There is a great deal that can go wrong with your data. Your servers can be damaged by faulty equipment, a natural disaster, or general wear and tear. A bad update can wipe out critical files in swathes, as can user error. And all of this does not even account for cybercrime, which is a constant, pressing issue for all businesses.
You, therefore, have every reason to maintain backups of critical systems and data – and no reason not to. Presumably, you already know this. But did you know that your backups themselves represent yet another attack surface for your organization?
Ransomware is Targeting Backups
Ransomware, for example, is becoming more targeted – and in some cases, criminals are aiming it at backup systems rather than primary ones.
“Cyber extortionists know that backups are their number one enemy, and are adapting their ransomware to look for them,” writes CSO Online’s Maria Korolov. “Any file system that’s attached to an infected machine is potentially vulnerable, as well as attached external hard drives and plugged-in USB sticks…If malware gets into a system and encrypts all the files, the encryption will be mirrored to the backup system as well.”
You need to protect your backups from these criminals, and from all the other myriad things that might go wrong with it.
4 Steps to Protect Backups
To that end, there are a few steps you should take:
1. Security Policies
Brainstorm security policies for your backup and disaster recovery systems. Who needs to have access to these systems, and how can you ensure they are the only ones that do? How will you monitor these systems for suspicious activity, and how will you protect the physical disks?
2. Store Backups Offsite
As I have mentioned in my previous piece, store your backups offsite, and strictly control physical access to the location. Consolidating all your critical infrastructure to a single location means that you are dead in the water if that location is brought down.
3. Password-Protect and Encrypt Backups
Password-protect and encrypt your backups. If a hacker catches wind that your backup systems are unencrypted, why should they bother stealing data directly from your servers? They can just crack the backups instead.
4. Include Backups in Your Disaster Recovery Plan
Be aware that your disaster recovery plan should also include considerations for your backup systems. A backup can be subjected to all the same threats as any other system. What will you do if your backups end up compromised or destroyed?
It is easy to forget that a backup system is, at its core, just another server rack (or server cluster). It is easy to forget that backups can fail, or be targeted by bad actors. But that is not something you should forget.
You need to protect your backups – because if you do not, then they will not be there for your business when it needs them most. For that reason, you need to choose your backup solution wisely.