The need to back up data has been around since the age of floppy disks — remember those?
Data loss happens for may reasons, such as viruses, hard drive crashes, and other mishaps. Most people who have used any type of technology have experienced data loss at least once.
There are about 140,000 hard drive crashes every week in the US alone. Every five years, 20% of SMBs suffer data loss due to a major disaster. This has helped to drive a robust cloud backup market that continues to grow.
However, one thing that has changed with data backup in the last few years is security. Simply backing up data so you don’t lose it, is no longer enough. Over time, backing up has morphed into data protection.
What does this mean?
It means that backups need more cybersecurity protection. They face threats such as sleeper ransomware and supply chain attacks. Cloud-based backup has the benefit of being convenient, accessible, and effective; but there is also a need for certain security considerations with an online service.
Companies need to consider data protection when planning a backup and recovery strategy. The tools used need to protect against the growing number of threats.
Some of the modern threats to data backups include:
- Data Centre Outage: The “cloud” basically means data on a server, and that server is internet accessible. Those servers can crash, and the data centres holding the servers can also have outages.
- Sleeper Ransomware: This type of ransomware stays silent after infecting a device. The goal is to have it infect all backups. Then, when it’s activated, the victim doesn’t have a clean backup to restore.
- Supply Chain Attacks: Supply chain attacks have been growing. They include attacks on cloud vendors that companies use. Those vendors suffer a cyberattack that then spreads throughout their clients.
- Misconfiguration: Misconfiguration of security settings can be a problem. It can allow attackers to gain access to cloud storage. Those attackers can then download and delete files as they like.
What to Look for in a Data Protection Backup System
Just backing up data isn’t enough. You need to make sure the application you use provides adequate data protection. Here are some of the things to look for when reviewing a backup solution.
Ransomware can spread throughout a network to infect any data that exists. This includes data on computers, servers, and mobile devices. It also includes data in cloud platforms syncing with those devices.
95% of ransomware attacks also try to infect data backup systems.
It’s important that any data backup solution you use has protection from ransomware. This type of feature restricts automated file changes that can happen to documents.
Continuous Data Protection
Continuous data protection is a feature that will backup files as users make changes. This differs from systems that back up on a schedule, such as once per day.
Continuous data protection ensures that the system captures the latest file changes. This mitigates data loss that can occur if a system crashes before the next backup. With the speed of data generation these days, losing a day’s worth of data can be very costly.
Data protection incorporates proactive measures to protect files. Look for threat identification functions in a backup service. Threat identification is a type of malware and virus prevention tool.
It looks for malware in new and existing backups. This helps stop sleeper ransomware and similar malware from infecting all backups.
Cybersecurity professionals around the world promote zero-trust security measures. This includes measures such as Multi Factor Authentication (MFA) and application safe-listing.
A zero-trust approach holds that all users and applications need ongoing authentication. So, just because a user is logged into the system today, doesn’t mean they are completely trusted.
Some of the zero-trust features to look for include:
- Multi Factor Authentication
- Distinct file and folder permissions
- Contextual authentication
- Verification of permissions for file changes
If you backup to a USB drive or CD, you have one copy of those files. If something happens to that copy, you’ll experience data loss.
Cloud backup providers should have backup redundancy in place. This means that the server holding your data mirrors that data to another server. This prevents data loss in the case of a server crash, natural disaster, or cyberattack.
Air Gapping for More Sensitive Data
Air gapping is a system that keeps a copy of your data offline or separated in another way. This would entail making a second backup copy of your data. Then, putting it on another server which is disconnected from external sources.
This is a feature that you may want to seek out if you deal with highly sensitive data. It helps to ensure that you have at least one other copy of your backup. A copy walled off from common internet-based attacks.
Need Help With Secure Backup and Data Protection Solutions?
Have you updated your backup process for today’s threats? Give us a call today to schedule a chat about data backup and protection.
Article used with permission from The Technology Press.