Cyber Attacks and in particular Ransomware is the stuff of absolute nightmares! While these are not new, the first attack recorded in the late 80’s in the last 3 years it has experientially grown to alarming levels.
Like other business continuity plans Board Members their IT professionals need to have a “when plan” not an “if plan”.
Defending from these types of attack fall in to 2 key areas; prevention and limiting impact.
The is no way to completely protect from cyber-based attacks, therefore strength through depth and separation is the industry best approach. This means using layers of defence, and leverage prevent and detect controls.
The number one best tool in your kit, but often thought about last is data backup. If your data is subject to attack your lifeline (without paying the ransom) is your backup!
Things to consider;
Offline Backup; this means that your backup is not connected to your network, therefore protecting it from any attack. Vulnerability is only during the backup period. However, many backups take place after working hours so automatic and immediate disconnection is required.
Cloud Backup; this provides security through physical separation as the cloud backup in not part of your infrastructure. As cloud backup can’t be taken offline you need to ensure you have the following in place;
- Strong Identity Management
- Client Management
- Access Control
Recovery Principle; having a backup is one thing, but without testing recovery this could be useless. Regular recovery testing is recommended, and with some providers this comes a standard.
3-2-1 Principle; resilient backups often follow this simple rule 3 copies, stored in 2 different place and 1 is offsite.
Regularity Principle; this is a balance the more you back up the less you will lose should you be forced to recover, but this comes at cost!
Net-Defence has chosen to partner with N-able to provide a service that meets and exceeds the minimum requirements of any business. N-able was chosen, not by sales, but by our IT Professionals.
Allowing the end user to dictate the product ensures that it does what it needs to do and is easy to manage and maintain going forward. It also means it works: no one picks apart a product like a support engineer!
Our guys loved N-Able backup because;
- No reboot installs.
- Offsite and segregated by default.
- Simple what, when and where options.
- It just worked every time.
During the testing phase of N-Able Backup we even found it was amazing at tasks for which it was not designed. Physical to virtual migration of a 10tb server with only 15 minutes downtime – no problem, just use the automatic restore option.