Best Practice Backup

tec support recommend that all our customers install an offsite backup solution leaving, them with not one but two backup’s in place. This is our minimum requirement for best practice data protection.

 

Why are we recommending this?

The landscape for backup & disaster recovery is almost unrecognisable to that which existed only months ago. There has been a global epidemic which has in recent weeks involved numerous high profile cybercrime attacks.

The urgency of these recommendations therefore is acute and the need for both onsite and offsite back up has never been greater.

What is ransomware?

Ransomware is a virus that when clicked on & contracted will encrypt all of the files on your network and demand a ransom, typically between €1000 and €10,000,  for them to be unlocked. The topic has been highlighted by both the Gardaí and the national media.

BACK UP: THE FACTS

DESPITE WHAT I.T. SECURITY IS IN PLACE, IT IS STILL ALMOST IMPOSSIBLE TO COMPLETELY PROTECT YOURSELF FROM CONTRACTING THIS VIRUS.
NO ONE BACKUP SOLUTION IS BULLET PROOF AND SO IT IS IMPERATIVE TO HAVE A 2ND SOLUTION TO FALL BACK ON.

Onsite Back Up only

Risks associate with choosing ONSITE backup alone:

A typical onsite backup solution will involve backup software taking a nightly image of the server and storing it on a NAS box (Network Attached Storage box). In the event of a major server error or issue, the restoration of the image from that NAS is usually the quickest route to recovery. HOWEVER:

–  Images can become corrupt and have issues in restoring. Resolving a corruption in the image may not be possible and will most certainly delay the process of restoring considerably.

– The time required to restore a full image can depend on the amount of data involved. Restoring a full image can take up to 24 hours depending on certain variables.

– The onsite backup runs via software running on your server and is stored on a piece of hardware called a NAS box. So there are many elements in the equation and a failure on any one of them can lead you to having no backup (eg. power cut causes NAS box to stall and backups do not run).

– Obviously, having only an onsite backup in place leaves you wide open to the risk of a fire destroying your primary data and also the backup device.

– Right now, Ransomware viruses do not encrypt the existing backup data on your NAS box. However, the industry believes that this will eventually occur in the next iteration of the virus at some point in the future.

Offsite Back Up Only

Risks associated with choosing OFFSITE backup only:

A typical offsite backup solution is to backup your data online. There are other forms such as tapes or removable USB hard drives but online backup is the simplest and easiest to manage because it removes the manual element and the risk of human error. The online backup runs automatically each night. However, there are things to be aware of:

– The typical online backup is a backup of the data files only.

– It does not backup a server image. Therefore, if you needed to rely on your online backup in the event of a complete server loss then your online backup will present files only.

– In an emergency, all server settings and system states need to be rebuilt. This means it is a much slower process than an onsite backup image.

– With online backup, you choose what files and folders get backed up.

– You can chose to backup as much or as little as you like.

– When we initially set it up, we are directed by the customer as to what must be backed up. But over time your staff may create files or folders outside of the backup structure and not realise this is no longer backed up.

What is the solution?

IT security professionals & experts interviewed in the media on the topic are echoing what we have been advising our customers:

1. Have proper backup systems in place that can be relied upon to restore data.

2. Ensure users are aware and trained in relation to Cyber security.

3. Full review of IT infrastructure to focus on security and ensure best practice is being adhered to.

tec support are at the coal face of this and have helped a number of our clients out of difficult situations. Our advice has always been to employ 2 backups – an onsite and an offsite. This advice has been justified with recent experience and as a result we have decided to introduce this new recommendation to encourage our customers to help us help them.

The tec support solution

  • Make sure Windows updates are running and all is up to date.
  • Review your existing backups and know what is being backed up – document this.
  • Know your RPO and RTO’s.
  • Hardware Firewall in place with advanced security software enabled with up to date firmware.
  • Anti-Malware with Anti-Ransomware software installed and up to date.
  • Implement a web filtering solution.
  • Draft an incident response plan.
  • Continued vigilance.
  • Conduct in house Security Awareness Training for entire client team (optional)

Next steps – what can I do?

  • Speak with our team to find the solution which will best suit your business at a cost which works for you.
  • Make a list of all the files and folders currently being backed up.
  • Make a list of additional files and folders you would like to add to your current back up.
  • Nominate a Security Awareness Contact within your business who will be our point of contact throughout the project and in all areas of data and cyber security thereafter.

 

Contact us today on: 091-477600 or email hello@tecsupport.com

Share This