Part One | Part Two
Ransomware Backup Protection: There is nothing quite like an incident infecting hundreds of thousands of computers globally to bring a problem into rather sharp focus. Ransomware has been with us for many years. We’ve seen a number of customer cases that prove it’s possible to survive these attacks. Without having to pay. in 2017 there have been two major ransomware attacks, WannaCry and NotPetya. As the ransomware threat continues, it’s imperative to understand how you can protect your business against ransomware. Having a strategy is a really good start.
Get a Ransomware Backup Protection Strategy
A ransomware protection strategy requires at least three elements, education, patching, and backup.
- Educate: Education of your users and your Administrators is essential to protect your business from ransomware. It’s critical that your staff and stakeholders understand what ransomware is and the significant threat it poses. Provide your teams with examples of suspicious emails. Empower them with clear instructions on what to do if they encounter a potential ransomware lure. For example, don’t open attachments, if you see something, say something about it. Conduct quarterly formal training to inform staff about the risk of ransomware and other cyber security threats.
- Patch: Antivirus software is essential for any business to protect against ransomware and other cyber risks. Ensure your security software, and all critical software elements, such as operating systems, are up to date. Keep all business applications patched and updated to minimise vulnerabilities.
- Backup: Snapshot-based incremental backups, as frequently as every five minutes, to create a series of recovery points are a feature of modern total data protection solutions. If you suffer a ransomware attack, this allows you to roll-back your data to a point-in-time before the attack. The benefit of this is two-fold. First, you don’t need to pay the ransom to get your data back. Second, since you are restoring to a point-in-time before your systems were infected, you can be certain everything is clean and the malware can not be triggered again.
Ransomware Backup Protection for Business Continuity
Survival requires preparation before an attack. Data protection technology, and ransomware backup protection best practices, are critical for mitigating the damage that ransomware attacks can inflict the Business Continuity of organisations. The possibility of getting ‘hit’ by ransomware are really rather high. And it’s not getting any better. It’s obvious backup is one line of defence against ransomware.
Most Government organisations recommend backing up frequently as a way to beat ransomware. The UK National Cyber Security Centre recommends you verify the integrity of backups and secure the backups. Ransomware backup protection is best when they are maintained offline from the production environments, because the ransomware viruses can corrupt backup copies, as well. Snapshots and replication can be vulnerable to time-delayed ransomware attacks.
The National Cyber Security Centre has recently updated it’s advice regarding backup in NCSC: Backing up your Data. It is reasonable guidance, which hopefully the NCSC will expand upon in the future. In broad terms:
- Identify what data you need to back up
- Keep your backup separate
- Consider the cloud
- Read our cloud security guidance
- Make backing-up part of your everyday business
Ransomware Backup Protection with the Cloud
Data protection vendors, such as Datto, have been adding features that will protect against ransomware. Storage vendors are also providing reporting tools that can help protect against ransomware by alerting users of anomalies occurring within files. The use of pattern detection on data and files alert administrators of unusual encryption levels, so they can intervene and limit the damage.
Serviceteam IT use a number or vendors and solutions in order to protect customer data, not only for the last line of defence against ransomware, but also to provide seamless Business Continuity. Our primary solution recommendation for small businesses is the Datto ALTO. Datto ALTO is the only continuity solution designed specifically for small business. Using image-based backup, and a hybrid cloud model, ALTO delivers enterprise-grade functionality at a small business price. The ALTO easily protects any physical, virtual and cloud infrastructure running on Windows, Mac or Linux. Spin up lost servers in seconds without the need for additional tools.
Backup automatically on schedule to a local device, and replicate backups to the Datto Cloud. Recover granular data quickly from multiple points in time, and use Datto Cloud virtualisation to get back to business in minutes. Get more than just one server back up and running; virtualize your entire Infrastructure with the click of a few buttons. Be back up and running as fast as the images can boot in Datto’s Cloud. Once the crisis is past, ALTO makes it easy to get back to normal operations. Say goodbye to business down time, and hello to fast and easy business continuity all in one product.
In 2016, Datto released the first ransomware backup detection in the industry, as part of its Total Data Protection solution. Ransomware, like most illicit software, leaves an identifiable footprint as it takes over a server, PC or laptop. Datto devices actively monitor backups, and when a ransomware footprint is detected, it notifies admins that they have a likely ransomware attack on their hands. From there, recovery is simply a matter of restoring from a previous backup. Stop worrying about ransomware and get back to business fast with Datto Ransomware Backup Protection.
To learn more about what you can to do avoid losing your data, check out our brochure: Business Continuity.