TECH INTELLIGENCE: Cover your rear

The importance of data backups in protecting your vital information

Carl Mazzanti//September 9, 2024//

Circuit board cybersecurity concept

PHOTO: DEPOSIT PHOTOS

Circuit board cybersecurity concept

PHOTO: DEPOSIT PHOTOS

TECH INTELLIGENCE: Cover your rear

The importance of data backups in protecting your vital information

Carl Mazzanti//September 9, 2024//

Listen to this article

As bad actors mount more attacks, an experienced provider will advise clients to protect their data on multiple fronts. Your first line of defense, for example, should encompass a bundle of layered digital defenses and advanced employee training. But these “front end” safeguards may not be enough. Smart organizations are protecting themselves by backing up their data as a precautionary measure.

Carl Mazzanti
Mazzanti

New technology, like artificial intelligence, has helped cyber criminals improve their attacks. They not only target your data but are also increasingly attacking data backups, making their threats even more serious.

Ransomware is a favorite strategy of bad actors. In a smash-and-grab attack, a cyber criminal steals your important data and locks it so you can’t use your crucial information. Next, they will demand a ransom payment for the data.

Backups represent a sound ransomware defense. Instead of paying to get their critical data back, victims can restore their information from backups and continue without issues.

But what happens if your backup fails or if the ransomware hits the backup itself? According to a recent report, 94% of organizations that were attacked by ransomware in the past year said their backups were also targeted by cyber criminals.

Organizations can protect their backups by using a 3-2-1 backup strategy with the help of their cybersecurity partner. With a 3-2-1 strategy, you’ll have three copies of your data on two types of storage, and one copy stored offsite. Typically, this will mean the original data, a local backup stored close by, and an off-site backup. This approach reduces your risk by duplicating and segregating your sensitive data.

The local backup provides the convenience of accessibility because it connects to your primary environment. But this also makes it more vulnerable to an attack. That is why two more backups, which are “air gapped” or disconnected, are essential. Because they live offline – isolated from the main networks – bad actors have no way to reach them.

The act of conducting periodic backups, though, will not guarantee protection. Even without an attack, backups may still fail because of software glitches or media failure. Data can get corrupted from storage problems or human errors during backup setup.

Your cybersecurity partner can help you test your backups regularly to make sure you can recover your data. This allows you to restore all files to a clean system with the same data as before.

Your testing should confirm that your backup supports “immutability” — a status that ensures that someone cannot change or delete something. This plays an important role in protecting backups from ransomware. Once someone creates a solid backup, they cannot change it. It can only be deleted after its retention period ends.

Another key safety component involves access controls. Only authorized people should access backups when necessary to change or delete them. To confirm a user’s identity, use strong methods like multifactor authentication. Also, implement access controls that connect permissions to a user’s role in the organization instead of to the individual.

To make backups more secure, use “versioned backups” which are multiple snapshots of data at different times. Unlike a traditional backup that simply overwrites the previous copy, versioned backups preserve multiple past states of your data. This way, if someone changes or deletes a file, you can restore it to a specific version before the change occurred.

Versioned backups are important because they let you restore your data to a safe state after a ransomware attack. When implementing versioning, it is useful to consider how many versions to keep and for how long. The combination will depend on both the nature of the data and your storage capacity.

By using strong encryption like AES-265 for your backup data, you can protect it from unauthorized access. This scheme helps to keep your data safe, even if someone tries to hack into your backup. You should manage the encryption keys securely and avoid storing them alongside the backups.

Network monitoring also plays an essential role in any ransomware defense strategy. This process will alert appropriate personnel when any unusual behavior or unauthorized access occurs.

Organizations that maintain digital defenses, develop and implement a robust backup strategy, and utilize regular updates are less likely to face disruptions. They also benefit from solid cyber protection strategies. These initiatives help defend them against attackers that target businesses and other entities.

Carl Mazzanti is president of eMazzanti Technologies in Hoboken, providing IT consulting and cyber security services for businesses ranging from home offices to multinational corporations.