A quick Google search on recent ransomware events will highlight the sad state of our current world. Our data has monetary value. Those who can hold it hostage are able to extract a financial sum for its (supposed) return. Managing your data assets properly is becoming a vital skill. Unfortunately, protecting your data from ransomware is an often overlooked part of the puzzle.
During our time in the industry, it has become a common experience to get a phone call from a client seeking to recover from the unthinkable. Maybe it is because we consider this act as “unthinkable” that ultimately gets us all in trouble. Preparedness is key to ensure that when a disaster does happen. Be it a virus or a targeted attack, your organization is able to quickly return to normal operations.
Here are five quick ways to ensure you’re prepared for the risks associated with living in a data-centric world.
Test the ability to backup and restore data
Sounds like a trivial starting point, but yes, in order to protect your data from ransomware your backups need to actually work. It’s just as important to ensure your restores work too. Unfortunately, we have seen too many organizations compromised and unable to recover because they ignored warnings and alerts that their backup jobs were failing. If we’re simply ignoring the system that is designed to protect against data corruption and failures, why do we even have it in place?
Test a few restores. Can you get the data back? Do you have a schedule for these tests? Can you automate them?
Can you access and return important data required to support core systems…and just as importantly, do it within a timely fashion?
Understand where all your data is today
In today’s hybrid cloud environments, data distribution and management is an evolving problem for technology teams. Our end users have access to SaaS applications and other cloud services with a simple credit card swipe.
If that data isn’t managed by your corporate technology teams, do your end users understand the risks associated with their decisions? Do they understand where your responsibilities and capabilities start and stop?
We can support your exploration of shadow IT, so you can properly educate your end user teams. Educating users while also understanding their needs should strengthen your overall services execution. Most importantly, this ensures you data protection strategy is in alignment with the data they are generating and leveraging to drive organizational impact.
Keep a copy of your data offline
Getting data offline is often an overlooked step in protecting your data from ransomware. Realize that offline and offsite are different. The importance of this step lies in protecting yourself from nefarious external action. If someone nefarious is inside your network, they commonly disable your access to your data protection mechanisms. They will fill up your backup storage targets, lock away backup access, or simply just delete your backup server. These steps create highly detrimental outcomes.
A quick checklist for this step includes the following:
- Build a separate network for the target
- Randomize the job
- Ensure your backup vendor supports the design
Today’s back up vendor market has a few different approaches here. Established market players have service-related solutions that you purchase to automate this process for you (for example, DellEMC’s Data Domain). Software-centric solutions, like Veeam, will suggest you set up a target within a DMZ and automate a data pull. New market entrants, like Rubrik, offer a different approach with their immutable infrastructure.
We explore managing your data management strategy more in our post titled “The Advantages of Leveraging a Cloud-Based Data Management Strategy.”
Tightly monitor and control access to your systems and data
This can be a big ball of yarn. Exploring your possibilities here can be time consuming and exhausting. An easy starting point for the journey would be through your basic Identity Management Strategy. We can help you explore these options based on your system investments, processes and requirements.
As we discussed in 6 Things to Consider when Deploying MFA, we highly recommend deploying multi factor access controls across your network. Integrating your security posture and controls within your backup strategy ensures you are tightly controlling access to a key business asset…your data!
We often default to only leveraging multi factor authentication to protect end user access within the client environments we serve. But, it’s important to recognize the layering these controls across your IT assets and service mechanisms is an important layer of your security posture.
Leverage a manufacturer supported protection mechanism
As mentioned in step 3, ensure your offline copy is supported by your manufacturer. In the event of a compromise, you will need all the resources at your disposal to recover. The last thing you need is your technology vendor(s) telling you that your data protection environment isn’t supported!
Whatever vendors you choose to build around, it’s important that the solution has been tested and validated within their architectures to work. The value to you is when “the unthinkable” happens, you can leverage their support mechanisms to return services to your business.
Where this may not be a comprehensive list to ensure you’re fully protected, you can look yourself in the mirror knowing that through the implementation of this list, you’re in a better spot tomorrow that you were yesterday.
Like anything else, protecting your data from ransomware can feel like a daunting task. If you’re at a point where you don’t know where to start, or if you just want a technical expert to walk you through this journey, hit us up! We’ll gladly share our expertise in protecting your data from ransomware…or maybe it means modernizing your back up strategy. Whatever the case, we’ll align to your goals to make sure we make it a reality.
3 thoughts on “5 Beginning Steps to Ensure Your Backups are Protecting Your Data from Ransomware”
Pingback: Four Simple Methodologies to Modernizing Your Data Management Strategy - Elevate Technology Partners
Good ideas in here! Since “recoverability” is so important in Ransomware attacks, I’d argue that setting the RTO/RPO goals is probably a step you’d want to make as well. Good stuff!
Pingback: Easy Technical Steps to Improve Your Security Posture