We are continuing our systems and cyber security series. Christopher Wright from Citadel Systems is our cyber security expert.
Today, Chris addressing backups of our company’s valuable data.
Do you have a protocol in place for backing up company information?
Do you know what to do if something happens to your system?
As we learn in today’s post, it is better to be proactive, to reduce your security, to make sure your data is protected. Chris takes us through a few options.
Unfortunately, fewer and fewer people take this recommendation to heart. While many other tasks related to computing have become ridiculously easy, this one has remained a bit cumbersome.
It’s gotten easier than the old days of tape-swapping, but it still requires some infrastructure in your business or a well-planned cloud strategy.
This lack-of-backup problem has been capitalized upon by a new threat: Ransomware. The malware usually comes by way of an email, enticing you to open an attachment. Once you do, your data is then held ransom through encryption.
You are extorted to get your data back, but may not be able to get it back at all. Other threats are less malicious but just as problematic. Say you only have your valuable data on your laptop and it gets stolen or you only have it on a single server that experiences a catastrophic hard drive failure. You’ve now lost data that is critical to your business.
Options for protection
What do you do?
Unfortunately, you don’t have many options after the data is lost. If you plan ahead, though, you have plenty of options.
Local backup comes with an additional burden of maintaining local storage. Because of this, many opt for cloud backup solutions. However, if you have security or ownership concerns, local is your solution.
Also, to protect against ransomware your solution must separate the computer from the storage.
Wrapping it up
Ransomware will scour the compromised computer for any data files even if they are on attached network storage. For now, ransomware is limited to simple ‘shared drives’ (e.g., Windows shares or SMB), but expect this to change as new variants increase in sophistication. If your backup solution must use a network-connected drive, ensure that it disconnects that drive after every backup is complete.
You reduce the risk by ensuring that the drive doesn’t stay connected, but you can’t eliminate it.
Chris Wright is the owner of Citadel Systems, Cyber Security and Systems Engineering Consulting in Central Arkansas focused on Small and Mid-Sized Businesses
Visit his website for more information about Cyber Security Consulting