup & Recovery
Effective backup & recovery extends beyond using the latest technology and leveraging the 3-2-1-1 framework. You need a team to review backup jobs, quickly remediate backup issues, regularly test recovery, and respond to data recovery needs.
P&A provides data backup & recovery services for physical, virtual, and cloud-based servers. Our team reviews backup jobs daily, remediates any backup errors, tests recovery, and provides data recovery assistance 24×7. In addition to our ongoing services, we will implement your new backup solution with options for local, cloud, and offline backup storage.
Let our team help you shoulder the load with management of your data backup & recovery so that you can focus your energy on supporting your employees and advancing your organization.
Looking to Learn More?
- You can download the slide deck here.
- Watch the full webinar here.
- Watch the short recap below